Export limit exceeded: 346183 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346183 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-6624 | 1 Pnphpbb | 1 Pnphpbb | 2026-04-23 | N/A |
| Directory traversal vulnerability in printview.php in PNphpBB2 1.2i and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the phpEx parameter. | ||||
| CVE-2009-3707 | 1 Vmware | 4 Ace, Player, Server and 1 more | 2026-04-23 | N/A |
| VMware Authentication Daemon 1.0 in vmware-authd.exe in the VMware Authorization Service in VMware Workstation 7.0 before 7.0.1 build 227600 and 6.5.x before 6.5.4 build 246459, VMware Player 3.0 before 3.0.1 build 227600 and 2.5.x before 2.5.4 build 246459, VMware ACE 2.6 before 2.6.1 build 227600 and 2.5.x before 2.5.4 build 246459, and VMware Server 2.x allows remote attackers to cause a denial of service (process crash) via a \x25\xFF sequence in the USER and PASS commands, related to a "format string DoS" issue. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-6627 | 1 Feng | 1 Feng | 2026-04-23 | N/A |
| Integer overflow in the RTSP_remove_msg function in RTSP_lowlevel.c in LScube Feng 0.1.15 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an RTP packet with a size value of 0xffff. | ||||
| CVE-2007-6630 | 1 Feng | 1 Feng | 2026-04-23 | N/A |
| The Url_init function in utils/url.c in Netembryo 0.0.4, when used by LScube Feng, allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a malformed URI containing a "/:" sequence, as demonstrated by a "DESCRIBE /: RTSP/1.0" request. | ||||
| CVE-2007-6632 | 1 Xml2owl | 1 Xml2owl | 2026-04-23 | N/A |
| showCode.php in xml2owl 0.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the path parameter. | ||||
| CVE-2008-2855 | 1 Ownrs | 1 Ownrs | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in clanek.php in OwnRS Beta 3 allows remote attackers to inject arbitrary web script or HTML via the id parameter. | ||||
| CVE-2009-3708 | 1 Konae | 1 Alleycode Html Editor | 2026-04-23 | N/A |
| Stack-based buffer overflow in the Meta Content Optimizer in Konae Technologies Alleycode HTML Editor 2.21 allows user-assisted remote attackers to execute arbitrary code via a long value in a (1) description or (2) keyword META tag. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-6635 | 1 Netbizcity | 1 Faqmasterflexplus | 2026-04-23 | N/A |
| FAQMasterFlexPlus, possibly 1.5 or 1.52, stores the admin password in cleartext in a database, which might allow context-dependent attackers to obtain the password via unspecified database access. | ||||
| CVE-2007-6636 | 1 Bitflu | 1 Bitflu | 2026-04-23 | N/A |
| Unspecified vulnerability in the StorageFarabDb module in Bitflu before 0.42 allows user-assisted remote attackers to create or append data to arbitrary files via a crafted .torrent file. | ||||
| CVE-2007-6639 | 1 Iptbb Team | 1 Iptbb | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in IPTBB 0.5.4 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter in a viewdir action. | ||||
| CVE-2008-2856 | 1 Ownrs | 1 Ownrs | 2026-04-23 | N/A |
| SQL injection vulnerability in clanek.php in OwnRS Beta 3 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-3712 | 1 Ebayclonescript | 1 Ebay Clone | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Ebay Clone 2009 allow remote attackers to execute arbitrary SQL commands via the (1) user_id parameter to feedback.php; and the item_id parameter to (2) view_full_size.php, (3) classifide_ad.php, and (4) crosspromoteitems.php. | ||||
| CVE-2007-6642 | 1 Joomla | 1 Joomla | 2026-04-23 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in Joomla! before 1.5 RC4 allow remote attackers to (1) add a Super Admin, (2) upload an extension containing arbitrary PHP code, and (3) modify the configuration as administrators via unspecified vectors. | ||||
| CVE-2007-6643 | 1 Joomla | 1 Joomla | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the com_poll component in Joomla! before 1.5 RC4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2007-6644 | 1 Joomla | 1 Joomla | 2026-04-23 | N/A |
| Joomla! before 1.5 RC4 allows remote authenticated administrators to promote arbitrary users to the administrator group, in violation of the intended security model. | ||||
| CVE-2007-6645 | 1 Joomla | 1 Joomla | 2026-04-23 | N/A |
| Unspecified vulnerability in Joomla! before 1.5 RC4 allows remote authenticated users to gain privileges via unspecified vectors, aka "registered user privilege escalation vulnerability." | ||||
| CVE-2007-6648 | 1 Sanybee Gallery | 1 Sanybee Gallery | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in SanyBee Gallery 0.1.0 and 0.1.1 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the p parameter. | ||||
| CVE-2007-6647 | 1 W-agora | 1 W-agora | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in w-Agora 4.2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cat parameter. | ||||
| CVE-2007-6649 | 1 Matpo Bilder Galerie | 1 Matpo Bilder Galerie | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in includes/tumbnail.php in MatPo Bilder Galerie 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter. | ||||
| CVE-2009-3714 | 1 Maniacomputer | 1 Mcshoutbox | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in admin_login.php in MCshoutbox 1.1 allows remote attackers to inject arbitrary web script or HTML via the loginerror parameter. | ||||