Export limit exceeded: 346446 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346446 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-5146 | 1 Der Dirigent | 1 Der Dirigent | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in dedi-group Der Dirigent 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the dedi_path parameter to (1) inc.generate_code.php, (2) fnc.type_forms.php, or (3) fnc.type.php in backend/inc/, or (4) frontend.php or (5) backend.php in projekt01/cms/inc/; or (6) the this_dir parameter to backend/inc/class.filemanager.php. NOTE: vectors 4 and 5 are disputed by CVE because PHP encounters a fatal function-call error on a direct request for the file, before reaching the include statement. | ||||
| CVE-2007-5153 | 1 Sun | 2 Java System Access Manager, Java System Application Server | 2026-04-23 | N/A |
| Unspecified vulnerability in Sun Java System Access Manager 7.1, when installed in a Sun Java System Application Server 8.x container, allows remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2007-0015 | 1 Apple | 1 Quicktime | 2026-04-23 | N/A |
| Buffer overflow in Apple QuickTime 7.1.3 allows remote attackers to execute arbitrary code via a long rtsp:// URI. | ||||
| CVE-2007-5166 | 1 Sitesys | 1 Sitesys | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in SiteSys 1.0a allow remote attackers to execute arbitrary PHP code via a URL in the doc_root parameter to (1) inc/pagehead.inc.php or (2) inc/pageinit.inc.php. | ||||
| CVE-2007-5184 | 1 Smbftpd | 1 Smbftpd | 2026-04-23 | N/A |
| Format string vulnerability in the SMBDirList function in dirlist.c in SmbFTPD 0.96 allows remote attackers to execute arbitrary code via format string specifiers in a directory name. | ||||
| CVE-2006-6638 | 1 Ibm | 1 Db2 Universal Database | 2026-04-23 | N/A |
| IBM DB2 8.1 before FixPak 14 allows remote attackers to cause a denial of service via a crafted SQLJRA packet, which causes a NULL pointer dereference in the sqle_db2ra_as_recvrequest function in DB2ENGN.DLL, a different issue than CVE-2006-4257. | ||||
| CVE-2007-5234 | 1 Ossigeno | 1 Ossigeno | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in upload/common/footer.php in Ossigeno CMS 2.2 alpha3 allows remote attackers to execute arbitrary PHP code via a URL in the level parameter. | ||||
| CVE-2007-5244 | 1 Borland Software | 1 Interbase | 2026-04-23 | N/A |
| Stack-based buffer overflow in Borland InterBase LI 8.0.0.53 through 8.1.0.253 on Linux, and possibly unspecified versions on Solaris, allows remote attackers to execute arbitrary code via a long attach request on TCP port 3050 to the open_marker_file function. | ||||
| CVE-2008-5848 | 1 Advantech | 14 Adam-6015, Adam-6017, Adam-6018 and 11 more | 2026-04-23 | N/A |
| The Advantech ADAM-6000 module has 00000000 as its default password, which makes it easier for remote attackers to obtain access through an HTTP session, and (1) monitor or (2) control the module's Modbus/TCP I/O activity. | ||||
| CVE-2009-0618 | 1 Cisco | 1 Application Networking Manager | 2026-04-23 | N/A |
| Unspecified vulnerability in the Java agent in Cisco Application Networking Manager (ANM) before 2.0 Update A allows remote attackers to gain privileges, and cause a denial of service (service outage) by stopping processes, or obtain sensitive information by reading configuration files. | ||||
| CVE-2007-5261 | 1 Iscripts | 1 Multicart | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in MultiCart 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) catid parameter to categorydetail.php and the (2) ddlCategory parameter to search.php. | ||||
| CVE-2009-0721 | 1 Hp | 1 Remote Graphics Software | 2026-04-23 | N/A |
| Unspecified vulnerability in Easy Login in the Sender module in HP Remote Graphics Software (RGS) 4.0.0 through 5.2.4 allows remote attackers to execute arbitrary code via unknown vectors. | ||||
| CVE-2007-5278 | 1 Zomplog | 1 Zomplog | 2026-04-23 | N/A |
| Zomplog 3.8.1 and earlier stores potentially sensitive information under the web root with insufficient access control, which allows remote attackers to download files that were uploaded by users, as demonstrated by obtaining a directory listing via a direct request to /upload and then retrieving individual files. NOTE: in a non-default configuration, the directory listing is denied, but filenames may be predicable. | ||||
| CVE-2007-5290 | 1 Afterlogic | 1 Mailbee Webmail | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in MailBee WebMail Pro 3.4 and earlier; and possibly MailBee WebMail Pro ASP before 3.4.64, WebMail Lite ASP before 4.0.11, and WebMail Lite PHP before 4.0.22; allow remote attackers to inject arbitrary web script or HTML via the (1) mode parameter to login.php and the (2) mode2 parameter to default.asp in an advanced_login mode. | ||||
| CVE-2007-5306 | 1 Yannick Tanguy | 1 Else If Cms | 2026-04-23 | N/A |
| ELSEIF CMS Beta 0.6 allows remote attackers to obtain sensitive information (full path) via unspecified vectors to utilisateurs/votesresultats.php. | ||||
| CVE-2007-5310 | 2 Joomla, Webmaster-tips.net | 2 Joomla, Flash Image Gallery | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in admin.wmtportfolio.php in the webmaster-tips.net wmtportfolio 1.0 (com_wmtportfolio) component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| CVE-2007-6356 | 1 Aertherwide | 1 Exiftags | 2026-04-23 | N/A |
| exiftags before 1.01 allows attackers to cause a denial of service (infinite loop) via recursive IFD references in the EXIF data in a JPEG image. | ||||
| CVE-2007-6700 | 1 Openbsd | 1 Openbsd | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in cgi-bin/bgplg in the web interface for the BGPD daemon in OpenBSD 4.1 allows remote attackers to inject arbitrary web script or HTML via the cmd parameter. | ||||
| CVE-2007-5314 | 1 Xkiosk | 1 Xkiosk Web | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in system/funcs/xkurl.php in xKiosk WEB 3.0.1i, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the PEARPATH parameter. | ||||
| CVE-2007-5316 | 1 Softbizscripts | 1 Softbiz Jobs And Recruitment Script | 2026-04-23 | N/A |
| SQL injection vulnerability in browsecats.php in Softbiz Jobs and Recruitment Script allows remote attackers to execute arbitrary SQL commands via the cid parameter. | ||||