The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,643 vulnerabilities with CWE-20
CVE-2008-7278
OTRS <2.3.0-beta1 - Info Disclosure
CVE-2008-7274
IBM WebSphere Application Server WAS 6.1.0.9 - Auth Bypass
CVE-2008-7269
SiteEngine 5.x - Open Redirect via Forward Parameter
CVE-2008-7264
pyftpdlib < 0.5.0 - Authenticated Denial of Service via QUIT Command During Data Transfer
CVE-2008-7258
Anibal Monsalve Salazar sSMTP 2.61-2.62 - DoS
CVE-2008-7257
Cisco ASA 5580 - CRLF Injection via WebVPN URI
CVE-2008-7248
Ruby on Rails <2.1.3 & <2.2.2 - CSRF
CVE-2008-7215
Mambo < 4.6.3 - Denial of Service via Image Manager File Rename
CVE-2008-7205
VirtueMart <1.0.13a - Info Disclosure
CVE-2008-7185
GNOME Rhythmbox 0.11.5 - Denial of Service via Long Title Field in Playlist File
CVE-2008-7180
Telephone Directory 2008 - Unauthenticated Arbitrary Contact Deletion via id Parameter
CVE-2008-7136
ICQ Toolbar 2.3 - Denial of Service via Long Argument to RequestURL GetPropertyById or SetPropertyById
CVE-2008-7135
ICQ Toolbar 2.3 - Denial of Service via Long Argument to IsChecked Method
CVE-2008-7112
Kyocera Mita Scanner File Utility 3.3.0.1 - Denial of Service via Malformed Document or Request
CVE-2008-7107
ESET Smart Security 3.0.667.0 - Denial of Service via IOCTL Request to easdrv.sys
CVE-2008-7102
DotNetNuke 2.0-4.8.4 - Unauthenticated Arbitrary File Load via Skin File Parameter Validation
CVE-2008-7088
PhotoPost vBGallery 2.4.2 - Authenticated Arbitrary File Upload via Executable Extension Bypass
CVE-2008-7068
PHP 5.2.6 and 4.x - Denial of Service via dba_replace NULL Byte Key
CVE-2008-7052
Pre Real Estate Listings - Authenticated Arbitrary File Upload via Profile Logo
CVE-2008-7037
ITN News Gadget < 1.23 - Remote Code Execution via Short Title Response
CVE-2008-7029
AlilG Application AliBoard Beta - Authenticated Arbitrary File Upload via Avatar Upload
CVE-2008-6978
Full Revolution aspWebAlbum 3.2 - Unrestricted File Upload and Remote Code Execution via pics/ Directory
CVE-2008-6976
MikroTik RouterOS 2.x-2.9.51 & 3.x-3.13 - Unauthenticated SNMP Set Request Modifies NMS Settings
CVE-2008-6962
Avira AntiVir - Local Privilege Escalation via IOCTL Request
CVE-2008-6948
Collabtive 0.4.8 - Authenticated Remote Code Execution via Unrestricted File Upload
Details
Vulnerabilities
12,643
Exploit Likelihood
High