Export limit exceeded: 29886 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29886 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-1187 | 1 Web-app.org | 1 Webapp | 2025-04-09 | N/A |
| WebAPP before 0.9.9.5 allows remote authenticated users, without admin privileges, to obtain sensitive information via (1) the Forum Archive feature and (2) Recent Searches. | ||||
| CVE-2007-1146 | 1 Delmaa.com | 1 Arabhost | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in function.php in arabhost allows remote attackers to execute arbitrary PHP code via a URL in the adminfolder parameter. | ||||
| CVE-2007-0148 | 1 Omnigroup | 1 Omniweb | 2025-04-09 | N/A |
| Format string vulnerability in OmniGroup OmniWeb 5.5.1 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via format string specifiers in the Javascript alert function. | ||||
| CVE-2006-5927 | 1 Asp Scripter | 2 Easy Portal, Live Support | 2025-04-09 | N/A |
| SQL injection vulnerability in cpLogin.asp in ASP Scripter Easy Portal 1.4 and Live Support 1.3 allows remote attackers to execute arbitrary SQL commands via the Password parameter. | ||||
| CVE-2007-1156 | 1 Man Machine Systems | 1 Jbrowser | 2025-04-09 | N/A |
| JBrowser allows remote attackers to bypass authentication and access certain administrative capabilities via a direct request for _admin/. | ||||
| CVE-2006-5943 | 1 Website Designs For Less | 1 Inventory Manager | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in inventory/display/imager.asp in Website Designs for Less Inventory Manager allow remote attackers to execute arbitrary SQL commands via the (1) pictable, (2) picfield, or (3) where parameter. | ||||
| CVE-2007-1175 | 1 Web-app.org | 1 Webapp | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in an admin feature in WebAPP before 20070209 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2007-1185 | 1 Web-app.org | 1 Webapp | 2025-04-09 | N/A |
| The (1) Search, (2) Edit Profile, (3) Recommend, and (4) User Approval forms in WebAPP before 0.9.9.5 use hidden inputs, which has unknown impact and remote attack vectors. | ||||
| CVE-2007-1186 | 1 Web-app.org | 1 Webapp | 2025-04-09 | N/A |
| WebAPP before 0.9.9.5 does not "censor" the Latest Member real name, which has unknown impact. | ||||
| CVE-2007-1183 | 1 Web-app.org | 1 Webapp | 2025-04-09 | N/A |
| WebAPP before 0.9.9.5 allows remote authenticated users to spoof another user's Real Name via whitespace, which has unknown impact and attack vectors. | ||||
| CVE-2007-1221 | 1 Microsoft | 1 Xbox 360 | 2025-04-09 | N/A |
| The Hypervisor in Microsoft Xbox 360 kernel 4532 and 4548 allows attackers with physical access to force execution of the hypervisor syscall with a certain register set, which bypasses intended code protection. | ||||
| CVE-2007-1232 | 1 Sqlite Manager | 1 Sqlite Manager | 2025-04-09 | N/A |
| Directory traversal vulnerability in SQLiteManager 1.2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in a SQLiteManager_currentTheme cookie. | ||||
| CVE-2007-1239 | 1 Microsoft | 1 Excel | 2025-04-09 | N/A |
| Microsoft Excel 2003 does not properly parse .XLS files, which allows remote attackers to cause a denial of service (application crash) via a file with a (1) corrupted XML format or a (2) corrupted XLS format, which triggers a NULL pointer dereference. | ||||
| CVE-2007-2437 | 1 X.org | 2 X Window System, Xserver | 2025-04-09 | N/A |
| The X render (Xrender) extension in X.org X Window System 7.0, 7.1, and 7.2, with Xserver 1.3.0 and earlier, allows remote authenticated users to cause a denial of service (daemon crash) via crafted values to the (1) XRenderCompositeTrapezoids and (2) XRenderAddTraps functions, which trigger a divide-by-zero error. | ||||
| CVE-2007-1254 | 1 Connectix | 1 Connectix Boards | 2025-04-09 | N/A |
| SQL injection vulnerability in part.userprofile.php in Connectix Boards 0.7 and earlier allows remote authenticated users to execute arbitrary SQL commands and obtain privileges via the p_skin parameter to index.php. | ||||
| CVE-2007-1252 | 1 Symantec | 1 Mail Security | 2025-04-09 | N/A |
| Buffer overflow in Symantec Mail Security for SMTP 5.0 before Patch 175 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted headers in an e-mail message. NOTE: some information was obtained from third party sources. | ||||
| CVE-2007-1303 | 1 Rrdbrowse | 1 Rrdbrowse | 2025-04-09 | N/A |
| Directory traversal vulnerability in rb.cgi in RRDBrowse 1.6 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | ||||
| CVE-2007-1271 | 1 Vmware | 1 Esx | 2025-04-09 | N/A |
| Buffer overflow in VMware ESX Server 3.0.0 and 3.0.1 might allow attackers to gain privileges or cause a denial of service (application crash) via unspecified vectors. | ||||
| CVE-2007-1266 | 1 Gnome | 1 Evolution | 2025-04-09 | N/A |
| Evolution 2.8.1 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Evolution from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message without detection. | ||||
| CVE-2007-1282 | 2 Mozilla, Redhat | 4 Seamonkey, Thunderbird, Enterprise Linux and 1 more | 2025-04-09 | N/A |
| Integer overflow in Mozilla Thunderbird before 1.5.0.10 and SeaMonkey before 1.0.8 allows remote attackers to trigger a buffer overflow and possibly execute arbitrary code via a text/enhanced or text/richtext e-mail message with an extremely long line. | ||||