Export limit exceeded: 357170 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (357170 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-3427 | 1 Zoneo-soft | 1 Phptraffica | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in phpTrafficA 1.4.2 and earlier allows remote attackers to execute arbitrary SQL commands via the pageid parameter in a stats action. | ||||
| CVE-2007-3428 | 1 Zoneo-soft | 1 Phptraffica | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in phpTrafficA before 1.4.2 allow remote attackers to have an unknown impact via the file parameter to (1) plotStatBar.php or (2) plotStatPie.php, different vectors than CVE-2007-1076. | ||||
| CVE-2007-3429 | 1 E107 | 1 E107 | 2026-04-23 | N/A |
| Unrestricted file upload vulnerability in signup.php in e107 0.7.8 and earlier, when photograph upload is enabled, allows remote attackers to upload and execute arbitrary PHP code via a filename with a double extension such as .php.jpg. | ||||
| CVE-2007-3430 | 1 Simple Invoices | 1 Simple Invoices | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Simple Invoices 2007 05 25 allows remote attackers to execute arbitrary SQL commands via the submit parameter in an email action. | ||||
| CVE-2007-3431 | 1 Valerio Capello | 1 Dagger - The Cutting Edge | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in cal.func.php in Valerio Capello Dagger - The Cutting Edge r23jan2007 allows remote attackers to execute arbitrary PHP code via a URL in the dir_edge_lang parameter. | ||||
| CVE-2007-3433 | 1 Netart Media | 1 Pharmacy System | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Pharmacy System 2 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter in an add action. | ||||
| CVE-2007-3434 | 1 Netart Media | 1 Pharmacy System | 2026-04-23 | N/A |
| index.php in Pharmacy System 2 and earlier allows remote attackers to obtain sensitive information via a ' (quote) character in the page parameter, which reveals the table prefix in an error message. | ||||
| CVE-2007-3435 | 1 Rkd Software | 1 Barcode Activex | 2026-04-23 | N/A |
| Stack-based buffer overflow in the BeginPrint method in a certain ActiveX control in RKD Software (barcodetools.com) BarCodeAx.dll 4.9 allows remote attackers to execute arbitrary code via a long argument. | ||||
| CVE-2007-3436 | 1 Microsoft | 2 Msn Messenger, Windows Xp | 2026-04-23 | N/A |
| Microsoft MSN Messenger 4.7 on Windows XP allows remote attackers to cause a denial of service (resource consumption) via a flood of SIP INVITE requests to the port specified for voice conversation. | ||||
| CVE-2007-3437 | 2 Aol, Microsoft | 2 Instant Messenger, Windows Xp | 2026-04-23 | N/A |
| AOL Instant Messenger (AIM) 6.1.32.1 on Windows XP allows remote attackers to cause a denial of service (application crash) via a malformed header value in a SIP INVITE message, a different vulnerability than CVE-2007-3350. | ||||
| CVE-2007-3438 | 1 Nortel | 1 Sip Softphone | 2026-04-23 | N/A |
| Buffer overflow in the SIP header parsing module in the Nortel PC Client SIP Soft Phone 4.1 3.5.208[20051015] allows remote attackers to execute arbitrary code via a malformed message, a different vulnerability than CVE-2007-3361. | ||||
| CVE-2007-3439 | 1 Snom | 2 320 Sip Phone, Snom 320 Linux | 2026-04-23 | N/A |
| The Snom 320 SIP Phone, running snom320 linux 3.25, snom320-SIP 6.2.3, and snom320 jffs23.36, allows remote attackers to read a list of missed calls, received calls, and dialed numbers via a direct request to the web server on port 1800. | ||||
| CVE-2007-3440 | 1 Snom | 2 320 Sip Phone, Snom 320 Linux | 2026-04-23 | N/A |
| The Snom 320 SIP Phone, running snom320 linux 3.25, snom320-SIP 6.2.3, and snom320 jffs23.36, allows remote attackers to place calls to arbitrary phone numbers via certain requests to the web server on port 1800. | ||||
| CVE-2007-3458 | 1 Sun | 1 Solaris | 2026-04-23 | N/A |
| The libsldap library in Sun Solaris 8, 9, and 10 allows local users to cause a denial of service (Name Service Caching Daemon (nscd) crash) via unspecified vectors. | ||||
| CVE-2007-3441 | 1 Aastra Telecom | 1 9112i Sip Phone | 2026-04-23 | N/A |
| Format string vulnerability in the Aastra 9112i SIP Phone with firmware 1.4.0.1048 and boot version 1.1.0.10 allows remote attackers to cause a denial of service (blocked call reception and slow calling) via format string specifiers in an SDP header value, a different vulnerability than CVE-2007-3349. | ||||
| CVE-2007-3442 | 1 Research In Motion Limited | 1 Blackberry 7270 | 2026-04-23 | N/A |
| Format string vulnerability on the Research in Motion BlackBerry 7270 before 4.0 SP1 Bundle 108 allows remote attackers to cause a denial of service (blocked call reception and calling) via format string specifiers in an SIP INVITE message that lacks a host name in the Contact header. | ||||
| CVE-2007-3443 | 1 Research In Motion Limited | 1 Blackberry 7270 | 2026-04-23 | N/A |
| The Research in Motion BlackBerry 7270 before 4.0 SP1 Bundle 108 does not properly manage transaction states, which allows remote attackers to cause a denial of service (temporary device hang) by sending a certain SIP INVITE message, but not providing an ACK when the call is answered. | ||||
| CVE-2007-3444 | 1 Rim | 2 Blackberry 7270, Blackberry Software | 2026-04-23 | N/A |
| The Research in Motion BlackBerry 7270 with 4.0 SP1 Bundle 83 allows remote attackers to cause a denial of service (blocked call reception) via a malformed SIP invite message, possibly related to multiple format string specifiers in the From field, a spoofed source IP address, and limitations of the function stack frame. | ||||
| CVE-2007-3445 | 3 Microsoft, Securecomputing, Sj Labs | 3 Windows Mobile, Sch I730 Phone, Sjphone | 2026-04-23 | N/A |
| Buffer overflow in SJ Labs SJphone 1.60.303c, running under Windows Mobile 2003 on the Samsung SCH-i730 phone, allows remote attackers to cause a denial of service (device hang and call termination) via a malformed SIP INVITE message, a different vulnerability than CVE-2007-3351. | ||||
| CVE-2007-3446 | 1 Bugmall | 1 Shopping Cart | 2026-04-23 | N/A |
| BugMall Shopping Cart 2.5 and earlier has a default username "demo" and password "demo," which allows remote attackers to obtain login access. | ||||