Export limit exceeded: 29902 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29902 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-0303 | 1 Pancake.org | 1 Zina | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in Zina 1.0rc1 and earlier have unknown impact and attack vectors related to "Potential security bugs." | ||||
| CVE-2006-5911 | 1 Campware.org | 1 Campsite | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Campware Campsite before 2.6.2 allow remote attackers to execute arbitrary PHP code via a URL in the g_documentRoot parameter to (1) Alias.php, (2) Article.php, (3) ArticleAttachment.php, (4) ArticleComment.php, (5) ArticleData.php, (6) ArticleImage.php, (7) ArticleIndex.php, (8) ArticlePublish.php, (9) ArticleTopic.php, (10) ArticleType.php, (11) ArticleTypeField.php, (12) Attachment.php, (13) Country.php, (14) DatabaseObject.php, (15) Event.php, (16) IPAccess.php, (17) Image.php, (18) Issue.php, (19) IssuePublish.php, (20) Language.php, (21) Log.php, (22) LoginAttempts.php, (23) Publication.php, (24) Section.php, (25) ShortURL.php, (26) Subscription.php, (27) SubscriptionDefaultTime.php, (28) SubscriptionSection.php, (29) SystemPref.php, (30) Template.php, (31) TimeUnit.php, (32) Topic.php, (33) UrlType.php, (34) User.php, and (35) UserType.php in implementation/management/classes/; (36) configuration.php and (37) db_connect.php in implementation/management/; and (38) LocalizerConfig.php and (39) LocalizerLanguage.php in implementation/management/priv/localizer/. | ||||
| CVE-2007-0308 | 1 Plain Black | 1 Webgui | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Plain Black WebGUI before 7.3.4 (beta) allows remote attackers to inject arbitrary web script or HTML via Wiki Page titles. | ||||
| CVE-2007-0310 | 1 Bmc | 1 Remedy Action Request System | 2026-04-23 | N/A |
| BMC Remedy Action Request System 5.01.02 Patch 1267 generates different error messages for failed login attempts with a valid username than for those with an invalid username, which allows remote attackers to determine valid account names. | ||||
| CVE-2007-0311 | 1 Texas Imperial Software | 2 Wftpd, Wftpd Pro Server | 2026-04-23 | N/A |
| Texas Imperial Software WFTPD and WFTPD Pro Server 3.25 and earlier allow remote attackers to cause a denial of service (application crash) via a long SITE ADMIN command. | ||||
| CVE-2007-0312 | 1 Wcsimple Poll | 1 Wcsimple Poll | 2026-04-23 | N/A |
| wcSimple Poll stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain password hashes via a direct request for password.txt. | ||||
| CVE-2007-0313 | 1 Gonicus | 1 Gonicus System Administration | 2026-04-23 | N/A |
| Unspecified vulnerability in GONICUS System Administration (GOsa) before 2.5.8 allows remote authenticated users to modify certain settings, including the admin password, via crafted POST requests. | ||||
| CVE-2006-5919 | 1 Activecampaign | 1 Knowledgebuilder | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in admin/e_data/visEdit_control.class.php in ActiveCampaign KnowledgeBuilder 2.2 allows remote attackers to execute arbitrary PHP code via a URL in the visEdit_root parameter, a different vector than CVE-2003-1131. | ||||
| CVE-2007-0317 | 1 Filezilla | 1 Filezilla | 2026-04-23 | N/A |
| Format string vulnerability in the LogMessage function in FileZilla before 3.0.0-beta5 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted arguments. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-0318 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| The do_hfs_truncate function in Mac OS X 10.4.8 allows context-dependent attackers to cause a denial of service (kernel panic) via a crafted HFS+ filesystem in a DMG image, which causes an access of an invalid vnode structure during file removal. | ||||
| CVE-2007-0319 | 1 Motive Incorporated | 2 Self Service Manager, Service Activation Manager | 2026-04-23 | N/A |
| Multiple stack-based buffer overflows in the Motive ActiveEmailTest.EmailData (ActiveUtils EmailData) ActiveX control in ActiveUtils.dll in Motive Service Activation Manager 5.1 and Self Service Manager 5.1 and earlier allow remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2007-0321 | 1 Macrovision | 1 Flexnet Connect | 2026-04-23 | N/A |
| Buffer overflow in the Update Service Agent ActiveX Control in isusweb.dll for Macrovision FLEXnet Connect (formerly InstallShield Update Service) allows remote attackers to execute arbitrary code via the Download method. | ||||
| CVE-2007-0324 | 1 Lizardtech | 1 Djvu Browser Plug-in | 2026-04-23 | N/A |
| Multiple buffer overflows in the LizardTech DjVu Browser Plug-in before 6.1.1 allow remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2007-0328 | 1 Macrovision | 2 Flexnet Connect, Update Service | 2026-04-23 | N/A |
| The DWUpdateService ActiveX control in the agent (agent.exe) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allows remote attackers to execute arbitrary commands via (1) the Execute method, and obtain the exit status using (2) the GetExitCode method. | ||||
| CVE-2007-0329 | 1 Joonas Viljanen | 1 Jv2 Folder Gallery | 2026-04-23 | N/A |
| download.php in Joonas Viljanen JV2 Folder Gallery allows remote attackers to read sensitive files via a relative pathname in the file parameter, as demonstrated by config/gallerysetup.php. NOTE: this issue might be resultant from a directory traversal vulnerability. | ||||
| CVE-2007-0330 | 1 Ipswitch | 1 Ws Ftp Pro | 2026-04-23 | N/A |
| Buffer overflow in wsbho2k0.dll, as used by wsftpurl.exe, in Ipswitch WS_FTP 2007 Professional allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long ftp:// URL in an HTML document, and possibly other vectors. | ||||
| CVE-2007-0331 | 1 Xentraz | 1 Liens Dynamiques | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in liens.php3 in liens_dynamiques 2.1 allows remote attackers to inject arbitrary web script or HTML by using the ajouter=1 query string and the add menu. | ||||
| CVE-2007-0334 | 1 Ingate | 1 Firewall And Siparator | 2026-04-23 | N/A |
| Unspecified vulnerability in the SIP module in InGate Firewall and SIParator before 4.5.1 allows remote attackers to conduct replay attacks on the authentication mechanism via unknown vectors. | ||||
| CVE-2007-0335 | 1 Jax Scripts | 1 Jax Petition Book | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in Jax Petition Book 1.0.3.06 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the languagepack parameter to (1) jax_petitionbook.php or (2) smileys.php. | ||||
| CVE-2007-0336 | 1 Rixstep | 1 Undercover | 2026-04-23 | N/A |
| Undercover.app/Contents/Resources/uc in Rixstep Undercover allows local users to overwrite arbitrary files, probably related to a race condition. | ||||