Export limit exceeded: 29851 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29851 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-2613 | 1 Wikkawiki | 1 Wikkawiki | 2025-04-09 | N/A |
| WikkaWiki (Wikka Wiki) before 1.1.6.3 allows attackers in a shared virtual host server environment to upload and execute an arbitrary configuration file by modifying the WAKKA_CONFIG environment variable. | ||||
| CVE-2007-2628 | 1 Justin Koivisto | 1 Phpsecurityadmin | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in include/logout.php in Justin Koivisto SecurityAdmin for PHP (aka PHPSecurityAdmin, PSA) 4.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the PSA_PATH parameter. | ||||
| CVE-2007-2629 | 1 Bradford Networks | 1 Campusmanager Network Control Application Server | 2025-04-09 | N/A |
| Bradford CampusManager Network Control Application Server 3.1(6) allows remote attackers to obtain sensitive information (backup, log, and configuration files) via direct request for certain files in (1) /runTime/ or (2) /remediationReports/. | ||||
| CVE-2007-2633 | 1 Positive Software | 1 Sitestudio | 2025-04-09 | N/A |
| Directory traversal vulnerability in H-Sphere SiteStudio 1.6 allows remote attackers to read, or include and execute, arbitrary local files via a .. (dot dot) in the template parameter. | ||||
| CVE-2007-2634 | 1 Agner Fog | 1 Aforum | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in common/errormsg.php in aForum 1.32 and possibly earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the header parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-2635 | 1 Interchange Development Group | 1 Interchange | 2025-04-09 | N/A |
| Unspecified vulnerability in Interchange before 5.4.2 allows remote attackers to cause an unspecified denial of service (possibly server hang) via crafted HTTP requests. | ||||
| CVE-2007-2638 | 1 Efilecabinet | 1 Efilecabinet | 2025-04-09 | N/A |
| eFileCabinet 3.3 allows remote attackers to bypass authentication and access restricted portions of the interface via an invalid filecabinetnumber, which can be leveraged to obtain sensitive information or create new data structures. | ||||
| CVE-2007-2639 | 1 Prosysinfo | 1 Tftp Server Tftpdwin | 2025-04-09 | N/A |
| Directory traversal vulnerability in TFTPdWin 0.4.2 allows remote attackers to read or modify arbitrary files outside the TFTP root via unspecified vectors. | ||||
| CVE-2007-2642 | 1 R2k | 1 R2k Gallery | 2025-04-09 | N/A |
| Directory traversal vulnerability in galeria.php in R2K Gallery 1.7 allows remote attackers to read arbitrary files via a .. (dot dot) in the lang2 parameter. | ||||
| CVE-2009-4055 | 1 Digium | 2 Asterisk, S800i | 2025-04-09 | N/A |
| rtp.c in Asterisk Open Source 1.2.x before 1.2.37, 1.4.x before 1.4.27.1, 1.6.0.x before 1.6.0.19, and 1.6.1.x before 1.6.1.11; Business Edition B.x.x before B.2.5.13, C.2.x.x before C.2.4.6, and C.3.x.x before C.3.2.3; and s800i 1.3.x before 1.3.0.6 allows remote attackers to cause a denial of service (daemon crash) via an RTP comfort noise payload with a long data length. | ||||
| CVE-2006-5877 | 2 Enigmail, Ubuntu | 2 Enigmail, Ubuntu Linux | 2025-04-09 | N/A |
| The enigmail extension before 0.94.2 does not properly handle large, encrypted file e-mail attachments, which allows remote attackers to cause a denial of service (crash), as demonstrated with Mozilla Thunderbird. | ||||
| CVE-2007-2644 | 1 Morovia | 1 Barcode Activex Control | 2025-04-09 | N/A |
| A certain ActiveX control in Morovia Barcode ActiveX Professional 3.3.1304 allows remote attackers to overwrite arbitrary files by calling the Save method with an arbitrary filename. | ||||
| CVE-2007-2652 | 1 Free-sa | 1 Free-sa | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in Free-SA before 1.2.2 allow remote attackers to execute arbitrary code via unspecified vectors involving certain (1) sprintf and (2) vsprintf calls in (a) r_index.c, (b) r_reports.c, (c) r_topsites.c, (d) r_topuser.c, (e) r_typical.c, (f) r_userdatetime.c, and (g) r_users.c in reports/; and (h) w_fs.c, (i) w_internal.c, and (j) w_log_operations.c in work/, probably related to buffer overflows. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-2656 | 1 Hp | 1 Hpqvwocx.dll | 2025-04-09 | N/A |
| Stack-based buffer overflow in the Hewlett-Packard (HP) Magview ActiveX control in hpqvwocx.dll 1.0.0.309 allows remote attackers to cause a denial of service (application crash) and possibly have other impact via a long argument to the DeleteProfile method. | ||||
| CVE-2007-2657 | 1 Precisionid Barcode | 1 Precisionid Barcode | 2025-04-09 | N/A |
| Unspecified vulnerability in the PrecisionID Barcode 1.3 ActiveX control in PrecisionID_DataMatrix.DLL allows remote attackers to cause a denial of service via a long argument to the SaveBarCode method. | ||||
| CVE-2007-2663 | 1 Beacon | 1 Beacon | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in language/1/splash.lang.php in Beacon 0.2.0 allows remote attackers to execute arbitrary PHP code via a URL in the languagePath parameter. | ||||
| CVE-2007-2665 | 1 Php Firstpost | 1 Php Firstpost | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in block.php in PhpFirstPost 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the Include parameter. | ||||
| CVE-2007-2671 | 1 Mozilla | 1 Firefox | 2025-04-09 | N/A |
| Mozilla Firefox 2.0.0.3 allows remote attackers to cause a denial of service (application crash) via a long hostname in an HREF attribute in an A element, which triggers an out-of-bounds memory access. | ||||
| CVE-2007-2674 | 1 Pre Projects | 1 Pre Shopping Mall | 2025-04-09 | N/A |
| SQL injection vulnerability in detail.php in Pre Shopping Mall 1.0 allows remote attackers to execute arbitrary SQL commands via the prodid parameter. | ||||
| CVE-2007-2675 | 1 Pre Projects | 1 Pre Classifieds Listings | 2025-04-09 | N/A |
| SQL injection vulnerability in search.php in Pre Classifieds Listings 1.0 allows remote attackers to execute arbitrary SQL commands via the category parameter. | ||||