CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2026 matches found

securityvulns•added 2008/12/17 12:0 a.m.•49 views

CVE-2008-1094 - Barracuda Span Firewall SQL Injection Vulnerability

CVE Number: CVE-2008-1094 Vulnerability: SQL Injection Risk: Medium Attack vector: From Remote Vulnerability Discovered: 16th June 2008 Vendor Notified: 16th June 2008 Advisory Released: 15th December 2008 Abstract Barracuda Networks Spam Firewall is vulnerable to various SQL Injection attacks...

6.5CVSS1.2AI score0.0198EPSS

Exploits8

Zero Day Initiative•added 2008/12/04 12:0 a.m.•30 views

Trillian AIM Plugin Malformed XML Tag Heap Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cerulean Studios Trillian. Authentication is not required to exploit this vulnerability. The specific flaw exists within the XML processing code for Trillian. When parsing a malformed XML tag, the...

10CVSS4.9AI score0.07929EPSS

Exploits0References1

Exploit DB•added 2008/11/03 12:0 a.m.•83 views

Apoll 0.7b - Authentication Bypass

Apoll version Remote Auth Bypass Vulnerability version: beta 0.7 script dwonload: http://www.miticdjd.com/download/3/ ---------------------------------------------------------- Discovered By: ZoRLu Date: 03.11.2008 Home: www.z0rlu.blogspot.com contact: [email protected] N0T: YALNIZLIK, YiTiRDi...

7AI score

Exploits0

CVE•added 2008/10/17 9:0 p.m.•57 views

CVE-2008-4598

Technical details for CVE-2008-4598 are not publicly available in the provided documents. Monitor for updates from NVD/Drupal advisories.

7.5CVSS6AI score0.01107EPSS

Exploits0References3Affected Software1

exploitpack•added 2008/09/22 12:0 a.m.•11 views

Fuzzylime (cms) 3.0 - usercheck.php Cross-Site Scripting

Fuzzylime cms 3.0 - usercheck.php Cross-Site Scripting source: https://www.securityfocus.com/bid/31306/info fuzzylime cms is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Exploiting this vulnerability may allow an attacker to perform...

6.8AI score

Exploits0

Cvelist•added 2008/08/06 6:0 p.m.•15 views

CVE-2008-3504

Unspecified vulnerability in mask PHP File Manager mPFM before 2.3 has unknown impact and remote attack vectors related to "manipulation of cookies."...

6.6AI score0.01119EPSS

Exploits0References4

Packet Storm•added 2008/07/22 12:0 a.m.•16 views

modjk1219-overflow.txt

!/usr/bin/python / | || | | | | | | | | /| | | | | || ||| ||||| || C. H. R. O. O. T. SECURITY GROUP - -- ----- --- -- -- ---- --- -- - http://www.chroot.org Hacks In Taiwan | || | | | | | | | Conference 2008 | | | | | | | | | || ||| || |||| http://www.hitcon.org Title =======:: Apache modjk...

7.4AI score

Exploits0

Exploit DB•added 2008/07/22 12:0 a.m.•28 views

Claroline 1.8 - 'user/user.php' Query String Cross-Site Scripting

source: https://www.securityfocus.com/bid/30346/info Claroline is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

7.4AI score

Exploits0

CVE•added 2008/07/18 4:0 p.m.•51 views

CVE-2008-3228

CVE-2008-3228 affects Joomla! prior to 1.5.4. The issue is that the .htaccess configuration does not apply certain security checks that are described as blocking common exploits for SEF URLs. The impact is explicitly stated as unknown, and the description notes remote attack vectors without detai...

7.5CVSS6.7AI score0.01164EPSS

Exploits0References4Affected Software1

Prion•added 2008/07/15 11:41 p.m.•16 views

Code injection

Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than CVE-2008-2616, CVE-2008-2617, CVE-2008-2618, CVE-2008-2620,...

6.5CVSS5.9AI score0.01569EPSS

Exploits0References8Affected Software2

CVE•added 2008/07/15 11:0 p.m.•54 views

CVE-2008-2621

CVE-2008-2621 affects Oracle PeopleSoft Enterprise (PeopleTools) with 8.48.17 and 8.49.11. The connected PeopleSoft/JD Edwards entry lists CVE-2008-2621 under PeopleSoft PeopleTools with a CVSS v2 base score of 4.0 (Medium). The risk matrix indicates the vulnerability requires a valid session (au...

