Export limit exceeded: 29852 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29852 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-3077 | 1 Eqdkp | 1 Eqdkp | 2025-04-09 | N/A |
| SQL injection vulnerability in listmembers.php in EQdkp 1.3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the rank parameter. | ||||
| CVE-2007-3078 | 1 Aigaion | 1 Aigaion | 2025-04-09 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Aigaion before 1.3.3 allow remote attackers to inject arbitrary web script or HTML via the title parameter (Authors and Publication titles) to (1) authoractions.php or (2) publicationactions.php. | ||||
| CVE-2007-3370 | 1 Kim Kyoung Min | 1 Sun Board | 2025-04-09 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Sun Board 1.00.00 Alpha allow remote attackers to execute arbitrary PHP code via a URL in (1) the sunPath parameter to include.php or (2) the dir parameter to skin/board/default/doctype.php. | ||||
| CVE-2007-3371 | 1 Powl | 1 Powl | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in plugins/widgets/htmledit/htmledit.php in Powl 0.94 allows remote attackers to execute arbitrary PHP code via a URL in the _POWL[installPath] parameter. | ||||
| CVE-2007-3384 | 1 Apache | 1 Tomcat | 2025-04-09 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in examples/servlet/CookieExample in Apache Tomcat 3.3 through 3.3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Name or (2) Value field, related to error messages. | ||||
| CVE-2007-3383 | 1 Apache | 1 Tomcat | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in SendMailServlet in the examples web application (examples/jsp/mail/sendmail.jsp) in Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.36 allows remote attackers to inject arbitrary web script or HTML via the From field and possibly other fields, related to generation of error messages. | ||||
| CVE-2007-3392 | 2 Redhat, Wireshark | 2 Enterprise Linux, Wireshark | 2025-04-09 | N/A |
| Wireshark before 0.99.6 allows remote attackers to cause a denial of service via malformed (1) SSL or (2) MMS packets that trigger an infinite loop. | ||||
| CVE-2007-3398 | 1 Perception | 1 Liteweb | 2025-04-09 | N/A |
| LiteWEB 2.7 allows remote attackers to cause a denial of service (hang) via a large number of requests for nonexistent pages. | ||||
| CVE-2007-3402 | 1 Pagetool | 1 Pagetool | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in pagetool 1.07 allows remote attackers to execute arbitrary SQL commands via the news_id parameter in a pagetool_news action. | ||||
| CVE-2007-3404 | 1 Sitedepth | 1 Sitedepth Cms | 2025-04-09 | N/A |
| Directory traversal vulnerability in ShowImage.php in SiteDepth CMS 3.44 allows remote attackers to read arbitrary files via a .. (dot dot) in the name parameter. | ||||
| CVE-2007-3415 | 1 Phpraider | 1 Phpraider | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in index.php in phpRaider 1.0.0 rc8 allow remote attackers to execute arbitrary SQL commands via the (1) id or (2) type parameter. | ||||
| CVE-2007-3419 | 1 Web-app.org | 1 Webapp | 2025-04-09 | N/A |
| The editprofile3 function in cgi-bin/cgi-lib/user.pl in web-app.org WebAPP before 0.9.9.7 does not properly check the (1) themes.dat, (2) languages.dat, (3) profession.dat, (4) gen.dat, (5) marstat.dat, (6) states.dat, and (7) ages.dat files before saving profile settings of members, which has unknown impact and remote attack vectors. | ||||
| CVE-2007-3426 | 1 Zoneo-soft | 1 Phptraffica | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in phpTrafficA 1.4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the lang parameter. | ||||
| CVE-2007-3427 | 1 Zoneo-soft | 1 Phptraffica | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in phpTrafficA 1.4.2 and earlier allows remote attackers to execute arbitrary SQL commands via the pageid parameter in a stats action. | ||||
| CVE-2007-3432 | 1 Pluxml | 1 Pluxml | 2025-04-09 | N/A |
| Unrestricted file upload vulnerability in admin/images.php in Pluxml 0.3.1 allows remote attackers to upload and execute arbitrary PHP code via a .jpg filename. | ||||
| CVE-2007-3433 | 1 Netart Media | 1 Pharmacy System | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in Pharmacy System 2 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter in an add action. | ||||
| CVE-2007-3434 | 1 Netart Media | 1 Pharmacy System | 2025-04-09 | N/A |
| index.php in Pharmacy System 2 and earlier allows remote attackers to obtain sensitive information via a ' (quote) character in the page parameter, which reveals the table prefix in an error message. | ||||
| CVE-2007-3435 | 1 Rkd Software | 1 Barcode Activex | 2025-04-09 | N/A |
| Stack-based buffer overflow in the BeginPrint method in a certain ActiveX control in RKD Software (barcodetools.com) BarCodeAx.dll 4.9 allows remote attackers to execute arbitrary code via a long argument. | ||||
| CVE-2007-3436 | 1 Microsoft | 2 Msn Messenger, Windows Xp | 2025-04-09 | N/A |
| Microsoft MSN Messenger 4.7 on Windows XP allows remote attackers to cause a denial of service (resource consumption) via a flood of SIP INVITE requests to the port specified for voice conversation. | ||||
| CVE-2007-3438 | 1 Nortel | 1 Sip Softphone | 2025-04-09 | N/A |
| Buffer overflow in the SIP header parsing module in the Nortel PC Client SIP Soft Phone 4.1 3.5.208[20051015] allows remote attackers to execute arbitrary code via a malformed message, a different vulnerability than CVE-2007-3361. | ||||