Export limit exceeded: 347789 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 347789 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29908 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-3158 | 1 Tenyearsgone | 1 Asp Folder Gallery | 2026-04-23 | N/A |
| download_script.asp in ASP Folder Gallery allows remote attackers to read arbitrary files via a filename in the file parameter. | ||||
| CVE-2007-3159 | 1 Miniweb Http Server | 1 Miniweb Http Server | 2026-04-23 | N/A |
| http.c in MiniWeb Http Server 0.8.x allows remote attackers to cause a denial of service (application crash) via a negative value in the Content-Length HTTP header. | ||||
| CVE-2007-3160 | 1 Php Real Estate Classifieds | 1 Php Real Estate Classifieds | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in admin/header.php in PHP Real Estate Classifieds Premium Plus allows remote attackers to execute arbitrary PHP code via a URL in the loc parameter. | ||||
| CVE-2007-3161 | 1 Visicom Media | 1 Ace-ftp | 2026-04-23 | N/A |
| Buffer overflow in Ace-FTP Client 1.24a allows user-assisted, remote FTP servers to execute arbitrary code via a long response. | ||||
| CVE-2007-3162 | 1 Westbyte | 1 Internet Download Accelerator | 2026-04-23 | N/A |
| Buffer overflow in the NotSafe function in the idaiehlp ActiveX control in idaiehlp.dll 1.9.1.74 in Internet Download Accelerator (ida) 5.2 allows remote attackers to cause a denial of service (Internet Explorer crash) via a long argument. | ||||
| CVE-2007-3449 | 1 Gorani Network | 1 6alblog | 2026-04-23 | N/A |
| SQL injection vulnerability in member.php in 6ALBlog allows remote attackers to execute arbitrary SQL commands via the newsid parameter. | ||||
| CVE-2007-1510 | 1 Particle Blogger | 1 Particle Blogger | 2026-04-23 | N/A |
| SQL injection vulnerability in post.php in Particle Blogger 1.0.0 through 1.2.0 allows remote attackers to execute arbitrary SQL commands via the postid parameter. | ||||
| CVE-2007-3166 | 1 Qualcomm | 1 Eudora | 2026-04-23 | N/A |
| Buffer overflow in Qualcomm Eudora 7.1.0.9 allows user-assisted, remote IMAP servers to execute arbitrary code via a long FLAGS response to a SELECT INBOX command. | ||||
| CVE-2007-3167 | 1 Vivotek | 1 Mjpegcontrol | 2026-04-23 | N/A |
| Stack-based buffer overflow in the Vivotek Motion Jpeg ActiveX control (aka MjpegControl) in MjpegDecoder.dll 2.0.0.13 allows remote attackers to execute arbitrary code via a long PtzUrl property value. | ||||
| CVE-2007-3168 | 1 Edraw | 1 Office Viewer Component | 2026-04-23 | N/A |
| A certain ActiveX control in the EDraw Office Viewer Component (edrawofficeviewer.ocx) 4.0.5.20, and other versions before 5.0, allows remote attackers to delete arbitrary files via the DeleteLocalFile method. | ||||
| CVE-2007-3170 | 1 Uebimiau | 1 Uebimiau | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Uebimiau Webmail allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO to redirect.php or (2) the selected_theme parameter to demo/pop3/error.php. | ||||
| CVE-2009-0134 | 1 Share2 | 1 Easy Grid Control | 2026-04-23 | N/A |
| Insecure method vulnerability in the EasyGrid.SGCtrl.32 ActiveX control in EasyGrid.ocx 1.0.0.1 in AAA EasyGrid ActiveX 3.51 allows remote attackers to create and overwrite arbitrary files via the (1) DoSaveFile or (2) DoSaveHtmlFile method. NOTE: vector 1 could be leveraged for code execution by creating executable files in Startup folders or by accessing files using hcp:// URLs. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-3173 | 1 Almnzm | 1 Almnzm | 2026-04-23 | N/A |
| Almnzm allows remote attackers to obtain sensitive information via an activateorder request to index.php with an invalid orderid parameter, probably related to '[' and ']' characters. | ||||
| CVE-2007-3174 | 1 W2b | 1 Online Banking | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in auth.w2b in W2B Online Banking allows remote attackers to inject arbitrary web script or HTML via the adtype parameter, a different vector than CVE-2006-1980. | ||||
| CVE-2007-3175 | 1 W2b | 1 Online Banking | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in W2B Online Banking allow remote attackers to execute arbitrary SQL commands via (1) the draft parameter to mailer.w2b or (2) the listDocPay parameter to DocPay.w2b. | ||||
| CVE-2007-3176 | 1 Ingate | 2 Ingate Firewall, Ingate Siparator | 2026-04-23 | N/A |
| Unspecified vulnerability in Ingate Firewall and SIParator before 4.5.2 allows remote authenticated users without full privileges to download a Support Report. | ||||
| CVE-2007-3178 | 1 Zindizayn Okul Web Sistemi | 1 Zindizayn Okul Web Sistemi | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Zindizayn Okul Web Sistemi 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id or (2) pass parameter to (a) mezungiris.asp or (b) ogretmenkontrol.asp. | ||||
| CVE-2007-3179 | 1 Particle Blogger | 1 Particle Blogger | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in archives.php in Particle Blogger 1.2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the month parameter and other unspecified vectors. | ||||
| CVE-2007-3183 | 1 Vincent Hor | 1 Calendarix | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Calendarix 0.7.20070307, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) month and (2) year parameters to calendar.php and the (3) search string to cal_search.php. | ||||
| CVE-2007-3188 | 1 Geometrix Download Portal | 1 Geometrix Download Portal | 2026-04-23 | N/A |
| SQL injection vulnerability in down_indir.asp in Fullaspsite GeometriX Download Portal allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||