Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-1096 | 1 Virtuemart | 1 Virtuemart | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in ps_cart.php in VirtueMart before 20070116 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this issue might overlap CVE-2007-0376. | ||||
| CVE-2007-1102 | 1 Photostand | 1 Photostand | 2026-04-23 | N/A |
| Photostand 1.2.0 allows remote attackers to obtain sensitive information via a ' (quote) character in (1) a PHPSESSID cookie or (2) the id parameter in an article action in index.php, which reveal the path in various error messages. | ||||
| CVE-2007-1104 | 1 Php Mip | 1 Php Mip | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in top.php in PHP Module Implementation (PHP-MIP) 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the laypath parameter. | ||||
| CVE-2007-1106 | 1 Nomoketos Rules | 1 Nomoketos Rules | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in includes/functions_nomoketos_rules.php in the NoMoKeTos Rules 0.0.1 module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | ||||
| CVE-2007-1108 | 1 Cs-gallery | 1 Cs-gallery | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in index.php in Christian Schneider CS-Gallery 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the album parameter during a securealbum todo action. | ||||
| CVE-2009-2861 | 1 Cisco | 2 Aironet Ap1100, Aironet Ap1200 | 2026-04-23 | N/A |
| The Over-the-Air Provisioning (OTAP) functionality on Cisco Aironet Lightweight Access Point 1100 and 1200 devices does not properly implement access-point association, which allows remote attackers to spoof a controller and cause a denial of service (service outage) via crafted remote radio management (RRM) packets, aka "SkyJack" or Bug ID CSCtb56664. | ||||
| CVE-2007-1112 | 1 Kaspersky Lab | 2 Kaspersky Anti-virus, Kaspersky Internet Security | 2026-04-23 | N/A |
| Kaspersky Anti-Virus 6.0 and Internet Security 6.0 exposes unsafe methods in the (a) AXKLPROD60Lib.KAV60Info (AxKLProd60.dll) and (b) AXKLSYSINFOLib.SysInfo (AxKLSysInfo.dll) ActiveX controls, which allows remote attackers to "download" or delete arbitrary files via crafted arguments to the (1) DeleteFile, (2) StartBatchUploading, (3) StartStrBatchUploading, or (4) StartUploading methods. | ||||
| CVE-2007-1117 | 1 Microsoft | 1 Publisher | 2026-04-23 | N/A |
| Unspecified vulnerability in Publisher 2007 in Microsoft Office 2007 allows remote attackers to execute arbitrary code via unspecified vectors, related to a "file format vulnerability." NOTE: this information is based upon a vague pre-advisory with no actionable information. However, the advisory is from a reliable source. | ||||
| CVE-2007-1119 | 1 Novell | 1 Zenworks | 2026-04-23 | N/A |
| Unspecified vulnerability in Novell ZENworks 7 Desktop Management Support Pack 1 before Hot patch 3 (ZDM7SP1HP3) allows remote attackers to upload images to certain folders that were not configured in the "Only allow uploads to the following directories" setting via unspecified vectors. | ||||
| CVE-2007-1125 | 1 Xeroxer | 1 Simple One-file Gallery | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in gallery.php in XeroXer Simple one-file gallery allows remote attackers to inject arbitrary web script or HTML via the f parameter. | ||||
| CVE-2007-1128 | 1 Watersweb Shops | 1 Shop Kit Plus | 2026-04-23 | N/A |
| shopkitplus allows remote attackers to obtain sensitive information via a request to (1) events.php with a curmonth[]=01 query string or (2) enc/stylecss.php with a changetheme[]= query string, which reveals the path in various error messages. | ||||
| CVE-2007-1130 | 1 Scipter.ch | 1 Gastebuch | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in sinagb.php in Sinapis Gastebuch 2.2 allows remote attackers to execute arbitrary PHP code via a URL in the fuss parameter. | ||||
| CVE-2007-1131 | 1 Scripter.ch | 1 Sinapis Forum | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in sinapis.php in Sinapis Forum 2.2 allows remote attackers to execute arbitrary PHP code via a URL in the fuss parameter. | ||||
| CVE-2007-1137 | 1 Sourceforge | 1 Putmail | 2026-04-23 | N/A |
| putmail.py in Putmail before 1.4 does not detect when a user attempts to use TLS with a server that does not support it, which causes putmail.py to send the username and password in plaintext while the user believes encryption is in use, and allows remote attackers to obtain sensitive information. | ||||
| CVE-2007-1146 | 1 Delmaa.com | 1 Arabhost | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in function.php in arabhost allows remote attackers to execute arbitrary PHP code via a URL in the adminfolder parameter. | ||||
| CVE-2007-1707 | 1 Net-side.net | 1 Net Side Content Management System | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in index.php in Net Side Content Management System (Net-Side.net CMS) allows remote attackers to execute arbitrary PHP code via a URL in the cms parameter. | ||||
| CVE-2007-1789 | 1 Flyspray | 1 Flyspray | 2026-04-23 | N/A |
| Flyspray 0.9.9 allows remote attackers to obtain sensitive information (private project summaries) via direct requests. | ||||
| CVE-2007-1729 | 1 Revolutionproducts | 1 Flexbb | 2026-04-23 | N/A |
| SQL injection vulnerability in includes/start.php in Flexbb 1.0.0 10005 Beta Release 1 allows remote attackers to execute arbitrary SQL commands via the flexbb_lang_id COOKIE parameter to index.php. | ||||
| CVE-2007-1805 | 1 Myxoops | 1 Debaser | 2026-04-23 | N/A |
| SQL injection vulnerability in genre.php in the debaser 0.92 and earlier module for Xoops allows remote attackers to execute arbitrary SQL commands via the genreid parameter. | ||||
| CVE-2007-1733 | 1 Intervations | 1 Navicopa Web Server | 2026-04-23 | N/A |
| Buffer overflow in InterVations NaviCOPA HTTP Server 2.01 allows remote attackers to execute arbitrary code via a long (1) /cgi-bin/ or (2) /cgi/ pathname in an HTTP GET request, probably a different issue than CVE-2006-5112. | ||||