Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-2288 | 1 Doruk100.net | 1 Doruk100net | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in info.php in Doruk100.net doruk100net allows remote attackers to execute arbitrary PHP code via a URL in the file parameter. | ||||
| CVE-2007-2293 | 1 Asterisk | 1 Asterisk | 2026-04-23 | N/A |
| Multiple stack-based buffer overflows in the process_sdp function in chan_sip.c of the SIP channel T.38 SDP parser in Asterisk before 1.4.3 allow remote attackers to execute arbitrary code via a long (1) T38FaxRateManagement or (2) T38FaxUdpEC SDP parameter in an SIP message, as demonstrated using SIP INVITE. | ||||
| CVE-2007-2294 | 1 Asterisk | 1 Asterisk | 2026-04-23 | N/A |
| The Manager Interface in Asterisk before 1.2.18 and 1.4.x before 1.4.3 allows remote attackers to cause a denial of service (crash) by using MD5 authentication to authenticate a user that does not have a password defined in manager.conf, resulting in a NULL pointer dereference. | ||||
| CVE-2007-2298 | 1 Gforge | 1 Garennes | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Garennes 0.6.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the repertoire_config parameter to index.php in (1) cpe/, (2) direction/, or (3) professeurs/. | ||||
| CVE-2007-2301 | 1 Arash | 1 Audiocms | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in audioCMS arash 0.1.4 allow remote attackers to execute arbitrary PHP code via a URL in the arashlib_dir parameter to (1) edit.inc.php and (2) list_features.inc.php in arash_lib/include, and (3) arash_gadmin.class.php and (4) arash_sadmin.class.php in arash_lib/class/. | ||||
| CVE-2007-2311 | 1 Bloofoxcms | 1 Bloofoxcms | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in install/index.php in BlooFoxCMS 0.2.2 allows remote attackers to execute arbitrary PHP code via a URL in the content_php parameter. NOTE: this issue has been disputed by a reliable third party, stating that content_php is initialized before use | ||||
| CVE-2007-2321 | 1 Silverstripe | 1 Silverstripe | 2026-04-23 | N/A |
| Unspecified vulnerability in the search functionality in SilverStripe 2.0.0 has unknown impact and attack vectors. | ||||
| CVE-2007-2316 | 1 Open Business Management | 1 Open Business Management | 2026-04-23 | N/A |
| Unspecified vulnerability in the admin script in Open Business Management (OBM) before 2.0.0 allows remote attackers to have an unknown impact by calling the script "in txt mode from a browser." | ||||
| CVE-2007-2318 | 1 Filezilla | 1 Filezilla | 2026-04-23 | N/A |
| Multiple format string vulnerabilities in FileZilla before 2.2.32 allow remote attackers to execute arbitrary code via format string specifiers in (1) FTP server responses or (2) data sent by an FTP server. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-2320 | 1 Papoo | 1 Papoo | 2026-04-23 | N/A |
| SQL injection vulnerability in kontakt.php in Papoo 3.02 and earlier allows remote attackers to execute arbitrary SQL commands via the menuid parameter, a different vector than CVE-2005-4478. | ||||
| CVE-2007-2324 | 1 Julmajanne | 1 Julmacms | 2026-04-23 | N/A |
| Directory traversal vulnerability in file.php in JulmaCMS 1.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | ||||
| CVE-2007-2325 | 1 Mynewsgroup | 1 Mynewsgroup | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in include.php in MyNewsGroups :) allows remote attackers to execute arbitrary PHP code via a URL in the myng_root parameter. | ||||
| CVE-2007-2327 | 1 Labs4 | 1 Htmleditbox | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in _editor.php in HTMLeditbox 2.2 allows remote attackers to execute arbitrary PHP code via a URL in the settings[app_dir] parameter. | ||||
| CVE-2007-2328 | 1 Phpmytgp | 1 Phpmytgp | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in addvip.php in phpMYTGP 1.4b allows remote attackers to execute arbitrary PHP code via a URL in the msetstr[PROGSDIR] parameter. | ||||
| CVE-2007-2329 | 1 Searchactivity | 1 Searchactivity | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in searchbot.php in Searchactivity allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. | ||||
| CVE-2007-2334 | 1 Nortel | 2 Contivity, Vpn Router 5000 | 2026-04-23 | N/A |
| Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 has two template HTML files lacking certain verification tags, which allows remote attackers to access the administration interface and change the device configuration via certain requests. | ||||
| CVE-2007-2335 | 1 Lunascape | 1 Lunascape | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the RSS feed reader functionality in Lunascape 4.1.3 build2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2007-2336 | 1 Intervations | 1 Navicopa Web Server | 2026-04-23 | N/A |
| Unspecified vulnerability in InterVations NaviCOPA Web Server 2.01 20070323 allows remote attackers to cause a denial of service (daemon crash) via crafted HTTP requests, as demonstrated by long requests containing '\A' characters, probably a different issue than CVE-2006-5112 and CVE-2007-1733. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-7137 | 1 Eye.fi | 1 Eye-fi Manager | 2026-04-23 | N/A |
| WS-Proxy in Eye-Fi 1.1.2 allows remote attackers to cause a denial of service (crash) via an empty query string to port 59278 and other unspecified vectors. | ||||
| CVE-2007-2366 | 1 Corel | 1 Paint Shop Pro | 2026-04-23 | N/A |
| Buffer overflow in Corel Paint Shop Pro 11.20 allows user-assisted remote attackers to execute arbitrary code via a crafted .PNG file. | ||||