Export limit exceeded: 334968 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29843 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-2605 | 1 Brujula Toolbar | 1 Brujula Toolbar | 2025-04-09 | N/A |
| Unspecified vulnerability in the GetPropertyById function in ISoftomateObj in SoftomateLib in BRUJULA4.NET.DLL in the Brujula Toolbar (Brujula.net toolbar) allows attackers to cause a denial of service (NULL dereference and browser crash) via certain arguments. | ||||
| CVE-2007-2608 | 1 Miplex2 | 1 Miplex2 | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in lib/smarty/SmartyFU.class.php in Miplex2 Alpha 1 allows remote attackers to execute arbitrary PHP code via a URL in the system[smarty][dir] parameter. | ||||
| CVE-2007-2610 | 1 Openld | 1 Openld | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in OpenLD before 1.1.9, and 1.1-modified before 1.1-modified3, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in the Search feature, possibly the term parameter. | ||||
| CVE-2007-2611 | 1 Cgx | 1 Cgx | 2025-04-09 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in CGX 20050314 allow remote attackers to execute arbitrary PHP code via a URL in the pathCGX parameter to (1) mtdialogo.php, (2) ltdialogo.php, (3) login.php, and (4) logingecon.php in inc/; and multiple unspecified files in frm/, sql/, and cns/. | ||||
| CVE-2007-2614 | 1 Phphtmllib | 1 Phphtmllib | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in examples/widget8.php in phpHtmlLib 2.4.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phphtmllib parameter. | ||||
| CVE-2007-2616 | 1 Novell | 1 Netmail | 2025-04-09 | N/A |
| Stack-based buffer overflow in the SSL version of the NMDMC.EXE service in Novell NetMail 3.52e FTF2 and probably earlier allows remote attackers to execute arbitrary code via a crafted request. | ||||
| CVE-2007-2632 | 1 Php Multi User Randomizer | 1 Php Multi User Randomizer | 2025-04-09 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PHP Multi User Randomizer (phpMUR) 2006.09.13 allow remote attackers to inject arbitrary web script or HTML via (1) the edit_plugin parameter to configure_plugin.tpl.php, or (2) certain array parameters to web/phpinfo.php, as demonstrated by 1[] or a[]. | ||||
| CVE-2007-2640 | 1 Heiko Stamer | 1 Libtmcg | 2025-04-09 | N/A |
| LibTMCG before 1.1.1 does not perform a range check to avoid "trivial group generators," which allows attackers to obtain sensitive information about private cards. | ||||
| CVE-2007-2645 | 1 Libexif | 1 Libexif | 2025-04-09 | N/A |
| Integer overflow in the exif_data_load_data_entry function in exif-data.c in libexif before 0.6.14 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted EXIF data, involving the (1) doff or (2) s variable. | ||||
| CVE-2007-2669 | 1 Globalmegacorp | 1 Phpchain | 2025-04-09 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PHPChain 1.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the catid parameter to (1) settings.php or (2) cat.php. NOTE: certain parameter values also trigger path disclosure. | ||||
| CVE-2007-2670 | 1 Globalmegacorp | 1 Phpchain | 2025-04-09 | N/A |
| PHPChain 1.0 and earlier allows remote attackers to obtain the installation path via invalid values of the catid parameter to (1) settings.php or (2) cat.php, as demonstrated by XSS manipulations. | ||||
| CVE-2007-2672 | 1 Thinc4orce Marketing Group | 1 Php Coupon Script | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in PHP Coupon Script 3.0 allows remote attackers to execute arbitrary SQL commands via the bus parameter in a viewbus page. | ||||
| CVE-2006-5499 | 1 Serendipity | 1 Serendipity | 2025-04-09 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Serendipity (s9y) 1.0.1 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors in the media manager administration page. | ||||
| CVE-2007-2677 | 1 Phpchess | 1 Phpchess | 2025-04-09 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in phpChess Community Edition 2.0 allow remote attackers to execute arbitrary PHP code via a URL in (1) the config parameter to includes/language.php, or the Root_Path parameter to (2) layout_admin_cfg.php, (3) layout_cfg.php, or (4) layout_t_top.php in skins/phpchess/. NOTE: vector 1 has been disputed by CVE, since the code is defined within a function that is not called from within includes/language.php. | ||||
| CVE-2006-6982 | 1 3proxy | 1 3proxy | 2025-04-09 | N/A |
| 3proxy 0.5 to 0.5.2 does not offer NTLM authentication before basic authentication, which might cause browsers with incomplete RFC2616/RFC2617 support to use basic cleartext authentication even if NTLM is available, which makes it easier for attackers to steal credentials. | ||||
| CVE-2007-2678 | 1 Netsprint | 1 Netsprint Toolbar | 2025-04-09 | N/A |
| Buffer overflow in the isChecked function in toolbar.dll in Netsprint Toolbar 1.1 might allow remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2007-0647 | 1 Apple | 1 Mac Os X | 2025-04-09 | N/A |
| Format string vulnerability in Help Viewer 3.0.0 allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in a filename, which is not properly handled when calling the NSBeginAlertSheet Apple AppKit function. | ||||
| CVE-2007-1795 | 1 Jccorp | 1 Urlshrink | 2025-04-09 | N/A |
| JCcorp URLshrink 1.3.1 allows remote attackers to execute arbitrary PHP code via the email address field in an HTML link. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-1798 | 1 Ibm | 1 Aix | 2025-04-09 | N/A |
| Buffer overflow in the drmgr command in IBM AIX 5.2 and 5.3 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long path name. | ||||
| CVE-2007-2709 | 1 Nagiosql | 1 Nagiosql 2005 | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in functions/prepend_adm.php in NagiosQL 2005 2.00 allows remote attackers to execute arbitrary PHP code via a URL in the SETS[path][physical] parameter. | ||||