Export limit exceeded: 346183 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346183 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-4590 | 1 Hp | 3 Dynrootdisk, Hp-ux, Ignite-ux | 2026-04-23 | N/A |
| The get_system_info command in Ignite-UX C.7.0 through C.7.3, and DynRootDisk (DRD) A.1.0.16.417 through A.2.0.0.592, on HP-UX B.11.11, B.11.23, and B.11.31 does not inform local users of networking changes made by the command, which has unknown impact and attack vectors. | ||||
| CVE-2009-3218 | 1 The-ghost | 1 Ar Web Content Manager | 2026-04-23 | N/A |
| SQL injection vulnerability in control/login.php in AR Web Content Manager (AWCM) 2.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2009-3322 | 1 Siemens | 1 Gigaset Se361 Wlan Router | 2026-04-23 | N/A |
| The Siemens Gigaset SE361 WLAN router allows remote attackers to cause a denial of service (device reboot) via a flood of crafted TCP packets to port 1723. | ||||
| CVE-2007-4595 | 1 The Seasar Foundation | 1 Mayaa | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Mayaa before 1.1.12 allows remote attackers to inject arbitrary web script or HTML in certain circumstances involving (1) lack of charset specification within a META element or (2) a META element that specifies an unrecognized charset, which trigger automatic character set recognition by the web browser, as demonstrated by improper handling of UTF-7 data. | ||||
| CVE-2008-2765 | 1 Xigla | 1 Absolute Image Gallery Xe | 2026-04-23 | N/A |
| SQL injection vulnerability in gallery.asp in Xigla Absolute Image Gallery XE allows remote attackers to execute arbitrary SQL commands via the categoryid parameter in a viewimage action. | ||||
| CVE-2008-3731 | 1 Solarwinds | 1 Serv-u File Server | 2026-04-23 | N/A |
| Unspecified vulnerability in Serv-U File Server 7.0.0.1, and other versions before 7.2.0.1, allows remote authenticated users to cause a denial of service (daemon crash) via an SSH session with SFTP commands for directory creation and logging. | ||||
| CVE-2007-4599 | 1 Realnetworks | 2 Realone Player, Realplayer | 2026-04-23 | N/A |
| Stack-based buffer overflow in RealNetworks RealPlayer 10 and possibly 10.5, and RealOne Player 1 and 2, for Windows allows remote attackers to execute arbitrary code via a crafted playlist (PLS) file. | ||||
| CVE-2008-4114 | 1 Microsoft | 5 Windows 2000, Windows Server 2003, Windows Server 2008 and 2 more | 2026-04-23 | N/A |
| srv.sys in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via an SMB WRITE_ANDX packet with an offset that is inconsistent with the packet size, related to "insufficiently validating the buffer size," as demonstrated by a request to the \PIPE\lsarpc named pipe, aka "SMB Validation Denial of Service Vulnerability." | ||||
| CVE-2009-3220 | 1 Tecnick | 1 Aiocp | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in cp_html2txt.php in All In One Control Panel (AIOCP) 1.4.001 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. | ||||
| CVE-2009-3323 | 1 Robig | 1 Barosmini | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in BAnner ROtation System mini (BAROSmini) 0.32.595 allow remote attackers to execute arbitrary PHP code via a URL in the baros_path parameter to (1) include/common_functions.php, and the main_path parameter to (2) lib_users.php, (3) lib_stats.php, and (4) lib_slots.php in include/lib/. | ||||
| CVE-2007-4603 | 1 Altercoder | 1 Acg News | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in index.php in ACG News 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the aid parameter in a showarticle action or (2) the catid parameter in a showcat action. | ||||
| CVE-2007-4604 | 1 Dinkumsoft.com | 1 Dl Paycart | 2026-04-23 | N/A |
| SQL injection vulnerability in viewitem.php in DL PayCart 1.01 allows remote attackers to execute arbitrary SQL commands via the ItemID parameter. | ||||
| CVE-2009-3222 | 1 Freewebscriptz | 1 Honest Traffic | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in FreeWebScriptz Honest Traffic (FWSHT) 1.x allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | ||||
| CVE-2009-3324 | 1 Andres G Aragoneses | 1 Prodler | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in include/prodler.class.php in ProdLer 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the sPath parameter. | ||||
| CVE-2007-4611 | 1 Dale Mooney | 1 Calendar Events | 2026-04-23 | N/A |
| SQL injection vulnerability in viewevent.php in Moonware (aka Dale Mooney Gallery) allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2007-4612 | 1 Dale Mooney | 1 Contact Form | 2026-04-23 | N/A |
| CRLF injection vulnerability in contact.php in Moonware (aka Dale Mooney Gallery) allows remote attackers to add arbitrary mail headers via CRLF sequences in the subject parameter. NOTE: this can be leveraged for spam by adding To or Cc headers. | ||||
| CVE-2008-2766 | 1 Xigla | 1 Absolute Image Gallery Xe | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Xigla Absolute Image Gallery XE allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in (1) admin/search.asp and (2) gallery.asp. | ||||
| CVE-2009-3225 | 1 Almondsoft | 1 Almond Classifieds | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in AlmondSoft Almond Classifieds Wap and Pro, and possibly Almond Affiliate Network Classifieds, allow remote attackers to inject arbitrary web script or HTML via (1) the page parameter in a browse action to index.php or (2) the addr parameter to gmap.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-3325 | 2 Focusdev, Joomla | 2 Com Surveymanager, Joomla | 2026-04-23 | N/A |
| SQL injection vulnerability in the Focusplus Developments Survey Manager (com_surveymanager) component 1.5.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the stype parameter in an editsurvey action to index.php. | ||||
| CVE-2007-4621 | 1 Ibm | 1 Aix | 2026-04-23 | N/A |
| Buffer overflow in crontab in IBM AIX 5.2 allows local users to gain privileges via long command line arguments. | ||||