Export limit exceeded: 346077 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346077 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-0462 | 1 Clicktech | 1 Clickcart | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in customer_login_check.asp in ClickTech ClickCart 6.0 allow remote attackers to execute arbitrary SQL commands via (1) the txtEmail parameter (aka E-MAIL field) or (2) the txtPassword parameter (aka password field) to customer_login.asp. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-0466 | 1 Vivvo | 1 Vivvo | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Vivvo CMS before 4.1.1 allows remote attackers to inject arbitrary web script or HTML via a URI that triggers a 404 Page Not Found response. | ||||
| CVE-2009-0471 | 1 Cisco | 1 Ios | 2026-04-23 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the HTTP server in Cisco IOS 12.4(23) allows remote attackers to execute arbitrary commands, as demonstrated by executing the hostname command with a level/15/configure/-/hostname request. | ||||
| CVE-2009-0475 | 1 Android | 1 Opencore | 2026-04-23 | N/A |
| Integer underflow in the Huffman decoding functionality (pvmp3_huffman_parsing.cpp) in OpenCORE 2.0 and earlier allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a crafted MP3 file that triggers heap corruption. | ||||
| CVE-2006-6069 | 1 Malbum | 1 Malbum | 2026-04-23 | N/A |
| index.php in mAlbum 0.3 and earlier allows remote attackers to obtain the installation path via an invalid gal parameter. | ||||
| CVE-2007-2535 | 1 Winace | 1 Winace | 2026-04-23 | N/A |
| WinAce allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file. | ||||
| CVE-2007-2540 | 1 Pmecms | 1 Pmecms | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in PMECMS 1.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the config[pathMod] parameter to index.php in (1) mod/image/, (2) mod/liens/, (3) mod/liste/, (4) mod/special/, or (5) mod/texte/. | ||||
| CVE-2009-0478 | 1 Squid | 1 Squid | 2026-04-23 | N/A |
| Squid 2.7 to 2.7.STABLE5, 3.0 to 3.0.STABLE12, and 3.1 to 3.1.0.4 allows remote attackers to cause a denial of service via an HTTP request with an invalid version number, which triggers a reachable assertion in (1) HttpMsg.c and (2) HttpStatusLine.c. | ||||
| CVE-2007-2541 | 1 Versado Cms | 1 Versado Cms | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in includes/ajax_listado.php in Versado CMS 1.07 allows remote attackers to execute arbitrary PHP code via a URL in the urlModulo parameter. | ||||
| CVE-2007-2543 | 1 Xoops | 1 Flashgames Module | 2026-04-23 | N/A |
| SQL injection vulnerability in game.php in the Flashgames 1.0.1 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the lid parameter. | ||||
| CVE-2009-0481 | 1 Mozilla | 1 Bugzilla | 2026-04-23 | N/A |
| Bugzilla 2.x before 2.22.7, 3.0 before 3.0.7, 3.2 before 3.2.1, and 3.3 before 3.3.2 allows remote authenticated users to conduct cross-site scripting (XSS) and related attacks by uploading HTML and JavaScript attachments that are rendered by web browsers. | ||||
| CVE-2007-2544 | 1 Php Toptree Bbs | 1 Php Toptree Bbs | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in templates/default/tpl_message.php in PHP TopTree BBS 2.0.1a and earlier allows remote attackers to execute arbitrary PHP code via a URL in the right_file parameter. | ||||
| CVE-2009-0483 | 1 Mozilla | 1 Bugzilla | 2026-04-23 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Bugzilla 2.22 before 2.22.7, 3.0 before 3.0.7, 3.2 before 3.2.1, and 3.3 before 3.3.2 allows remote attackers to delete keywords and user preferences via a link or IMG tag to (1) editkeywords.cgi or (2) userprefs.cgi. | ||||
| CVE-2009-0484 | 1 Mozilla | 1 Bugzilla | 2026-04-23 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Bugzilla 3.0 before 3.0.7, 3.2 before 3.2.1, and 3.3 before 3.3.2 allows remote attackers to delete shared or saved searches via a link or IMG tag to buglist.cgi. | ||||
| CVE-2009-0493 | 1 Martin Unzner | 1 It\!cms | 2026-04-23 | N/A |
| SQL injection vulnerability in login.php in IT!CMS 2.1a and earlier allows remote attackers to execute arbitrary SQL commands via the Username. | ||||
| CVE-2009-4521 | 1 Eclipse | 1 Birt | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools (BIRT) before 2.5.0, as used in KonaKart and other products, allows remote attackers to inject arbitrary web script or HTML via the __report parameter. | ||||
| CVE-2007-2552 | 1 Wikkawiki | 1 Wikkawiki | 2026-04-23 | N/A |
| The RecentChanges feature in WikkaWiki (Wikka Wiki) before 1.1.6.3 allows remote attackers to obtain the names, and possibly revision notes and dates, of private pages via RSS feeds. | ||||
| CVE-2007-2553 | 1 Hp | 1 Tru64 | 2026-04-23 | N/A |
| Unspecified vulnerability in dop in HP Tru64 UNIX 5.1B-4, 5.1B-3, and 5.1A PK6 allows local users to gain privileges via a large amount of data in the environment, as demonstrated by a long environment variable. | ||||
| CVE-2007-2555 | 1 Podium Cms | 1 Podium Cms | 2026-04-23 | N/A |
| Unspecified vulnerability in Default.aspx in Podium CMS allows remote attackers to have an unknown impact, possibly session fixation, via a META HTTP-EQUIV Set-cookie expression in the id parameter, related to "cookie manipulation." NOTE: this issue might be cross-site scripting (XSS). | ||||
| CVE-2007-2561 | 1 Fipsasp | 1 Fipscms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.asp in fipsCMS 2.1 allows remote attackers to execute arbitrary SQL commands via the pid parameter, a different vector than CVE-2006-6115. | ||||