SQL injection vulnerability in wp-uploadfile.php in the Upload File plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the f_id parameter.
Max CVSS
7.5
EPSS Score
0.10%
Published
2008-05-29
Updated
2018-10-11
SQL injection vulnerability in pwd.asp in Excuse Online allows remote attackers to execute arbitrary SQL commands via the pID parameter.
Max CVSS
7.5
EPSS Score
0.11%
Published
2008-05-29
Updated
2018-10-11
Cross-site scripting (XSS) vulnerability in news.php in Tr Script News 2.1 allows remote attackers to inject arbitrary web script or HTML via the "nb" parameter in voir mode.
Max CVSS
4.3
EPSS Score
0.20%
Published
2008-05-29
Updated
2017-08-08
Cross-site scripting (XSS) vulnerability in Calcium40.pl in Brown Bear Software Calcium 3.10 and 4.0.4 allows remote attackers to inject arbitrary web script or HTML via the CalendarName parameter in a ShowIt action.
Max CVSS
4.3
EPSS Score
0.19%
Published
2008-05-29
Updated
2018-10-11
Multiple SQL injection vulnerabilities in Simpel Side Weblosning 1 through 4 allow remote attackers to execute arbitrary SQL commands via the (1) mainid and (2) id parameters to index2.php.
Max CVSS
7.5
EPSS Score
0.13%
Published
2008-05-29
Updated
2017-09-29
Cross-site scripting (XSS) vulnerability in result.php in Simpel Side Weblosning 1 through 4 allows remote attackers to inject arbitrary web script or HTML via the search parameter.
Max CVSS
4.3
EPSS Score
0.20%
Published
2008-05-29
Updated
2017-09-29
Multiple SQL injection vulnerabilities in Simpel Side Netbutik 1 through 4 allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter to netbutik.php and the (2) id parameter to product.php.
Max CVSS
7.5
EPSS Score
0.06%
Published
2008-05-29
Updated
2017-09-29
Buffer overflow in Uploadlist in eMule X-Ray before 1.4 has unknown impact and remote attack vectors.
Max CVSS
9.3
EPSS Score
0.17%
Published
2008-05-29
Updated
2017-08-08
Unspecified vulnerability in the web server in eMule X-Ray before 1.4 allows remote attackers to trigger memory corruption via unknown attack vectors.
Max CVSS
7.5
EPSS Score
0.79%
Published
2008-05-29
Updated
2017-08-08
Multiple SQL injection vulnerabilities in PHPhotoalbum 0.5 allow remote attackers to execute arbitrary SQL commands via the (1) album parameter to thumbnails.php and the (2) pid parameter to displayimage.php.
Max CVSS
7.5
EPSS Score
0.09%
Published
2008-05-29
Updated
2017-09-29
Cross-site scripting (XSS) vulnerability in the MOStlyContent Editor (MOStlyCE) component before 3.0 for Mambo allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
4.3
EPSS Score
0.13%
Published
2008-05-29
Updated
2017-08-08

CVE-2008-2499

Public exploit
Stack-based buffer overflow in the Community Services Multiplexer (aka MUX or StMux.exe) in IBM Lotus Sametime 7.5.1 CF1 and earlier, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code via a crafted URL.
Max CVSS
7.5
EPSS Score
96.98%
Published
2008-05-29
Updated
2018-10-31
Multiple SQL injection vulnerabilities in index.php in Mambo before 4.6.4, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) articleid and (2) mcname parameters. NOTE: some of these details are obtained from third party information.
Max CVSS
7.5
EPSS Score
0.23%
Published
2008-05-28
Updated
2017-08-08
CRLF injection vulnerability in Mambo before 4.6.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
Max CVSS
5.0
EPSS Score
0.58%
Published
2008-05-28
Updated
2017-08-08
Multiple cross-site scripting (XSS) vulnerabilities in Quate CMS 0.3.4 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) index.php, (2) login.php, and (3) credits.php in admin/, and (4) upgrade/index.php.
Max CVSS
4.3
EPSS Score
0.19%
Published
2008-05-28
Updated
2017-09-29
Directory traversal vulnerability in index.php in Zina 1.0 RC3 allows remote attackers to have an unknown impact via a .. (dot dot) in the p parameter.
Max CVSS
7.5
EPSS Score
0.76%
Published
2008-05-28
Updated
2018-10-11
Cross-site scripting (XSS) vulnerability in index.php in Zina 1.0 RC3 allows remote attackers to inject arbitrary web script or HTML via the l parameter.
Max CVSS
4.3
EPSS Score
0.19%
Published
2008-05-28
Updated
2018-10-11
Cross-site scripting (XSS) vulnerability in post3/Book.asp in Campus Bulletin Board 3.4 allows remote attackers to inject arbitrary web script or HTML via the review parameter.
Max CVSS
4.3
EPSS Score
0.15%
Published
2008-05-28
Updated
2018-10-11
Multiple SQL injection vulnerabilities in Campus Bulletin Board 3.4 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to post3/view.asp and the (2) review parameter to post3/book.asp.
Max CVSS
7.5
EPSS Score
0.06%
Published
2008-05-28
Updated
2018-10-11
SQL injection vulnerability in adv_cat.php in AbleSpace 1.0 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
Max CVSS
7.5
EPSS Score
0.06%
Published
2008-05-28
Updated
2018-10-11
Cross-site scripting (XSS) vulnerability in the KJ Image Lightbox 2 (aka kj_imagelightbox2) extension 1.4.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified "user input."
Max CVSS
4.3
EPSS Score
0.22%
Published
2008-05-28
Updated
2017-08-08
SQL injection vulnerability in the Library for Frontend Plugins (aka sg_zfelib) extension 1.1.512 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified "user input."
Max CVSS
7.5
EPSS Score
0.15%
Published
2008-05-28
Updated
2017-08-08
admin/userform.php in RoomPHPlanning 1.5 does not require administrative credentials, which allows remote authenticated users to create new admin accounts.
Max CVSS
6.5
EPSS Score
1.13%
Published
2008-05-28
Updated
2017-09-29
SQL injection vulnerability in index.php in MAXSITE 1.10 and earlier allows remote attackers to execute arbitrary SQL commands via the category parameter in a webboard action.
Max CVSS
7.5
EPSS Score
0.11%
Published
2008-05-28
Updated
2017-09-29
Unspecified vulnerability in eMule Plus before 1.2d has unknown impact and attack vectors related to "staticservers.dat processing."
Max CVSS
10.0
EPSS Score
0.38%
Published
2008-05-28
Updated
2017-08-08
383 vulnerabilities found
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!