CVE-2008-5605

Multiple SQL injection vulnerabilities in ASP Portal allow remote attackers to execute arbitrary SQL commands via the (1) ItemID parameter to classifieds.asp and the (2) ID parameter to Events.asp.

Publication date: Wed, 17 Dec 2008 01:07:00 +0000

Cyber News related to CVE-2008-5605

CVE-2021-47082 - In the Linux kernel, the following vulnerability has been resolved: ...
11 months ago

CVE-2008-5605 - Multiple SQL injection vulnerabilities in ASP Portal allow remote attackers to execute arbitrary SQL commands via the (1) ItemID parameter to classifieds.asp and the (2) ID parameter to Events.asp. ...
7 years ago

CVE-2008-1931 - Realtek HD Audio Codec Drivers RTKVHDA.sys and RTKVHDA64.sys before 6.0.1.5605 on Windows Vista allow local users to create, write, and read registry keys via a crafted IOCTL request. ...
6 years ago

CVE-2008-1932 - Integer overflow in Realtek HD Audio Codec Drivers RTKVHDA.sys and RTKVHDA64.sys before 6.0.1.5605 on Windows Vista allows local users to execute arbitrary code via a crafted IOCTL request. ...
6 years ago

CVE-2007-5604 - Buffer overflow in the ExtractCab function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long first argument, a different ...
7 years ago

CVE-2007-5605 - Buffer overflow in the GetFileTime function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long argument, a different ...
7 years ago

CVE-2007-5606 - Buffer overflow in the MoveFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long argument, a different vulnerability ...
7 years ago

CVE-2007-5607 - Buffer overflow in the RegistryString function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long first argument, a different ...
7 years ago

CVE-2017-5605 - An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social ...
7 years ago

CVE-2014-5605 - The QQ Copy (aka com.digimobistudio.qqcopy) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. ...
10 years ago

CVE-2006-5605 - Multiple cross-site scripting (XSS) vulnerabilities in phpcards.footer.php in phpCards 1.3 allow remote attackers to inject arbitrary web script or HTML via the CardFontFace parameter and other unspecified parameters. ...
7 years ago

CVE-2016-5605 - Unspecified vulnerability in the Oracle VM VirtualBox component before 5.1.4 in Oracle Virtualization allows remote attackers to affect confidentiality and integrity via vectors related to VRDE. ...
7 years ago

CVE-2012-5605 - Grinder in Red Hat CloudForms before 1.1 uses world-writable permissions for /var/lib/pulp/cache/grinder/, which allows local users to modify grinder cache files. ...
7 years ago

CVE-2013-5605 - Mozilla Network Security Services (NSS) 3.14 before 3.14.5 and 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid handshake packets. ...
6 years ago

CVE-2015-5605 - The regular-expression implementation in Google V8, as used in Google Chrome before 44.0.2403.89, mishandles interrupts, which allows remote attackers to cause a denial of service (application crash) via crafted JavaScript code, as demonstrated by an ...
6 years ago

CVE-2020-5605 - Directory traversal vulnerability in WHR-G54S firmware 1.43 and earlier allows an attacker to access sensitive information such as setting values via unspecified vectors. ...
1 year ago

CVE-2013-1601 - An Information Disclosure vulnerability exists due to a failure to restrict access on the lums.cgi script when processing a live video stream in D-LINK An Information Disclosure vulnerability exists due to a failure to restrict access on the lums.cgi ...
3 years ago

CVE-2013-1603 - An Authentication vulnerability exists in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-5230L 1.02, DCS-5230 1.02, DCS-3430 1.02, DCS-3411 ...
3 years ago

CVE-2013-1599 - A Command Injection vulnerability exists in the /var/www/cgi-bin/rtpd.cgi script in D-Link IP Cameras DCS-3411/3430 firmware 1.02, DCS-5605/5635 1.01, DCS-1100L/1130L 1.04, DCS-1100/1130 1.03, DCS-1100/1130 1.04_US, DCS-2102/2121 1.05_RU, DCS-3410 ...
3 years ago

CVE-2019-14959 - JetBrains Toolbox before 1.15.5605 was resolving an internal URL via a cleartext http connection. ...
3 years ago

CVE-2019-5605 - In FreeBSD 11.3-STABLE before r350217, 11.3-RELEASE before 11.3-RELEASE-p1, and 11.2-RELEASE before 11.2-RELEASE-p12, due to insufficient initialization of memory copied to userland in the freebsd32_ioctl interface, small amounts of kernel memory may ...
1 year ago

CVE-2012-5306 - Stack-based buffer overflow in the SelectDirectory method in DcsCliCtrl.dll in Camera Stream Client ActiveX Control, as used in D-Link DCS-5605 PTZ IP Network Camera, allows remote attackers to cause a denial of service (crash) and possibly execute ...
1 year ago

CVE-2024-5605 - The Media Library Assistant plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order’ parameter within the mla_tag_cloud Shortcode in all versions up to, and including, 3.16 due to insufficient escaping on the user supplied ...
7 months ago

CVE-2008-1378 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-2360, CVE-2008-2361, CVE-2008-2362. Reason: This candidate has been withdrawn by its CNA. It was SPLIT into separate candidates before publication. Notes: All CVE users should ...
55 years ago Tenable.com

CVE-2008-2617 - Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than ...
7 years ago

Latest Cyber News

CVE-2025-1193 - 1 day ago
CVE-2024-11621 - 1 day ago
CVE-2025-1147 - 1 day ago
CVE-2025-1148 - 1 day ago
CVE-2024-8684 - 1 day ago
CVE-2024-8685 - 1 day ago
CVE-2025-1175 - 1 day ago
CVE-2025-25247 - 1 day ago
CVE-2025-1099 - 1 day ago
CVE-2025-21684 - 2 days ago
CVE-2025-21685 - 2 days ago
CVE-2024-57949 - 2 days ago
CVE-2024-13440 - 2 days ago
CVE-2025-0169 - 2 days ago
CVE-2024-5183 - 2 days ago
CVE-2024-6909 - 2 days ago
CVE-2024-8377 - 2 days ago
CVE-2025-0316 - 2 days ago
CVE-2025-0517 - 2 days ago
CVE-2023-4927 - 2 days ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

CVE-2025-1099 - 1 day ago
CVE-2025-25247 - 1 day ago
CVE-2024-8684 - 1 day ago
CVE-2024-8685 - 1 day ago
CVE-2025-1175 - 1 day ago
CVE-2024-11621 - 1 day ago
CVE-2025-1147 - 1 day ago
CVE-2025-1148 - 1 day ago
CVE-2025-1193 - 1 day ago
CVE-2025-1115 - 3 days ago
CVE-2025-1116 - 3 days ago
CVE-2024-13850 - 3 days ago
CVE-2025-1117 - 3 days ago
CVE-2024-54176 - 2 days ago
CVE-2023-4927 - 2 days ago
CVE-2024-5183 - 2 days ago
CVE-2024-6909 - 2 days ago
CVE-2024-8377 - 2 days ago
CVE-2025-0316 - 2 days ago
CVE-2025-0517 - 2 days ago