Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-2270 1 Linksys 1 Spa941 2026-04-23 N/A
The Linksys SPA941 VoIP Phone allows remote attackers to cause a denial of service (device reboot) via a 0377 (0xff) character in the From header, and possibly certain other locations, in a SIP INVITE request.
CVE-2007-2278 1 Dcp-portal 1 Dcp-portal 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in DCP-Portal 6.1.1 allow remote attackers to execute arbitrary PHP code via a URL in (1) the path parameter to library/adodb/adodb.inc.php, (2) the abs_path_editor parameter to library/editor/editor.php, or (3) the cfgfile_to_load parameter to admin/phpMyAdmin/libraries/common.lib.php.
CVE-2007-2285 1 Jack Slocum 1 Ext Js 2026-04-23 N/A
Directory traversal vulnerability in examples/layout/feed-proxy.php in Jack Slocum Ext 1.0 alpha1 (Ext JS) allows remote attackers to read arbitrary files via a .. (dot dot) in the feed parameter. NOTE: analysis by third party researchers indicates that this issue might be platform dependent.
CVE-2007-2282 1 Cisco 1 Netflow Collection Engine 2026-04-23 N/A
Cisco Network Services (CNS) NetFlow Collection Engine (NFC) before 6.0 has an nfcuser account with the default password nfcuser, which allows remote attackers to modify the product configuration and, when installed on Linux, obtain login access to the host operating system.
CVE-2007-2283 1 Freshdevices 1 Freshview 2026-04-23 N/A
Buffer overflow in Fresh View 7.15 allows user-assisted remote attackers to execute arbitrary code via a crafted .PSP file.
CVE-2007-2284 1 Abc-view 1 Abc-view Manager 2026-04-23 N/A
Buffer overflow in ABC-View Manager 1.42 allows user-assisted remote attackers to execute arbitrary code via a crafted .PSP file.
CVE-2007-2286 1 Built2go 1 Php Link Portal 2026-04-23 N/A
PHP remote file inclusion vulnerability in config.php in Built2Go PHP Link Portal 1.79 allows remote attackers to execute arbitrary PHP code via a URL in the full_path_to_db parameter.
CVE-2007-2287 1 Comus 1 Comus 2026-04-23 N/A
PHP remote file inclusion vulnerability in accept.php in comus 2.0 Final allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter.
CVE-2007-2288 1 Doruk100.net 1 Doruk100net 2026-04-23 N/A
PHP remote file inclusion vulnerability in info.php in Doruk100.net doruk100net allows remote attackers to execute arbitrary PHP code via a URL in the file parameter.
CVE-2007-2293 1 Asterisk 1 Asterisk 2026-04-23 N/A
Multiple stack-based buffer overflows in the process_sdp function in chan_sip.c of the SIP channel T.38 SDP parser in Asterisk before 1.4.3 allow remote attackers to execute arbitrary code via a long (1) T38FaxRateManagement or (2) T38FaxUdpEC SDP parameter in an SIP message, as demonstrated using SIP INVITE.
CVE-2007-2294 1 Asterisk 1 Asterisk 2026-04-23 N/A
The Manager Interface in Asterisk before 1.2.18 and 1.4.x before 1.4.3 allows remote attackers to cause a denial of service (crash) by using MD5 authentication to authenticate a user that does not have a password defined in manager.conf, resulting in a NULL pointer dereference.
CVE-2007-2298 1 Gforge 1 Garennes 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in Garennes 0.6.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the repertoire_config parameter to index.php in (1) cpe/, (2) direction/, or (3) professeurs/.
CVE-2007-2301 1 Arash 1 Audiocms 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in audioCMS arash 0.1.4 allow remote attackers to execute arbitrary PHP code via a URL in the arashlib_dir parameter to (1) edit.inc.php and (2) list_features.inc.php in arash_lib/include, and (3) arash_gadmin.class.php and (4) arash_sadmin.class.php in arash_lib/class/.
CVE-2007-2311 1 Bloofoxcms 1 Bloofoxcms 2026-04-23 N/A
PHP remote file inclusion vulnerability in install/index.php in BlooFoxCMS 0.2.2 allows remote attackers to execute arbitrary PHP code via a URL in the content_php parameter. NOTE: this issue has been disputed by a reliable third party, stating that content_php is initialized before use
CVE-2007-2321 1 Silverstripe 1 Silverstripe 2026-04-23 N/A
Unspecified vulnerability in the search functionality in SilverStripe 2.0.0 has unknown impact and attack vectors.
CVE-2007-2316 1 Open Business Management 1 Open Business Management 2026-04-23 N/A
Unspecified vulnerability in the admin script in Open Business Management (OBM) before 2.0.0 allows remote attackers to have an unknown impact by calling the script "in txt mode from a browser."
CVE-2007-2318 1 Filezilla 1 Filezilla 2026-04-23 N/A
Multiple format string vulnerabilities in FileZilla before 2.2.32 allow remote attackers to execute arbitrary code via format string specifiers in (1) FTP server responses or (2) data sent by an FTP server. NOTE: some of these details are obtained from third party information.
CVE-2007-2320 1 Papoo 1 Papoo 2026-04-23 N/A
SQL injection vulnerability in kontakt.php in Papoo 3.02 and earlier allows remote attackers to execute arbitrary SQL commands via the menuid parameter, a different vector than CVE-2005-4478.
CVE-2007-2324 1 Julmajanne 1 Julmacms 2026-04-23 N/A
Directory traversal vulnerability in file.php in JulmaCMS 1.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
CVE-2007-2325 1 Mynewsgroup 1 Mynewsgroup 2026-04-23 N/A
PHP remote file inclusion vulnerability in include.php in MyNewsGroups :) allows remote attackers to execute arbitrary PHP code via a URL in the myng_root parameter.