CVE-2008-0158

Directory traversal vulnerability in index.php in Shop-Script 2.0 and possibly other versions allows remote attackers to read arbitrary files via a .. (dot dot) in the aux_page parameter.

Publication date: Wed, 09 Jan 2008 06:46:00 +0000

Cyber News related to CVE-2008-0158

CVE-2006-0092 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-0992, CVE-2006-0158. Reason: this candidate was intended for one issue, but a typo caused it to be associated with a Novell/Groupwise issue. In addition, this issue was a ...
54 years ago Tenable.com

CVE-2008-0158 - Directory traversal vulnerability in index.php in Shop-Script 2.0 and possibly other versions allows remote attackers to read arbitrary files via a .. (dot dot) in the aux_page parameter. ...
6 years ago

CVE-2012-0158 - The (1) ListView, (2) ListView2, (3) TreeView, and (4) TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 ...
5 years ago

CVE-2008-1378 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-2360, CVE-2008-2361, CVE-2008-2362. Reason: This candidate has been withdrawn by its CNA. It was SPLIT into separate candidates before publication. Notes: All CVE users should ...
54 years ago Tenable.com

CVE-2008-2617 - Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than ...
6 years ago

CVE-2008-2615 - Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than ...
6 years ago

CVE-2008-2621 - Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than ...
6 years ago

CVE-2008-2622 - Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than ...
6 years ago

CVE-2008-2616 - Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than ...
6 years ago

CVE-2008-2618 - Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than ...
6 years ago

CVE-2008-2620 - Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than ...
6 years ago

CVE-2008-3892 - Buffer overflow in a certain ActiveX control in the COM API in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build ...
5 years ago

CVE-2003-0158 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0139. Reason: This candidate is a reservation duplicate of CVE-2003-0139 due to incomplete coordination. Notes: All CVE users should reference CVE-2003-0139 instead of this ...
54 years ago Tenable.com

CVE-2014-0158 - Heap-based buffer overflow in the JPEG2000 image tile decoder in OpenJPEG before 1.5.2 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file because of incorrect ...
3 years ago

CVE-2016-0158 - Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Edge Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0161. ...
5 years ago

CVE-2016-0161 - Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Edge Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0158. ...
5 years ago

CVE-2022-0158 - vim is vulnerable to Heap-based Buffer Overflow ...
1 year ago

CVE-2021-0158 - Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. ...
2 years ago

CVE-2005-0158 - Format string vulnerability in bidwatcher before 1.3.17 allows remote malicious web servers from eBay, or a spoofed eBay server, to cause a denial of service and possibly execute arbitrary code via certain responses. ...
15 years ago

CVE-2000-0158 - Buffer overflow in MMDF server allows remote attackers to gain privileges via a long MAIL FROM command to the SMTP daemon. ...
15 years ago

CVE-2010-0158 - ** DISPUTED ** SQL injection vulnerability in the JoomlaBamboo (JB) Simpla Admin template for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an article action to the com_content component, reachable through ...
14 years ago

CVE-2006-0158 - SQL injection vulnerability in index.php in CyberDoc SiteSuite CMS allows remote attackers to execute arbitrary SQL commands via the page parameter. ...
13 years ago

CVE-2015-0158 - Cross-site scripting (XSS) vulnerability in the Coach NG framework in IBM Business Process Manager (BPM) 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.1, and 8.5.5 through 8.5.5.0 allows remote attackers to inject arbitrary web script or HTML via a ...
8 years ago

CVE-2009-0158 - Stack-based buffer overflow in telnet in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long hostname for a telnet server. ...
7 years ago

CVE-2004-0158 - Buffer overflow in lbreakout2 allows local users to gain 'games' group privileges via a large HOME environment variable to (1) editor.c, (2) theme.c, (3) manager.c, (4) config.c, (5) game.c, (6) levels.c, or (7) main.c. ...
6 years ago

Latest Cyber News

CVE-2024-40605 - 7 hours ago
CVE-2024-40604 - 7 hours ago
CVE-2024-40603 - 7 hours ago
CVE-2024-40602 - 7 hours ago
CVE-2024-40601 - 7 hours ago
CVE-2024-40600 - 7 hours ago
CVE-2024-40599 - 7 hours ago
CVE-2024-40598 - 7 hours ago
CVE-2024-40596 - 7 hours ago
CVE-2024-40597 - 7 hours ago
CVE-2024-6095 - 13 hours ago
CVE-2024-37554 - 14 hours ago
CVE-2024-37553 - 15 hours ago
CVE-2024-37547 - 16 hours ago
CVE-2024-37546 - 16 hours ago
CVE-2024-37542 - 18 hours ago
CVE-2024-37541 - 18 hours ago
CVE-2024-37539 - 18 hours ago
CVE-2024-39486 - 21 hours ago
CVE-2024-37260 - 21 hours ago

Cyber Trends (last 7 days)

Okta - 7 months ago
23andMe - 7 months ago
Kimsuky - 7 months ago
LogoFAIL - 6 months ago
Gh0st rat - 7 months ago

Trending Cyber News (last 7 days)

CVE-2024-40605 - 7 hours ago
CVE-2024-40604 - 7 hours ago
CVE-2024-40603 - 7 hours ago
CVE-2024-40602 - 7 hours ago
CVE-2024-40601 - 7 hours ago
CVE-2024-40600 - 7 hours ago
CVE-2024-40599 - 7 hours ago
CVE-2024-40598 - 7 hours ago
CVE-2024-40596 - 7 hours ago
CVE-2024-40597 - 7 hours ago
CVE-2024-6095 - 13 hours ago
CVE-2024-37553 - 15 hours ago
CVE-2024-37554 - 14 hours ago
CVE-2024-37547 - 16 hours ago
CVE-2024-37546 - 16 hours ago
CVE-2024-37542 - 18 hours ago
CVE-2024-37541 - 18 hours ago
CVE-2024-37539 - 18 hours ago
CVE-2024-39486 - 21 hours ago
CVE-2024-37260 - 21 hours ago