Export limit exceeded: 360678 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 360678 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-0861 | 1 Phpcoin | 1 Phpcoin | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in modules/mail/index.php in phpCOIN RC-1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the _CCFG['_PKG_PATH_MDLS'] parameter. NOTE: this issue has been disputed by a reliable third party, who states that a fatal error occurs before the relevant code is reached | ||||
| CVE-2007-0871 | 1 Extremepow | 1 Extreme File Hosting | 2026-04-23 | N/A |
| Unrestricted file upload vulnerability in eXtremePow eXtreme File Hosting allows remote attackers to upload arbitrary PHP code via a filename with a double extension such as (1) .rar.php or (2) .zip.php. | ||||
| CVE-2007-0872 | 1 Plain Old Webserver | 1 Plain Old Webserver | 2026-04-23 | N/A |
| Directory traversal vulnerability in the Plain Old Webserver (POW) add-on before 0.0.9 for Mozilla Firefox allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. | ||||
| CVE-2007-0876 | 1 Qdig | 1 Qdig | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Quick Digital Image Gallery (Qdig) 1.2.9.3 and devel-20060624 allows remote attackers to inject arbitrary web script or HTML via the Qwd parameter to the top-level URI. | ||||
| CVE-2007-0878 | 1 Microsoft | 1 Windows Mobile | 2026-04-23 | N/A |
| Unspecified vulnerability in Microsoft Internet Explorer on Windows Mobile 5.0 allows remote attackers to cause a denial of service (loss of browser and other device functionality) via a malformed WML page, related to an "overflow state." NOTE: it is possible that this issue is related to CVE-2007-0685. | ||||
| CVE-2007-0880 | 1 Capital Request Forms | 1 Capital Request Forms | 2026-04-23 | N/A |
| Capital Request Forms stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain database credentials via a direct request for inc/common_db.inc. | ||||
| CVE-2007-0881 | 1 Openi-cms Group | 1 Openi-cms | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in the Seitenschutz plugin for OPENi-CMS 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the (1) config[oi_dir] and possibly (2) config[openi_dir] parameters to open-admin/plugins/site_protection/index.php. NOTE: vector 2 might be the same as CVE-2006-4750. | ||||
| CVE-2007-0883 | 1 Second Rule Llc | 1 Ip3 Netaccess | 2026-04-23 | N/A |
| Directory traversal vulnerability in portalgroups/portalgroups/getfile.cgi in IP3 NetAccess before firmware 4.1.9.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter. | ||||
| CVE-2007-0884 | 1 Roaring Penguin | 1 Mimedefang | 2026-04-23 | N/A |
| Buffer overflow in Roaring Penguin MIMEDefang 2.59 and 2.60 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unspecified vectors. | ||||
| CVE-2007-0901 | 1 Moinmoin | 1 Moinmoin | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Info pages in MoinMoin 1.5.7 allow remote attackers to inject arbitrary web script or HTML via the (1) hitcounts and (2) general parameters, different vectors than CVE-2007-0857. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-0902 | 1 Moinmoin | 1 Moinmoin | 2026-04-23 | N/A |
| Unspecified vulnerability in the "Show debugging information" feature in MoinMoin 1.5.7 allows remote attackers to obtain sensitive information. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-0903 | 1 Process-one | 1 Ejabberd | 2026-04-23 | N/A |
| Unspecified vulnerability in the mod_roster_odbc module in ejabberd before 1.1.3 has unknown impact and attack vectors. | ||||
| CVE-2007-0904 | 1 Lightro | 1 Lightro Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in projects.php in LightRO CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter to index.php. | ||||
| CVE-2007-0905 | 2 Php, Trustix | 2 Php, Secure Linux | 2026-04-23 | N/A |
| PHP before 5.2.1 allows attackers to bypass safe_mode and open_basedir restrictions via unspecified vectors in the session extension. NOTE: it is possible that this issue is a duplicate of CVE-2006-6383. | ||||
| CVE-2007-0907 | 3 Php, Redhat, Trustix | 5 Php, Enterprise Linux, Rhel Application Stack and 2 more | 2026-04-23 | N/A |
| Buffer underflow in PHP before 5.2.1 allows attackers to cause a denial of service via unspecified vectors involving the sapi_header_op function. | ||||
| CVE-2007-0909 | 3 Php, Redhat, Trustix | 5 Php, Enterprise Linux, Rhel Application Stack and 2 more | 2026-04-23 | N/A |
| Multiple format string vulnerabilities in PHP before 5.2.1 might allow attackers to execute arbitrary code via format string specifiers to (1) all of the *print functions on 64-bit systems, and (2) the odbc_result_all function. | ||||
| CVE-2007-1455 | 1 Cpanel-host | 1 Fantastico De Luxe | 2026-04-23 | N/A |
| Multiple absolute path traversal vulnerabilities in Fantastico, as used with cPanel 10.x, allow remote authenticated users to include and execute arbitrary local files via (1) the userlanguage parameter to includes/load_language.php or (2) the fantasticopath parameter to includes/mysqlconfig.php and certain other files. | ||||
| CVE-2007-1457 | 1 Christian Scheurer | 2 Unrarlib, Urarfilelib | 2026-04-23 | N/A |
| Buffer overflow in the urarlib_get function in Christian Scheurer UniquE RAR File Library (unrarlib, aka URARFileLib) 0.4 allows context-dependent attackers to execute arbitrary code via a long (1) filename, (2) rarfile, or (3) libpassword argument. | ||||
| CVE-2007-1459 | 1 Webcreator | 1 Webcreator | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in WebCreator 0.2.6-rc3 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the moddir parameter to (1) content/load.inc.php, (2) config/load.inc.php, (3) http/load.inc.php, and unspecified other files. | ||||
| CVE-2007-1463 | 2 Inkscape, Ubuntu | 2 Inkscape, Ubuntu Linux | 2026-04-23 | N/A |
| Format string vulnerability in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a URI, which is not properly handled by certain dialogs. | ||||