Search Results (362524 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-0951 1 Fullaspsite 1 Asp Hosting Site 2026-04-23 N/A
SQL injection vulnerability in listmain.asp in Fullaspsite ASP Hosting Site allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2007-0934 1 Microsoft 1 Visio 2026-04-23 N/A
Unspecified vulnerability in Microsoft Visio 2002 allows remote user-assisted attackers to execute arbitrary code via a Visio (.VSD, VSS, .VST) file with a crafted version number that triggers memory corruption.
CVE-2007-0933 2 D-link, Microsoft 2 Dwl-g650\+, Windows Xp 2026-04-23 N/A
Buffer overflow in the wireless driver 6.0.0.18 for D-Link DWL-G650+ (Rev. A1) on Windows XP allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a beacon frame with a long TIM Information Element.
CVE-2007-0932 2 Alcatel-lucent, Aruba 2 Omniaccess Wireless, Mobility Controller 2026-04-23 N/A
The (1) Aruba Mobility Controllers 200, 600, 2400, and 6000 and (2) Alcatel-Lucent OmniAccess Wireless 43xx and 6000 do not properly implement authentication and privilege assignment for the guest account, which allows remote attackers to access administrative interfaces or the WLAN.
CVE-2007-0930 1 Apache Stats 1 Apache Stats 2026-04-23 N/A
Variable extract vulnerability in Apache Stats before 0.0.3beta allows attackers to modify arbitrary variables and conduct attacks via unknown vectors involving the use of PHP's extract function.
CVE-2007-0929 1 Guillaume Fontaine 1 Php Rrd Browser 2026-04-23 N/A
Directory traversal vulnerability in php rrd browser before 0.2.1 allows remote attackers to read arbitrary files via ".." sequences in the p parameter.
CVE-2007-0927 1 Utorrent 1 Utorrent 2026-04-23 N/A
Heap-based buffer overflow in uTorrent 1.6 allows remote attackers to execute arbitrary code via a torrent file with a crafted announce header.
CVE-2007-0926 1 Kvguestbook 1 Kvguestbook 2026-04-23 N/A
The dologin function in guestbook.php in KvGuestbook 1.0 Beta allows remote attackers to gain administrative privileges, probably via modified $mysql['pass'] and $gbpass variables.
CVE-2007-0925 1 Communityserver.org 1 Community Server 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in search/SearchResults.aspx in Community Server allows remote attackers to inject arbitrary web script or HTML via the q parameter.
CVE-2007-0924 1 Till Gerken 1 Phppolls 2026-04-23 N/A
Till Gerken phpPolls 1.0.3 allows remote attackers to bypass authentication and perform certain administrative actions via a direct request to phpPollAdmin.php3. NOTE: this issue might subsume CVE-2006-3764.
CVE-2007-0923 1 Radical Technologies 1 Portal Search 2026-04-23 N/A
buscador/buscador.htm in Portal Search allows remote attackers to obtain sensitive information (business logic) via a query string composed of a search for certain characters.
CVE-2007-0922 1 Radical Technologies 1 Portal Search 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in buscador/buscador.htm in Portal Search allows remote attackers to inject arbitrary web script or HTML via the query string.
CVE-2007-0921 1 Radical Technologies 1 Portal Search 2026-04-23 N/A
Portal Search allows remote attackers to redirect a URL to an arbitrary web site by placing the URL in the query string to the top-level URI.
CVE-2007-0920 1 Philboard 1 Philboard 2026-04-23 N/A
SQL injection vulnerability in philboard_forum.asp in Philboard 1.14 and earlier allows remote attackers to execute arbitrary SQL commands via the forumid parameter.
CVE-2007-0918 1 Cisco 1 Ios 2026-04-23 N/A
The ATOMIC.TCP signature engine in the Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XA, 12.3YA, 12.3T, and other trains allows remote attackers to cause a denial of service (IPS crash and traffic loss) via unspecified manipulations that are not properly handled by the regular expression feature, as demonstrated using the 3123.0 (Netbus Pro Traffic) signature.
CVE-2007-0917 1 Cisco 1 Ios 2026-04-23 N/A
The Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XE to 12.3T allows remote attackers to bypass IPS signatures that use regular expressions via fragmented packets.
CVE-2007-0916 1 Hp 1 Hp-ux 2026-04-23 N/A
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11 and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors.
CVE-2007-0915 1 Hp 1 Hp-ux 2026-04-23 N/A
Distributed SLS daemon (SLSd) on HP-UX B.11.11 allows remote attackers to overwrite arbitrary files and gain privileges via a crafted RPC request.
CVE-2007-0914 1 Sun 1 Solaris 2026-04-23 N/A
Race condition in the TCP subsystem for Solaris 10 allows remote attackers to cause a denial of service (system panic) via unknown vectors.
CVE-2007-0912 1 Jportal 1 Jportal Web Server 2026-04-23 N/A
Cross-Site Request Forgery (CSRF) vulnerability in admin/admin.adm.php in Jportal 2.3.1, and possibly earlier, allows remote attackers to perform privileged actions as administrators by tricking the admin into accessing a URL with modified arguments to admin/admin.adm.php.