Export limit exceeded: 361680 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (361680 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-2120 1 Tekbase 1 Tekbase All-in-one 2026-04-23 N/A
Multiple SQL injection vulnerabilities in TekBase All-in-One 3.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) ids parameter to admin.php, the (2) y parameter to members.php, and other unspecified vectors. NOTE: vector 1 requires administrative access.
CVE-2006-4098 1 Cisco 1 Secure Access Control Server 2026-04-23 N/A
Stack-based buffer overflow in the CSRadius service in Cisco Secure Access Control Server (ACS) for Windows before 4.1 and ACS Solution Engine before 4.1 allows remote attackers to execute arbitrary code via a crafted RADIUS Accounting-Request packet.
CVE-2007-1594 1 Asterisk 1 Asterisk 2026-04-23 N/A
The handle_response function in chan_sip.c in Asterisk before 1.2.17 and 1.4.x before 1.4.2 allows remote attackers to cause a denial of service (crash) via a SIP Response code 0 in a SIP packet.
CVE-2009-4088 1 Telepark 1 Telepark.wiki 2026-04-23 N/A
Multiple directory traversal vulnerabilities in telepark.wiki 2.4.23 and earlier allow remote attackers to read arbitrary files via directory traversal sequences in the css parameter to (1) getjs.php and (2) getcsslocal.php; and include and execute arbitrary local files via the (3) group parameter to upload.php.
CVE-2009-4406 1 Apc 3 Aos, Ap7932 B2, Ap7932 B2 Firmware 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in Forms/login1 in American Power Conversion (APC) Switched Rack PDU AP7932 B2, running rpdu 3.3.3 or 3.7.0 on AOS 3.3.4, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the login_username parameter.
CVE-2007-1621 1 Lbstone 1 Active Php Bookmark Notes 2026-04-23 N/A
PHP remote file inclusion vulnerability in templates/head.php in Active PHP Bookmark Notes (APB) 0.2.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the APB_SETTINGS[template_path] parameter. NOTE: this issue might be related to CVE-2003-1254.
CVE-2007-1624 1 Realguestbook 1 Realguestbook 2026-04-23 N/A
Multiple SQL injection vulnerabilities in realGuestbook 5.01 allow remote attackers to execute arbitrary SQL commands via the (1) name, (2) email, (3) homepage, and (4) text parameters to save_entry.php, as reachable through add_entry.php; and possibly other unspecified parameters and files. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-1634 1 Net Portal Dynamic System 1 Net Portal Dynamic System 2026-04-23 N/A
Variable extraction vulnerability in grab_globals.php in Net Portal Dynamic System (NPDS) 5.10 and earlier allows remote attackers to conduct SQL injection attacks via the _FILES[DB][tmp_name] parameter to print.php, which overwrites the $DB variable with dynamic variable evaluation.
CVE-2007-1651 1 Openid 1 Openid 2026-04-23 N/A
Cross-site request forgery (CSRF) vulnerability in OpenID allows remote attackers to restore the login session of a user on an OpenID enabled site via unspecified vectors related to an arbitrary remote web site and cached tokens, after the user has signed into an OpenID server, logged into the OpenID enabled site, and then logged out of the OpenID enabled site.
CVE-2007-4435 1 Torrenttrader 1 Torrenttrader 2026-04-23 N/A
Multiple SQL injection vulnerabilities in TorrentTrader before 1.07 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) account-inbox.php, (2) account-settings.php, and possibly (3) backend/functions.php.
CVE-2007-1661 2 Apple, Pcre 3 Mac Os X, Mac Os X Server, Perl-compatible Regular Expression Library 2026-04-23 N/A
Perl-Compatible Regular Expression (PCRE) library before 7.3 backtracks too far when matching certain input bytes against some regex patterns in non-UTF-8 mode, which allows context-dependent attackers to obtain sensitive information or cause a denial of service (crash), as demonstrated by the "\X?\d" and "\P{L}?\d" patterns.
CVE-2006-4248 1 Acme Labs 1 Thttpd 2026-04-23 N/A
thttpd on Debian GNU/Linux, and possibly other distributions, allows local users to create or touch arbitrary files via a symlink attack on the start_thttpd temporary file.
CVE-2006-4249 1 Plone 1 Plone 2026-04-23 N/A
Unspecified vulnerability in PlonePAS in Plone 2.5 and 2.5.1, when anonymous member registration is enabled, allows an attacker to "masquerade as a group."
CVE-2007-1671 1 Avira 1 Antivir Personal 2026-04-23 N/A
avpack32.dll before 7.3.0.6 in Avira AntiVir allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.
CVE-2007-1672 1 Avast 1 Avast Antivirus 2026-04-23 N/A
avast! antivirus before 4.7.981 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.
CVE-2007-1675 1 Ibm 1 Lotus Domino 2026-04-23 N/A
Buffer overflow in the CRAM-MD5 authentication mechanism in the IMAP server (nimap.exe) in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to cause a denial of service via a long username.
CVE-2007-1678 1 Fizzle 1 Fizzle 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the Fizzle 0.5 extension for Firefox allows remote attackers to inject arbitrary web script or HTML via RSS feeds, which are executed by the chrome: URI handler.
CVE-2007-3644 1 Freebsd 1 Libarchive 2026-04-23 N/A
archive_read_support_format_tar.c in libarchive before 2.2.4 allows user-assisted remote attackers to cause a denial of service (infinite loop) via (1) an end-of-file condition within a pax extension header or (2) a malformed pax extension header in an (a) PAX or a (b) TAR archive.
CVE-2007-1706 1 Ewebquiz 1 Ewebquiz 2026-04-23 N/A
SQL injection vulnerability in eWebQuiz.asp in eWebQuiz 8 allows remote attackers to execute arbitrary SQL commands via the QuizID parameter.
CVE-2007-1707 1 Net-side.net 1 Net Side Content Management System 2026-04-23 N/A
PHP remote file inclusion vulnerability in index.php in Net Side Content Management System (Net-Side.net CMS) allows remote attackers to execute arbitrary PHP code via a URL in the cms parameter.