Total
4114 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-0403 | 1 Belkin | 1 F5d9230-4 | 2025-04-09 | N/A |
| The web server in Belkin Wireless G Plus MIMO Router F5D9230-4 does not require authentication for SaveCfgFile.cgi, which allows remote attackers to read and modify configuration via a direct request to SaveCfgFile.cgi. | ||||
| CVE-2009-1580 | 2 Redhat, Squirrelmail | 2 Enterprise Linux, Squirrelmail | 2025-04-09 | N/A |
| Session fixation vulnerability in SquirrelMail before 1.4.18 allows remote attackers to hijack web sessions via a crafted cookie. | ||||
| CVE-2007-3050 | 1 Chameleon Cms | 1 Chameleon Cms | 2025-04-09 | N/A |
| Session fixation vulnerability in chameleon cms 3.0 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter. | ||||
| CVE-2008-3211 | 1 Scripteen | 1 Free Image Hosting Script | 2025-04-09 | N/A |
| Scripteen Free Image Hosting Script 1.2 and 1.2.1 allows remote attackers to bypass authentication and gain administrative access by setting the cookid cookie value to 1. | ||||
| CVE-2008-6864 | 1 Xigla | 1 Absolute Live Support .net | 2025-04-09 | N/A |
| Xigla Software Absolute Live Support .NET 5.1 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. | ||||
| CVE-2008-6863 | 1 Xigla | 1 Absolute Form Processor.net | 2025-04-09 | N/A |
| Xigla Software Absolute Form Processor .NET 4.0 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. | ||||
| CVE-2008-6862 | 1 Xigla | 1 Absolute Content Rotator | 2025-04-09 | N/A |
| Absolute Content Rotator 6.0 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. | ||||
| CVE-2008-3203 | 1 Auracms | 1 Auracms | 2025-04-09 | N/A |
| js/pages/pages_data.php in AuraCMS 2.2 through 2.2.2 does not perform authentication, which allows remote attackers to add, edit, and delete web content via a modified id parameter. | ||||
| CVE-2008-6861 | 1 Xigla | 1 Absolute Newsletter | 2025-04-09 | N/A |
| Xigla Software Absolute Newsletter 6.0 and 6.1 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. | ||||
| CVE-2008-6860 | 1 Xigla | 1 Absolute Poll Manager Xe | 2025-04-09 | N/A |
| Xigla Software Absolute Poll Manager XE 4.1 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. | ||||
| CVE-2008-6859 | 1 Xigla | 1 Absolute Control Panel Xe | 2025-04-09 | N/A |
| Xigla Software Absolute Control Panel XE 1.5 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. | ||||
| CVE-2008-6858 | 1 Xigla | 1 Absolute Banner Manager.net | 2025-04-09 | N/A |
| Absolute Banner Manager .NET 4.0 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. | ||||
| CVE-2008-6857 | 1 Xigla | 1 Absolute Podcast.net | 2025-04-09 | N/A |
| Absolute Podcast .NET 1.0 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. | ||||
| CVE-2008-6815 | 1 Myktools | 1 Myktools | 2025-04-09 | N/A |
| mykdownload.php in MyKtools 2.4 does not require administrative authentication, which allows remote attackers to read a database backup by making a direct request, and then sending an unspecified request to the download page for the backup. | ||||
| CVE-2008-2920 | 1 Ezcms | 1 Eztechhelp Ezcms | 2025-04-09 | N/A |
| admin/filemanager/ (aka the File Manager) in EZTechhelp EZCMS 1.2 and earlier does not require authentication, which allows remote attackers to create, modify, read, and delete files. | ||||
| CVE-2008-6804 | 1 Tribiq | 1 Tribiq Cms | 2025-04-09 | N/A |
| Tribiq CMS 5.0.9a beta allows remote attackers to bypass authentication and gain administrative access by setting the COOKIE_LAST_ADMIN_USER and COOKIE_LAST_ADMIN_LANG cookies. NOTE: a third party reports that the vendor disputes the existence of this issue | ||||
| CVE-2008-5040 | 1 Graphiks | 1 Myforum | 2025-04-09 | N/A |
| Graphiks MyForum 1.3 allows remote attackers to bypass authentication and gain administrative access by setting the (1) myforum_login and (2) myforum_pass cookies to 1. | ||||
| CVE-2008-2833 | 1 Worldlevel | 1 Le.cms | 2025-04-09 | N/A |
| admin/upload.php in le.cms 1.4 and earlier allows remote attackers to bypass administrative authentication, and upload and execute arbitrary files in images/, via a nonzero value for the submit0 parameter in conjunction with filenames in the filename and upload parameters. | ||||
| CVE-2008-2801 | 2 Mozilla, Redhat | 3 Firefox, Seamonkey, Enterprise Linux | 2025-04-09 | N/A |
| Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly implement JAR signing, which allows remote attackers to execute arbitrary code via (1) injection of JavaScript into documents within a JAR archive or (2) a JAR archive that uses relative URLs to JavaScript files. | ||||
| CVE-2007-2243 | 1 Openbsd | 1 Openssh | 2025-04-09 | N/A |
| OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabled, allows remote attackers to determine the existence of user accounts by attempting to authenticate via S/KEY, which displays a different response if the user account exists, a similar issue to CVE-2001-1483. | ||||