Export limit exceeded: 29899 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29899 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-1931 | 1 Smodcms | 1 Smodcms | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in the slownik module in SmodCMS 2.10 and earlier allows remote attackers to execute arbitrary SQL commands via the ssid parameter. | ||||
| CVE-2007-1932 | 1 Scar4u | 1 Scarnews | 2025-04-09 | N/A |
| Directory traversal vulnerability in scarnews.inc.php in ScarNews 1.2.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the sn_admin_dir parameter. | ||||
| CVE-2007-1933 | 1 Dreamcodes | 1 Pcp-guestbook | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in PcP-Guestbook (PcP-Book) 3.0 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter to (1) index.php, (2) gb.php, or (3) faq.php. | ||||
| CVE-2007-1934 | 1 Php-nuke | 1 Eboard Module | 2025-04-09 | N/A |
| Directory traversal vulnerability in member.php in the eBoard 1.0.7 module for PHP-Nuke allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the GLOBALS[name] parameter. | ||||
| CVE-2007-1935 | 1 Scar4u.de | 1 Scaradcontroller | 2025-04-09 | N/A |
| PHP file inclusion vulnerability in admin/index.php in ScarAdControl (ScarAdController) 1.1 allows remote attackers to execute arbitrary PHP code via a UNC share pathname or a local file pathname in the site parameter, which is accessed by the file_exists function. | ||||
| CVE-2007-1936 | 1 Scar4u.de | 1 Scaradcontroller | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in scaradcontrol.php in ScarAdControl (ScarAdController) 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the sac_config_dir parameter. | ||||
| CVE-2007-1937 | 1 Dreamcodes | 1 Scorp Book | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in smilies.php in Scorp Book 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the config parameter. | ||||
| CVE-2007-1939 | 1 Daniel Naber | 1 Languagetool | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in the embedded webserver in Daniel Naber LanguageTool before 0.8.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving an error message, possibly the demultiplex method in HTTPServer.java. | ||||
| CVE-2007-1940 | 1 Ibm | 1 Tivoli Business Service Manager | 2025-04-09 | N/A |
| IBM Tivoli Business Service Manager (TBSM) 4.1 before Interim Fix 1 logs passwords in plaintext, which allows local users to obtain sensitive information by reading (1) ncisetup.db or (2) msi.log. | ||||
| CVE-2007-1941 | 1 Ibm | 1 Lotus Notes | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in the Active Content Filter feature in Domino Web Access (DWA) in IBM Lotus Notes before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to inject arbitrary web script or HTML via a multipart/related e-mail message, a different issue than CVE-2006-4843. | ||||
| CVE-2007-1942 | 1 Faststone | 1 Image Viewer | 2025-04-09 | N/A |
| Integer overflow in FastStone Image Viewer 2.9 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a crafted BMP image, as demonstrated by wh3intof.bmp and wh4intof.bmp. | ||||
| CVE-2007-1943 | 1 Acd Systems | 1 Acdsee Photo Manager | 2025-04-09 | N/A |
| Integer overflow in ACDSee Photo Manager 9.0 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via large width image sizes in a crafted BMP image, as demonstrated by w3intof.bmp and w4intof.bmp. | ||||
| CVE-2007-1946 | 1 Microsoft | 1 Windows Xp | 2025-04-09 | N/A |
| Integer overflow in Windows Explorer in Microsoft Windows XP SP1 might allow user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large width dimension in a crafted BMP image, as demonstrated by w4intof.bmp. | ||||
| CVE-2007-1947 | 1 Parakey Inc. | 1 Firebug | 2025-04-09 | N/A |
| Cross-zone scripting vulnerability in the DOM templates (domplates) used by the console.log function in the Firebug extension before 1.04 for Mozilla Firefox allows remote attackers to bypass zone restrictions, read arbitrary file:// URIs, or execute arbitrary code in the browser chrome by overwriting the toString function via a certain function declaration, related to incorrect identification of anonymous JavaScript functions, a different issue than CVE-2007-1878. | ||||
| CVE-2007-1948 | 1 Irfanview | 1 Irfanview | 2025-04-09 | N/A |
| Buffer overflow in IrfanView 3.99 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via the (1) xoffset or (2) yoffset RLE command, or (3) large non-RLE encoded blocks in a crafted BMP image, as demonstrated by rle8of3.bmp and rle8of4.bmp. | ||||
| CVE-2007-1950 | 1 Webblizzard | 1 Content Management System | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in index_cms.php in WebBlizzard CMS allows remote attackers to inject arbitrary web script or HTML via the Suchzeile parameter. | ||||
| CVE-2007-1954 | 1 Archivexpert | 1 Archivexpert | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in ArchiveXpert 2.02 build 80 allow remote attackers to create files in arbitrary directories via a .. (dot dot) in a (1) .gz, (2) .jar, (3) .rar, (4) .tar.gz, (5) .zip, or (6) .tar file. | ||||
| CVE-2007-1955 | 1 Signkorea | 1 Skcommax Activex Control | 2025-04-09 | N/A |
| Multiple stack-based buffer overflows in the SignKorea SKCrypAX ActiveX control module 5.4.1.2 allow remote attackers to execute arbitrary code via a long string in unspecified arguments to the (1) DownloadCert, (2) DecryptFileByKey, and (3) EncryptFileByKey functions, a different module and vectors than CVE-2007-1722. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-1956 | 1 Ubbcentral | 1 Ubb.threads | 2025-04-09 | N/A |
| SQL injection vulnerability in ubbthreads.php in Groupee UBB.threads 6.1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the C parameter. | ||||
| CVE-2007-1957 | 1 Guernion Sylvain Portail | 1 Web Php | 2025-04-09 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Guernion Sylvain Portail Web Php (aka Gsylvain35 Portail Web, PwP) allow remote attackers to execute arbitrary PHP code via a URL in the pageAll parameter to index.php in (1) template/Vert/, or (2) template/Noir/. | ||||