CVE-2008-1493

Directory traversal vulnerability in login.php in Cuteflow Bin 1.5.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter.

Publication date: Wed, 26 Mar 2008 00:44:00 +0000

Cyber News related to CVE-2008-1493

CVE-2015-0246 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-1493. Reason: This candidate is a reservation duplicate of CVE-2015-1493. Notes: All CVE users should reference CVE-2015-1493 instead of this candidate. All references and ...
54 years ago Tenable.com

CVE-2008-1493 - Directory traversal vulnerability in login.php in Cuteflow Bin 1.5.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter. ...
6 years ago

CVE-2008-1378 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-2360, CVE-2008-2361, CVE-2008-2362. Reason: This candidate has been withdrawn by its CNA. It was SPLIT into separate candidates before publication. Notes: All CVE users should ...
54 years ago Tenable.com

CVE-2008-2617 - Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than ...
7 years ago

CVE-2008-2615 - Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than ...
7 years ago

CVE-2008-2621 - Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than ...
7 years ago

CVE-2008-2622 - Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than ...
7 years ago

CVE-2008-2616 - Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than ...
7 years ago

CVE-2008-2618 - Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than ...
7 years ago

CVE-2008-2620 - Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than ...
7 years ago

CVE-2008-3892 - Buffer overflow in a certain ActiveX control in the COM API in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build ...
6 years ago

CVE-2006-1493 - Cross-site scripting (XSS) vulnerability in dir.php in Explorer XP allows remote attackers to inject arbitrary web script or HTML via the chemin parameter. NOTE: it is possible that this issue is resultant from CVE-2006-1492. ...
7 years ago

CVE-2007-1493 - nukesentinel.php in NukeSentinel 2.5.06 and earlier uses a permissive regular expression to validate an IP address, which allows remote attackers to execute arbitrary SQL commands via the Client-IP HTTP header, due to an incomplete patch for ...
6 years ago

CVE-2013-0809 - Unspecified vulnerability in the 2D component in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code via ...
2 years ago

CVE-2012-1493 - F5 BIG-IP appliances 9.x before 9.4.8-HF5, 10.x before 10.2.4, 11.0.x before 11.0.0-HF2, and 11.1.x before 11.1.0-HF3, and Enterprise Manager before 2.1.0-HF2, 2.2.x before 2.2.0-HF1, and 2.3.x before 2.3.0-HF3, use a single SSH private key across ...
12 years ago

CVE-2004-1493 - Master of Orion III 1.2.5 and earlier allows remote attackers to cause a denial of service (server crash) via multiple connections with long nicknames, possibly triggering a buffer overflow. ...
7 years ago

CVE-2005-1493 - Directory traversal vulnerability in SimpleCam 1.2 allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the URL. ...
7 years ago

CVE-2003-1493 - Memory leak in HP OpenView Network Node Manager (NNM) 6.2 and 6.4 allows remote attackers to cause a denial of service (memory exhaustion) via crafted TCP packets. ...
7 years ago

CVE-2010-1493 - SQL injection vulnerability in the AWDwall (com_awdwall) component before 1.5.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cbuser parameter in an awdwall action to index.php. ...
7 years ago

CVE-2009-1493 - The customDictionaryOpen spell method in the JavaScript API in Adobe Reader 9.1, 8.1.4, 7.1.1, and earlier on Linux and UNIX allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that ...
7 years ago

CVE-2002-1493 - Cross-site scripting (XSS) vulnerability in Lycos HTMLGear guestbook allows remote attackers to inject arbitrary script via (1) STYLE attributes or (2) SRC attributes in an IMG tag. ...
7 years ago

CVE-1999-1493 - Vulnerability in crp in Hewlett Packard Apollo Domain OS SR10 through SR10.3 allows remote attackers to gain root privileges via insecure system calls, (1) pad_$dm_cmd and (2) pad_$def_pfk(). ...
6 years ago

CVE-2016-1493 - Intel Driver Update Utility before 2.4 retrieves driver updates in cleartext, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted file. ...
6 years ago

CVE-2017-1493 - IBM UrbanCode Deploy (UCD) 6.1 and 6.2 could allow an authenticated user to edit objects that they should not have access to due to improper access controls. IBM X-Force ID: 128691. ...
5 years ago

CVE-2014-1493 - Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and ...
4 years ago

Latest Cyber News

CVE-2024-52739 - 1 day ago
CVE-2018-9483 - 1 day ago
CVE-2018-9485 - 1 day ago
CVE-2018-9487 - 1 day ago
CVE-2018-9470 - 1 day ago
CVE-2018-9472 - 1 day ago
CVE-2018-9477 - 1 day ago
CVE-2024-11492 - 1 day ago
CVE-2024-52770 - 1 day ago
CVE-2024-52796 - 1 day ago
CVE-2024-52769 - 1 day ago
CVE-2024-51162 - 1 day ago
CVE-2024-52725 - 1 day ago
CVE-2024-11491 - 1 day ago
CVE-2024-11490 - 1 day ago
CVE-2024-11488 - 1 day ago
CVE-2024-11486 - 1 day ago
CVE-2024-11487 - 1 day ago
CVE-2024-11485 - 1 day ago
CVE-2024-52471 - 1 day ago

Cyber Trends (last 7 days)

Okta - 11 months ago
23andMe - 11 months ago
Kimsuky - 11 months ago
LogoFAIL - 11 months ago
Gh0st rat - 11 months ago

Trending Cyber News (last 7 days)

CVE-2024-52282 - 3 days ago
CVE-2024-11278 - 1 day ago
CVE-2024-9653 - 1 day ago
CVE-2024-10515 - 1 day ago
CVE-2024-52614 - 1 day ago
CVE-2024-9239 - 1 day ago
CVE-2024-10855 - 1 day ago
CVE-2024-10899 - 1 day ago
CVE-2024-10900 - 1 day ago
CVE-2024-11277 - 1 day ago
CVE-2024-48895 - 1 day ago
CVE-2024-47865 - 1 day ago
CVE-2024-52033 - 1 day ago
CVE-2024-11176 - 1 day ago
CVE-2024-10126 - 1 day ago
CVE-2024-10127 - 1 day ago
CVE-2024-11179 - 1 day ago
CVE-2024-11494 - 1 day ago
CVE-2024-10665 - 1 day ago
CVE-2024-10891 - 1 day ago