Total
6072 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-2428 | 1 Ahhp-portal | 1 Ahhp-portal | 2025-04-09 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in page.php in Ahhp-Portal allow remote attackers to execute arbitrary PHP code via a URL in the (1) fp or (2) sc parameter. | ||||
| CVE-2008-1997 | 1 Ibm | 1 Db2 | 2025-04-09 | N/A |
| Unspecified vulnerability in the ADMIN_SP_C2 procedure in IBM DB2 8 before FP16, 9.1 before FP4a, and 9.5 before FP1 allows remote authenticated users to execute arbitrary code via unknown vectors. NOTE: the ADMIN_SP_C issue is already covered by CVE-2008-0699. | ||||
| CVE-2008-2016 | 1 Chilkat Software | 1 Chicomas | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in Chilek Content Management System (aka ChiCoMaS) 2.0.4 allows remote attackers to execute arbitrary PHP code via a URL in the lang parameter to the default URI under install/. NOTE: this can also be leveraged to include and execute arbitrary local files via directory traversal sequences. | ||||
| CVE-2008-2041 | 1 Egroupware | 1 Egroupware | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in eGroupWare before 1.4.004 have unspecified attack vectors and "grave" impact when the web server has write access to a directory under the web document root. | ||||
| CVE-2008-3207 | 1 Pragyan | 1 Praygan Cms | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in cms/modules/form.lib.php in Pragyan CMS 2.6.2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the (1) sourceFolder or (2) moduleFolder parameter. | ||||
| CVE-2008-2192 | 1 Itcms | 1 Itcms | 2025-04-09 | N/A |
| Static code injection vulnerability in box/minichat/boxpop.php in IT!CMS (aka itcms) 1.9 allows remote attackers to inject arbitrary PHP code into box/MiniChat/data/shouts.php via the shout parameter. | ||||
| CVE-2008-2193 | 1 Scorpnews | 1 Scorpnews | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in example.php in Thomas Gossmann ScorpNews 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the site parameter. | ||||
| CVE-2008-2195 | 1 Deluxebb | 1 Deluxebb | 2025-04-09 | N/A |
| Static code injection vulnerability in admincp.php in DeluxeBB 1.2 and earlier allows remote authenticated administrators to inject arbitrary PHP code into logs/cp.php via the URI. | ||||
| CVE-2008-2199 | 1 Kkeim | 1 Kmita Mail | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in kmitaadmin/kmitam/htmlcode.php in Kmita Mail 3.0 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the file parameter. | ||||
| CVE-2008-2224 | 1 Sazcart | 1 Sazcart | 2025-04-09 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in SazCart 1.5.1, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) _saz[settings][site_dir] parameter to layouts/default/header.saz.php and the (2) _saz[settings][site_url] parameter to admin/alayouts/default/pages/login.php. | ||||
| CVE-2008-2220 | 1 Interact | 1 Interact | 2025-04-09 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Interact Learning Community Environment Interact 2.4.1, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) CONFIG[LANGUAGE_CPATH] parameter to modules/forum/embedforum.php and the (2) CONFIG[BASE_PATH] parameter to modules/scorm/lib.inc.php, different vectors than CVE-2006-4448. | ||||
| CVE-2008-2233 | 1 Openwsman | 1 Openwsman | 2025-04-09 | N/A |
| The client in Openwsman 1.2.0 and 2.0.0, in unknown configurations, allows remote Openwsman servers to replay SSL sessions via unspecified vectors. | ||||
| CVE-2008-2253 | 1 Microsoft | 3 Windows-nt, Windows Media Player, Windows Xp | 2025-04-09 | N/A |
| Unspecified vulnerability in Microsoft Windows Media Player 11 allows remote attackers to execute arbitrary code via a crafted audio-only file that is streamed from a Server-Side Playlist (SSPL) on Windows Media Server, aka "Windows Media Player Sampling Rate Vulnerability." | ||||
| CVE-2008-2270 | 1 Phpway | 1 Kostenloses Linkmanagementscript | 2025-04-09 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in PHPWAY Kostenloses Linkmanagementscript allow remote attackers to execute arbitrary PHP code via a URL in the (1) main_page_directory and (2) page_to_include parameters in template\index.php. | ||||
| CVE-2008-2275 | 1 Typo3 | 1 Sr Feuser Register Extension | 2025-04-09 | N/A |
| Unspecified vulnerability in sr_feuser_register 1.4.0, 1.6.0, 2.2.1 to 2.2.7, 2.3.0 to 2.3.6, 2.4.0, and 2.5.0 to 2.5.9 extension for TYPO3 allows remote attackers to execute arbitrary code and delete arbitrary files via unspecified attack vectors. | ||||
| CVE-2008-2284 | 1 Fusebox | 1 Fusebox | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in fusebox5.php in Fusebox 5.5.1 allows remote attackers to execute arbitrary PHP code via a URL in the FUSEBOX_APPLICATION_PATH parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-3294 | 1 Vim | 1 Vim | 2025-04-09 | N/A |
| src/configure.in in Vim 5.0 through 7.1, when used for a build with Python support, does not ensure that the Makefile-conf temporary file has the intended ownership and permissions, which allows local users to execute arbitrary code by modifying this file during a time window, or by creating it ahead of time with permissions that prevent its modification by configure. | ||||
| CVE-2008-2480 | 1 Plusphp | 1 Plusphp Short Url Multi-user Script | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in plus.php in plusPHP Short URL Multi-User Script 1.6 allows remote attackers to execute arbitrary PHP code via a URL in the _pages_dir parameter. | ||||
| CVE-2008-2638 | 1 1-script | 1 1-book | 2025-04-09 | N/A |
| Static code injection vulnerability in guestbook.php in 1Book 1.0.1 and earlier allows remote attackers to upload arbitrary PHP code via the message parameter in an HTML webform, which is written to data.php. | ||||
| CVE-2008-2689 | 1 Browsercrm | 1 Browsercrm | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in pub/clients.php in BrowserCRM 5.002.00 allows remote attackers to execute arbitrary PHP code via a URL in the bcrm_pub_root parameter. | ||||