CyberSecurityBoard
Sponsor Register Login

CVE-2008-2860

SQL injection vulnerability in category.php in AJSquare AJ Auction Pro web 2.0 allows remote attackers to execute arbitrary SQL commands via the cate_id parameter.

Publication date: Wed, 25 Jun 2008 17:36:00 +0000


Cyber News related to CVE-2008-2860

CVE-2008-2860 - SQL injection vulnerability in category.php in AJSquare AJ Auction Pro web 2.0 allows remote attackers to execute arbitrary SQL commands via the cate_id parameter. ...
7 years ago
CVE-2020-18169 - ** DISPUTED ** A vulnerability in the Windows installer XML (WiX) toolset of TechSmith Snagit 19.1.1.2860 allows attackers to escalate privileges. NOTE: Exploit of the Snagit installer would require the end user to ignore other safety mechanisms ...
2 years ago
CVE-2009-2860 - Unspecified vulnerability in db2jds in IBM DB2 8.1 before FP18 allows remote attackers to cause a denial of service (service crash) via "malicious packets." ...
15 years ago
CVE-2014-2860 - Multiple cross-site scripting (XSS) vulnerabilities in PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allow remote attackers to inject arbitrary web script or HTML via a crafted HTTP request to a (1) ColdFusion or (2) JavaScript component. ...
10 years ago
CVE-2005-2860 - Cross-site scripting (XSS) vulnerability in Nikto 1.35 and earlier allows remote attackers to inject arbitrary web script or HTML via the Server field in an HTTP response header, which is directly injected into an HTML report. ...
8 years ago
CVE-2015-2860 - Directory traversal vulnerability in Avigilon Control Center (ACC) 4 before 4.12.0.54 and 5 before 5.4.2.22 allows remote attackers to read arbitrary files via a crafted help/ URL. ...
7 years ago
CVE-2012-2860 - The date-picker implementation in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other ...
7 years ago
CVE-2013-2860 - Use-after-free vulnerability in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving access to a database API by a worker process. ...
7 years ago
CVE-2010-2860 - The EMC Celerra Network Attached Storage (NAS) appliance accepts external network traffic to IP addresses intended for an intranet network within the appliance, which allows remote attackers to read, create, or modify arbitrary files in the user data ...
6 years ago
CVE-2007-2860 - user.php in BoastMachine 3.0 platinum allows remote authenticated users to gain privileges via a modified id parameter, as demonstrated by an edit_post action. ...
6 years ago
CVE-2006-2860 - PHP remote file inclusion vulnerability in Webspotblogging 3.0.1 allows remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) inc/logincheck.inc.php, (2) inc/adminheader.inc.php, (3) inc/global.php, or (4) ...
6 years ago
CVE-2018-2860 - Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.1.36 and Prior to 5.2.10. Easily exploitable vulnerability allows high privileged attacker with ...
5 years ago
CVE-2011-2860 - Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to table styles. ...
4 years ago
CVE-2017-2860 - An exploitable denial-of-service vulnerability exists in the lookup entry functionality of KeyTrees in Natus Xltek NeuroWorks 8. A specially crafted network packet can cause an out-of-bounds read, resulting in a denial of service. An attacker can ...
2 years ago
CVE-2022-2860 - Insufficient policy enforcement in Cookies in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to bypass cookie prefix restrictions via a crafted HTML page. ...
2 years ago
CVE-2023-2860 - An out-of-bounds read vulnerability was found in the SR-IPv6 implementation in the Linux kernel. The flaw exists within the processing of seg6 attributes. The issue results from the improper validation of user-supplied data, which can result in a ...
1 year ago
CVE-2020-2860 - Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network ...
4 years ago
CVE-2019-2860 - Vulnerability in the Oracle Clusterware component of Oracle Support Tools (subcomponent: Trace File Analyzer (TFA) Collector). The supported version that is affected is 12.1.0.2.0. Difficult to exploit vulnerability allows unauthenticated attacker ...
4 years ago
CVE-2016-2860 - The newEntry function in ptserver/ptprocs.c in OpenAFS before 1.6.17 allows remote authenticated users from foreign Kerberos realms to bypass intended access restrictions and create arbitrary groups as administrators by leveraging mishandling of the ...
54 years ago Tenable.com
CVE-2024-2860 - The PostgreSQL implementation in Brocade SANnav versions before 2.3.0a is vulnerable to an incorrect local authentication flaw. An attacker accessing the VM where the Brocade SANnav is installed can gain access to sensitive data inside the PostgreSQL ...
5 months ago
CVE-2008-1378 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-2360, CVE-2008-2361, CVE-2008-2362. Reason: This candidate has been withdrawn by its CNA. It was SPLIT into separate candidates before publication. Notes: All CVE users should ...
54 years ago Tenable.com
CVE-2008-2617 - Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than ...
7 years ago
CVE-2008-2615 - Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than ...
7 years ago
CVE-2008-2621 - Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than ...
7 years ago
CVE-2008-2622 - Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than ...
7 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)