The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
12,643 vulnerabilities with CWE-20
CVE-2008-6944
ScriptsFeed Auto Classifieds - Authenticated Arbitrary File Upload via Profile Logo
CVE-2008-6943
ScriptsFeed Recipes Listing Portal - Authenticated Remote Code Execution via Recipe Photo Upload
CVE-2008-6942
ScriptsFeed Realtor Classifieds System - Authenticated Remote Code Execution via Profile Logo Upload
CVE-2008-6938
Pi3Web < 2.0.3_pl1 - Denial of Service via ISAPI Directory File Request
CVE-2008-6913
Zeeways ZEEJOBSITE 2.0 - Authenticated Arbitrary File Upload via Profile Photo
CVE-2008-6882
com_livechat 1.0 - Server-Side Request Forgery via xmlhttp.php Proxy
CVE-2008-6829
VicFTPS 5.0 - Denial of Service via Malformed LIST Command
CVE-2008-6826
MHF Media Pro - OS Command Injection via dhtml.pl page parameter
CVE-2008-6814
com_simpleboard < 1.0.1 - Unauthenticated Arbitrary File Upload via image_upload.php
CVE-2008-1517
Apple Mac OS X <10.5.7 - Privilege Escalation
CVE-2008-6806
7shop < 1.1 - Unauthenticated Arbitrary File Upload via Image Upload
CVE-2008-6793
DFLabs PTK 0.1, 0.2, and 1.0 - Remote Command Execution via Filename Shell Metacharacters
CVE-2008-6791
PumpKIN TFTP Server 2.7.2.0 - Denial of Service via Long Mode Field
CVE-2008-6790
MindDezign Photo Gallery 2.2 - Unauthenticated Privilege Escalation via Username Parameter
CVE-2008-6772
YourPlace <= 1.0.2 - Unauthenticated Account Takeover via Username Collision
CVE-2008-6752
ReVou Micro Blogging Twitter Clone Plugin - Unauthenticated Password Change via Direct Request
CVE-2008-6751
ReVou TClone - Unauthenticated Arbitrary File Upload via index.php
CVE-2008-6750
FlexPHPDirectory 0.0.1 - Unauthenticated Arbitrary File Upload via add.php
CVE-2008-6745
BlogPHP 2.0 - Privilege Escalation via Email Parameter in Register Action
CVE-2008-6742
Foxy P2P - Denial of Service via Large fs Value in Download Action
CVE-2008-6731
FlexPHPLink Pro 0.0.7 - Unauthenticated Arbitrary File Upload via submitlink.php
CVE-2008-6702
Stalker-game S.t.a.l.k.e.r. < 1.0006 - Improper Input Validation
CVE-2008-6684
Apartment Search Script - Unauthenticated Arbitrary File Upload via editimage.php GIF Header Bypass
CVE-2008-6676
QuickerSite 1.8.5 - Information Disclosure via showThumb.aspx
CVE-2008-6662
AVG Anti-Virus for Linux 7.5.51 - Denial of Service via Malformed UPX Compressed File
Details
Vulnerabilities
12,643
Exploit Likelihood
High