Total
5468 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-6506 | 1 Phpbb | 1 Phpbb | 2025-04-09 | N/A |
| Unspecified vulnerability in phpBB before 3.0.4 allows attackers to bypass intended access restrictions and activate de-activated accounts via unknown vectors. | ||||
| CVE-2008-6494 | 1 Robs-projects | 1 Asp User Engine.net | 2025-04-09 | N/A |
| ASP User Engine.NET stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for users.mdb. | ||||
| CVE-2008-6399 | 1 Dotnetnuke | 1 Dotnetnuke | 2025-04-09 | N/A |
| Unspecified vulnerability in DotNetNuke 4.5.2 through 4.9 allows remote attackers to "add additional roles to their user account" via unknown attack vectors. | ||||
| CVE-2008-6388 | 1 4u2ges | 1 Rapid Classified | 2025-04-09 | N/A |
| Rapid Classified 3.1 and 3.15 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to cldb.mdb. | ||||
| CVE-2008-6375 | 1 Nexusjnr | 1 Jbook | 2025-04-09 | N/A |
| JBook stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to userids.mdb. | ||||
| CVE-2008-6374 | 1 Codefixer | 1 Mailinglistpro | 2025-04-09 | N/A |
| CodefixerSoftware MailingListPro Free Edition stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to db/MailingList.mdb. | ||||
| CVE-2008-6357 | 1 Donnafontenot | 1 Mycal Personal Events Calendar | 2025-04-09 | N/A |
| MyCal Personal Events Calendar stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing the username and password via a direct request to mycal.mdb. | ||||
| CVE-2008-6302 | 1 Turnkeyforms | 1 Local Classifieds | 2025-04-09 | N/A |
| TurnkeyForms Local Classifieds allows remote attackers to bypass authentication and gain administrative access via a direct request to Site_Admin/admin.php. | ||||
| CVE-2008-6296 | 1 Maran | 1 Php Shop | 2025-04-09 | N/A |
| admin.php in Maran PHP Shop allows remote attackers to bypass authentication and gain administrative access by setting the user cookie to "demo." | ||||
| CVE-2008-6294 | 1 Accscripts | 1 Acc Statistics | 2025-04-09 | N/A |
| admin/Index.php in Acc Statistics 1.1 allows remote attackers to bypass authentication and gain administrative access by setting the username_cookie cookie to "admin." | ||||
| CVE-2008-6293 | 1 Accscripts | 1 Acc Real Estate | 2025-04-09 | N/A |
| admin/Index.php in Acc Real Estate 4.0 allows remote attackers to bypass authentication and gain administrative access by setting the username_cookie to "admin." | ||||
| CVE-2008-6292 | 1 Accscripts | 1 Acc Autos | 2025-04-09 | N/A |
| Acc Autos 4.0 allows remote attackers to bypass authentication and gain administrative access by setting the (1) username_cookie to "admin," (2) right_cookie to "1," and (3) id_cookie to "1." | ||||
| CVE-2008-6291 | 1 Accscripts | 1 Acc Php Email | 2025-04-09 | N/A |
| Acc PHP eMail 1.1 allows remote attackers to bypass authentication and gain administrative access by setting the NEWSLETTERLOGIN cookie to "admin". | ||||
| CVE-2008-6125 | 2 Debian, Moodle | 2 Debian Linux, Moodle | 2025-04-09 | N/A |
| Unspecified vulnerability in the user editing interface in Moodle 1.5.x, 1.6 before 1.6.6, and 1.7 before 1.7.3 allows remote authenticated users to gain privileges via unknown vectors. | ||||
| CVE-2008-6057 | 1 Liberum | 1 Liberum Help Desk | 2025-04-09 | N/A |
| Doug Luxem Liberum Help Desk 0.97.3 stores db/helpdesk2000.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request. | ||||
| CVE-2008-6055 | 1 Preprojects | 1 Pre Classified Listings | 2025-04-09 | N/A |
| PreProjects Pre Classified Listings stores pclasp.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request. | ||||
| CVE-2008-6053 | 1 Preprojects | 1 Pre Resume Submitter | 2025-04-09 | N/A |
| PreProjects Pre Resume Submitter stores onlineresume.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request. | ||||
| CVE-2008-6008 | 1 Herongyang | 1 Hybook | 2025-04-09 | N/A |
| hyBook Guestbook Script stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing a password via a direct request for hyBook.mdb. | ||||
| CVE-2008-6051 | 1 Metalinks | 1 Metacart | 2025-04-09 | N/A |
| MetaCart Free stores metacart.mdb under the web root with insufficient access control, which allows remote attackers to obtain usernames and passwords via a direct request. | ||||
| CVE-2008-5981 | 1 Pacosdrivers | 1 Pacpoll | 2025-04-09 | N/A |
| PacPoll 4.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for (1) poll.mdb or (2) poll97.mdb. | ||||