Export limit exceeded: 346602 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29902 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29902 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-2847 | 1 Hlstats | 1 Hlstats | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in hlstats.php in HLstats 1.35, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) authusername or (2) authpassword parameter, different vectors than CVE-2007-0840 and CVE-2007-2812. | ||||
| CVE-2007-2848 | 1 Sky Software | 2 Shcombobox Activex Control, Shell Megapack Activex | 2026-04-23 | N/A |
| Stack-based buffer overflow in the SetPath function in the shComboBox ActiveX control (shcmb80.ocx) in Sky Software Shell MegaPack ActiveX 8.0 allows remote attackers to execute arbitrary code via a long argument. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-2849 | 1 Knowledgetree Document Management | 1 Knowledgetree Document Management | 2026-04-23 | N/A |
| KnowledgeTree Document Management (aka KnowledgeTree Open Source) before STABLE 3.3.7 does not require a password for an unregistered user, when the user exists in Active Directory, which allows remote attackers to log onto KTDMS without the intended authorization check. | ||||
| CVE-2007-2850 | 1 Citrix | 2 Access Essentials, Metaframe | 2026-04-23 | N/A |
| The Session Reliability Service (XTE) in Citrix MetaFrame Presentation Server 3.0, Presentation Server 4.0, and Access Essentials 1.0 and 1.5, allows remote attackers to bypass network security policies and connect to arbitrary TCP ports via a modified address:port string. | ||||
| CVE-2007-2852 | 1 Eset Software | 1 Nod32 Antivirus | 2026-04-23 | N/A |
| Multiple stack-based buffer overflows in ESET NOD32 Antivirus before 2.70.37.0 allow remote attackers to execute arbitrary code during (1) delete/disinfect or (2) rename operations via a crafted directory name. | ||||
| CVE-2007-2853 | 1 H\+h | 2 Vcdapilibapi Activex Control, Virtual Cd | 2026-04-23 | N/A |
| The VCDAPILibApi ActiveX control in vc9api.DLL 9.0.0.57 in Virtual CD 9.0.0.2 allows remote attackers to execute arbitrary commands via a command line in the first argument to the VCDLaunchAndWait function. | ||||
| CVE-2007-2854 | 1 Bti-tracker | 1 Bti-tracker | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in account_change.php in BtiTracker 1.4.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) style or (2) langue parameter. | ||||
| CVE-2007-2857 | 1 Zakkis Technology Corporation | 1 Php Excel Parser | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in sample/xls2mysql in ABC Excel Parser Pro 4.0 allows remote attackers to execute arbitrary PHP code via a URL in the parser_path parameter. | ||||
| CVE-2007-2858 | 1 Phpbb | 1 Ip-tracking | 2026-04-23 | N/A |
| SQL injection vulnerability in the IP-Search functionality in the IP-Tracking Mod for phpBB 2.0.x allows remote authenticated administrators to execute arbitrary SQL commands via the Search Query field. | ||||
| CVE-2007-2860 | 1 Boastmachine | 1 Boastmachine | 2026-04-23 | N/A |
| user.php in BoastMachine 3.0 platinum allows remote authenticated users to gain privileges via a modified id parameter, as demonstrated by an edit_post action. | ||||
| CVE-2007-2861 | 1 Saxon | 1 Saxon | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Simple Accessible XHTML Online News (SAXON) 4.6 allow remote attackers to execute arbitrary PHP code via a URL in the template parameter to (1) news.php, (2) preview.php, or (3) archive-display.php. | ||||
| CVE-2007-2862 | 1 Devellion | 1 Cubecart | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in CubeCart 3.0.16 might allow remote attackers to execute arbitrary SQL commands via an unspecified parameter to cart.inc.php and certain other files in an include directory, related to missing sanitization of the $option variable and possibly cookie modification. | ||||
| CVE-2007-2864 | 2 Broadcom, Ca | 13 Anti-virus For The Enterprise, Brightstor Arcserve Backup, Common Services and 10 more | 2026-04-23 | N/A |
| Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a large invalid value of the coffFiles field in a .CAB file. | ||||
| CVE-2007-2865 | 1 Phppgadmin | 1 Phppgadmin | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in sqledit.php in phpPgAdmin 4.1.1 allows remote attackers to inject arbitrary web script or HTML via the server parameter. | ||||
| CVE-2007-2866 | 1 Phpecho Cms | 1 Phpecho Cms | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in modules/admin/modules/gallery.php in PHPEcho CMS 2.0-rc1 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter and possibly other parameters. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-3658 | 1 Microsoft | 1 Register Server | 2026-04-23 | N/A |
| Unspecified vulnerability in Microsoft Register Server (REGSVR) allows attackers to cause a denial of service via a crafted DLL library. | ||||
| CVE-2007-3659 | 1 Freewrl | 1 Freewrl | 2026-04-23 | N/A |
| Buffer overflow in the doBrowserAction function in FreeWRL 1.19.3 allows local users to execute arbitrary code via a crafted BROWSER environment variable. NOTE: it is not clear whether this issue crosses privilege boundaries. | ||||
| CVE-2007-3660 | 1 Nonnoi Solutions | 1 Asp Barcode | 2026-04-23 | N/A |
| The Nonnoi ASP/Barcode ActiveX control (nonnoi_ASPBarcode.dll) allows remote attackers to overwrite arbitrary files via an argument to the SaveBarcode function. | ||||
| CVE-2007-3665 | 1 Symantec | 1 Norton Ghost | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in FileBackup.DLL in Symantec Norton Ghost 12.0 allow remote attackers to cause a denial of service via unspecified vectors involving the UpdateCatalog and other functions. | ||||
| CVE-2007-3671 | 1 Microsoft | 1 Windows Vista | 2026-04-23 | N/A |
| Unspecified vulnerability in the kernel in Microsoft Windows Vista has unspecified remote attack vectors and impact, as shown in the "0day IPO" presentation at SyScan'07. | ||||