Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-0204 1 Phpmyadmin 1 Phpmyadmin 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.9.2-rc1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information.
CVE-2008-7065 1 Siemens 2 Gigaset C450 Ip, Gigaset C475 Ip 2026-04-23 N/A
Siemens C450 IP and C475 IP VoIP devices allow remote attackers to cause a denial of service (disconnected calls and device reboot) via a crafted SIP packet to UDP port 5060.
CVE-2007-2641 1 W1l3d4 1 Philboard 2026-04-23 N/A
SQL injection vulnerability in W1L3D4_bolum.asp in W1L3D4 Philboard 0.2 allows remote attackers to execute arbitrary SQL commands via the forumid parameter, a different vector than CVE-2007-0920.
CVE-2007-4349 1 Hp 4 Openview Performance Agent, Openview Reporter, Performance Agent and 1 more 2026-04-23 N/A
The Shared Trace Service (aka OVTrace) in HP Performance Agent C.04.70 (aka 4.70), HP OpenView Performance Agent C.04.60 and C.04.61, HP Reporter 3.8, and HP OpenView Reporter 3.7 (aka Report 3.70) allows remote attackers to cause a denial of service via an unspecified series of RPC requests (aka Trace Event Messages) that triggers an out-of-bounds memory access, related to an erroneous object reference.
CVE-2006-5440 1 Comdev 1 Comdev Form Designer 2026-04-23 N/A
PHP remote file inclusion vulnerability in adminfoot.php in Comdev Form Designer 4.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
CVE-2007-2006 1 Pl-php 1 Pl-php 2026-04-23 N/A
Multiple SQL injection vulnerabilities in login.php in pL-PHP beta 0.9 allow remote attackers to execute arbitrary SQL commands via the (1) login or (2) pass parameter.
CVE-2007-4357 1 Mozilla 1 Firefox 2026-04-23 N/A
Mozilla Firefox 2.0.0.6 and earlier allows remote attackers to spoof the contents of the status bar via a link to a data: URI containing an encoded URL. NOTE: the severity of this issue has been disputed by a reliable third party, since the intended functionality of the status bar allows it to be modified.
CVE-2007-4365 1 Exv2 1 Content Management System 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in eXV2 CMS 2.0.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a set_lang cookie to an unspecified component. NOTE: this may overlap CVE-2007-1965.
CVE-2007-2004 1 Inoutmailinglistmanager 1 Inoutmailinglistmanager 2026-04-23 N/A
Multiple SQL injection vulnerabilities in InoutMailingListManager 3.1 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter to changename.php and other unspecified vectors.
CVE-2006-7200 1 Emc 1 Rsa Security Sitekey 2026-04-23 N/A
EMC RSA Security SiteKey issues challenge-bypass tokens that persist forever without a cancellation interface for end users, which makes it easier for attackers to bypass one stage of authentication by stealing and replaying a token.
CVE-2006-7057 1 Sphider 1 Sphider 2026-04-23 N/A
SQL injection vulnerability in search.php in Sphider before 1.3.1c allows remote attackers to execute arbitrary SQL commands via the category parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: this issue might be primary to CVE-2006-2506.2.
CVE-2006-7042 1 Chipmunk Scripts 1 Chipmunk Directory 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in directory/index.php in Chipmunk directory allows remote attackers to inject arbitrary web script or HTML via the start parameter.
CVE-2006-6995 1 V3 Chat 1 V3chat Instant Messenger 2026-04-23 N/A
mycontacts.php in V3 Chat allows remote authenticated users to gain privileges as other users via a modified membername parameter.
CVE-2006-6853 1 Mozilla 1 Durian Web Application Server 2026-04-23 N/A
Buffer overflow in Durian Web Application Server 3.02 freeware on Windows allows remote attackers to execute arbitrary code via a long string in a crafted packet to TCP port 4002.
CVE-2006-5433 1 Timm Maass 1 Alice Cms 2026-04-23 N/A
PHP remote file inclusion vulnerability in modules/guestbook/index.php in ALiCE-CMS 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[local_root] parameter.
CVE-2006-6668 1 Verliadmin 1 Verliadmin 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in VerliAdmin 0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-6485 1 Shopsite 1 Shopsite 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in ShopSite 8.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the prevlocation parameter in shopper/sc/registration.cgi and other unspecified vectors.
CVE-2009-1517 1 Symantec 1 Norton Ghost 2026-04-23 N/A
Multiple insecure method vulnerabilities in the Symantec.EasySetup.1 ActiveX control in EasySetupInt.dll 14.0.4.30167 in the EasySetup wizard in Symantec Norton Ghost 14.0 allow remote attackers to cause a denial of service (browser crash) and possibly execute arbitrary code via unspecified input to the (1) GetBackupLocationPath, (2) CallUninstall, (3) SetupDeleteVolume, (4) CanUseEasySetup, (5) CallAddInitialProtection, and (6) CallTour methods.
CVE-2007-4120 1 Jelsoft 1 Vbulletin 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in Jelsoft vBulletin 3.6.5 allow remote attackers to execute arbitrary PHP code via a URL in the (1) classfile parameter to includes/functions.php, the (2) nextitem parameter to includes/functions_cron.php, and the (3) specialtemplates parameter to includes/functions_forumdisplay.php. NOTE: this issue is disputed by a reliable third party who states "further investigation has revealed that the application is not vulnerable to this issue." The original researcher also has a history of erroneous claims
CVE-2007-2646 1 Yenc32 1 Yenc32 2026-04-23 N/A
Heap-based buffer overflow in yEnc32 1.0.7.207 allows user-assisted remote attackers to execute arbitrary code via a long filename in an NTX file.