4CVSS5.7AI score0.01322EPSS

Exploits0References8Affected Software3

CVE•added 2008/07/15 11:0 p.m.•111 views

CVE-2008-2603

CVE-2008-2603 is an Oracle Enterprise Manager (Database Control) cross-site scripting vulnerability affecting 10gR1/10gR2/11.1.0.6 where the REFRESHCHOICE parameter can inject arbitrary script/HTML. The issue originates from the July 2008 CPU advisory; vendors released a patch as part of the CPU....

3.5CVSS4.8AI score0.01204EPSS

Exploits0References9Affected Software1

CVE•added 2008/07/15 11:0 p.m.•130 views

CVE-2008-2579

CVE-2008-2579 affects WebLogic Server Plugins for Apache, Sun and IIS web servers bundled with BEA/Oracle WebLogic, specifically in BEA Product Suite versions 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7. The vulnerability is described as unspecified with unknown impact, but multipl...

7.5CVSS6.2AI score0.03093EPSS

Exploits0References10Affected Software1

CVE•added 2008/07/15 11:0 p.m.•49 views

CVE-2008-2598

CVE-2008-2598 affects the TimesTen Client/Server component of Oracle TimesTen In‑Memory Database 7.0.3.0.0. It is exploitable remotely over HTTP without authentication (CVSS v2 base 5.0, Network) and is fixed in TimesTen Server 7.0.4.0.0. Upgrade to 7.0.4.0.0 or later. Related CVEs (2597, 2599) h...

7.5CVSS6.1AI score0.02003EPSS

Exploits0References7Affected Software2

exploitpack•added 2008/07/15 12:0 a.m.•12 views

Claroline 1.8.9 - workwork.php Cross-Site Scripting

Claroline 1.8.9 - workwork.php Cross-Site Scripting source: https://www.securityfocus.com/bid/30269/info Claroline is prone to multiple input-validation vulnerabilities: 1. Multiple cross-site scripting vulnerabilities. 2. A remote URI-redirection vulnerability. An attacker may leverage these...

6.8AI score

Exploits0

Prion•added 2008/06/30 10:41 p.m.•18 views

Cross site scripting

Cross-domain vulnerability in Microsoft Internet Explorer 6 and 7 allows remote attackers to change the location property of a frame via the String data type, and use a frame from a different domain to observe domain-independent events, as demonstrated by observing onkeydown events with...

6.8CVSS6.6AI score0.24744EPSS

Exploits1References5Affected Software1

Exploit DB•added 2008/06/16 12:0 a.m.•33 views

GlassFish Application Server - '/resourceNode/jdbcConnectionPoolNew1.jsf' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/29751/info Sun Glassfish is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user ...

7.4AI score

Exploits0

securityvulns•added 2008/06/11 12:0 a.m.•38 views

Microsoft Vista speech recognition unauthorized access

Speech recognition may be used as an attack vector against client computer with e.h. HTML page with embedded sound...

7.6CVSS1.6AI score0.1722EPSS

Exploits1References2

Exploit DB•added 2008/06/06 12:0 a.m.•23 views

ALFTP FTP Client 4.1/5.0 - 'LIST' Directory Traversal

source: https://www.securityfocus.com/bid/29585/info ALFTP is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. This issue occurs in the FTP client. Exploiting this issue will allow an attacker to write arbitrary files to...

7.4AI score

Exploits0

seebug.org•added 2008/06/05 12:0 a.m.•48 views

Solaris 2.5.1/2.6/7/8 rlogin /bin/login Buffer Overflow Exploit (SPARC)

No description provided by source. / $Id: raptorrlogin.c,v 1.1 2004/12/04 14:44:38 raptor Exp $ raptorrlogin.c - rlogin, Solaris/SPARC 2.5.1/2.6/7/8 Copyright c 2004 Marco Ivaldi [email protected] Buffer overflow in login in various System V based operating systems ...

10CVSS0.5AI score0.88726EPSS

Exploits27

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by