LiveActive security incident?Get immediate response
CVE archive

May 2008

Browse CVE records published in May 2008, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 422 matching CVEs · Page 2 of 9.

Unknown · CVSS Not scored

CVE-2008-2478: scripts/wwwacct in cPanel 11.18.6 STABLE and earlier and 11.23.1 CURRENT and earlier allows remote authenti...

scripts/wwwacct in cPanel 11.18.6 STABLE and earlier and 11.23.1 CURRENT and earlier allows remote authenticated users with reseller privileges to execute arbitrary code via shell metacharacters in the Email address field (aka Email text box). NOTE: the vendor disputes this, stating "I'm unable to reproduce such an issue on multiple servers running different versions of cPanel.

Published May 28, 2008 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2008-2449: Multiple cross-site scripting (XSS) vulnerabilities in Isaac McGowan phpInstantGallery 2.0 allow remote att...

Multiple cross-site scripting (XSS) vulnerabilities in Isaac McGowan phpInstantGallery 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) gallery parameter to (a) index.php and (b) image.php, and the (2) imgnum parameter to image.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Published May 27, 2008 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2008-2425: SQL injection vulnerability in index.php in FicHive 1.0 allows remote attackers to execute arbitrary SQL co...

SQL injection vulnerability in index.php in FicHive 1.0 allows remote attackers to execute arbitrary SQL commands via the letter parameter in a Search action, a different vector than CVE-2008-2416. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Published May 23, 2008 · Updated Aug 7, 2024