Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-0557 | 1 Rmake | 1 Rmake | 2026-04-23 | N/A |
| rMake before 1.0.4 drops root privileges in a way that retains the original supplemental groups, which might allow attackers to gain privileges via a crafted recipe file, a different vulnerability than CVE-2007-0536. | ||||
| CVE-2007-0563 | 1 Symantec | 1 Web Security | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Symantec Web Security (SWS) before 3.0.1.85 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) error messages and (2) blocked page messages produced by SWS. | ||||
| CVE-2007-0564 | 1 Symantec | 1 Web Security | 2026-04-23 | N/A |
| The license registering interface in Symantec Web Security (SWS) before 3.0.1.85 allows attackers to cause a denial of service (CPU consumption) by submitting a large file. | ||||
| CVE-2007-0565 | 1 Cgi-rescue | 1 Shopping Basket Professional | 2026-04-23 | N/A |
| CGI-Rescue Shopping Basket Professional 7.50 and earlier allows remote attackers to inject arbitrary operating system commands via unspecified vectors. | ||||
| CVE-2007-0566 | 1 Asp News | 1 Asp News | 2026-04-23 | N/A |
| SQL injection vulnerability in news_detail.asp in ASP NEWS 3 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2007-0567 | 1 Interactive-scripts.com | 1 Php Membership Manager | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in admin.php in Interactive-Scripts.Com PHP Membership Manager 1.5 allows remote attackers to inject arbitrary web script or HTML via the _p parameter. | ||||
| CVE-2007-0568 | 1 Myphpcommander | 1 Myphpcommander | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in system/lib/package.php in MyPHPCommander 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the gl_root parameter. | ||||
| CVE-2007-0571 | 1 Phpmyreports | 1 Phpmyreports | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in include/lib/lib_head.php in phpMyReports 3.0.11 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cfgPathModule parameter. | ||||
| CVE-2007-0573 | 1 Nsgalphp | 1 Nsgalphp | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in includes/config.inc.php in nsGalPHP 0.41 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the racineTBS parameter. | ||||
| CVE-2007-0575 | 1 Stefan Holmberg | 1 Admentor | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in the administrative login page (admin/login.asp) in ASPCode.net AdMentor allow remote attackers to execute arbitrary SQL commands via the (1) Userid and (2) Password fields. | ||||
| CVE-2007-0581 | 1 Eclipsebb | 1 Eclipsebb | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in functions.php in EclipseBB 0.5.0 Lite allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | ||||
| CVE-2007-0583 | 1 Http Commander | 1 Http Commander | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in HTTP Commander 6.0, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) LogoffMessage parameter to logofflast.aspx or the (2) txtUsername parameter to Default.aspx. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-0584 | 1 G-neric | 1 Php Generic Library And Framework | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in membres/membreManager.php in PhP Generic Library & Framework for comm (g-neric) allows remote attackers to execute arbitrary PHP code via a URL in the include_path parameter. | ||||
| CVE-2007-0585 | 1 Webfwlog | 1 Webfwlog | 2026-04-23 | N/A |
| include/debug.php in Webfwlog 0.92 and earlier, when register_globals is enabled, allows remote attackers to obtain source code of files via the conffile parameter. NOTE: some of these details are obtained from third party information. It is likely that this issue can be exploited to conduct directory traversal attacks. | ||||
| CVE-2007-0588 | 1 Apple | 2 Mac Os X, Quicktime | 2026-04-23 | N/A |
| The InternalUnpackBits function in Apple QuickDraw, as used by Quicktime 7.1.3 and other applications on Mac OS X 10.4.8 and earlier, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PICT file that triggers memory corruption in the _GetSrcBits32ARGB function. NOTE: this issue might overlap CVE-2007-0462. | ||||
| CVE-2007-0592 | 1 Indexcor | 1 Ezdatabase | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in EzDatabase 2.1.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to admin/login.php and the Admin Panel Database. | ||||
| CVE-2007-0593 | 1 Siteman | 1 Siteman | 2026-04-23 | N/A |
| Siteman 1.1.11 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing password hashes via a direct request for data/members.txt. | ||||
| CVE-2007-0594 | 1 Siteman | 1 Siteman | 2026-04-23 | N/A |
| Siteman 2.0.x2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing password hashes via a direct request for db/siteman/users.MYD. | ||||
| CVE-2007-0595 | 1 Designmind | 1 High5 Review Script | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in search in High 5 Review Site allows remote attackers to inject arbitrary web script or HTML via the q parameter (aka the search box). | ||||
| CVE-2007-0596 | 1 Aztek Forum | 1 Aztek Forum | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in index/main.php in Aztek Forum 4.00 allows remote authenticated administrators to execute arbitrary PHP code via a URL in the PF[top_url] parameter. | ||||