Total
29907 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-1980 | 1 Nick Jones | 1 Topliste Module | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the Topliste 1.0 module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the cid parameter. | ||||
| CVE-2007-1986 | 1 Barnraiser | 1 Aroundme | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in barnraiser AROUNDMe 0.7.7 allow remote attackers to execute arbitrary PHP code via a URL in the (1) language_path_core parameter to inc/core_profile.header.php, the (2) template_path_core parameter to template/barnraiser_01/maint_contact_view.tpl.php, and the (3) template_path parameter to template/barnraiser_01/default.tpl.php. NOTE: this issue might overlap CVE-2006-5533. | ||||
| CVE-2007-2009 | 1 Simpcms | 1 Simpcms | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in index.php in SimpCMS Light 04.10.2007 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the site parameter. | ||||
| CVE-2007-2011 | 1 Deskpro | 1 Deskpro | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in login.php in DeskPro 2.0.1 allows remote attackers to inject arbitrary web script or HTML via the username parameter. | ||||
| CVE-2007-2023 | 1 Secustick | 1 Secustick Usb Flash Drive | 2026-04-23 | N/A |
| USB20.dll in Secustick USB flash drive decouples the authorization and file access routines, which allows local users to bypass authentication requirements by altering the return value of the VerifyPassWord function. | ||||
| CVE-2007-3117 | 1 Adplan | 1 Seo | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the SEO module in ADPLAN 3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to HTTP headers. | ||||
| CVE-2007-2036 | 1 Cisco | 1 Wireless Lan Controller Software | 2026-04-23 | N/A |
| The SNMP implementation in the Cisco Wireless LAN Controller (WLC) before 20070419 uses the default read-only community public, and the default read-write community private, which allows remote attackers to read and modify SNMP variables, aka Bug ID CSCse02384. | ||||
| CVE-2007-2081 | 1 Myblog | 1 Myblog | 2026-04-23 | N/A |
| MyBlog 0.9.8 and earlier allows remote attackers to bypass authentication requirements via the admin cookie parameter to certain admin files, as demonstrated by admin/settings.php. | ||||
| CVE-2007-2083 | 1 Zonelabs | 1 Zonealarm | 2026-04-23 | N/A |
| vsdatant.sys in Check Point Zone Labs ZoneAlarm Pro before 7.0.302.000 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (system crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateKey and (2) NtDeleteFile functions. | ||||
| CVE-2007-2090 | 1 Tumusika Evolution | 1 Tumusika Evolution | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in TuMusika Evolution 1.6 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | ||||
| CVE-2007-2102 | 1 My Little Homepage | 1 My Little Weblog | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in weblog.php in my little weblog allows remote attackers to inject arbitrary web script or HTML via the id parameter, a different vector than CVE-2006-6087. | ||||
| CVE-2007-2133 | 1 Oracle | 1 Peoplesoft Enterprise | 2026-04-23 | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise Human Capital Management component in Oracle PeopleSoft Enterprise 8.9 has unknown impact and attack vectors, aka PSEHCM01. | ||||
| CVE-2007-2140 | 1 Franklin Huang | 1 Flip-search-add-on | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in everything.php in Franklin Huang Flip (aka Flip-search-add-on) 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the incpath parameter. | ||||
| CVE-2007-2150 | 1 Bluearc | 1 Titan | 2026-04-23 | N/A |
| BlueArc-FTPD in BlueArc Titan 2x00 devices with firmware 4.2.944b allows remote attackers to redirect traffic to other sites (aka FTP bounce) via the PORT command, a variant of CVE-1999-0017. | ||||
| CVE-2007-2164 | 1 Kde | 1 Konqueror | 2026-04-23 | N/A |
| Konqueror 3.5.5 release 45.4 allows remote attackers to cause a denial of service (browser crash or abort) via JavaScript that matches a regular expression against a long string, as demonstrated using /(.)*/. | ||||
| CVE-2007-2190 | 1 Eba News | 1 Eba News | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in admin/public/webpages.php in Eba News 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the filename parameter. | ||||
| CVE-2007-2197 | 1 Brettle Development | 1 Neatupload | 2026-04-23 | N/A |
| Race condition in the NeatUpload ASP.NET component 1.2.11 through 1.2.16, 1.1.18 through 1.1.23, and trunk.379 through trunk.445 allows remote attackers to obtain other clients' HTTP responses via multiple simultaneous requests, which triggers multiple calls to HttpWorkerRequest.FlushResponse for the same HttpWorkerRequest object and causes a buffer to be reused for a different request. | ||||
| CVE-2006-4182 | 1 Clam Anti-virus | 1 Clamav | 2026-04-23 | N/A |
| Integer overflow in ClamAV 0.88.1 and 0.88.4, and other versions before 0.88.5, allows remote attackers to cause a denial of service (scanning service crash) and execute arbitrary code via a crafted Portable Executable (PE) file that leads to a heap-based buffer overflow when less memory is allocated than expected. | ||||
| CVE-2007-2212 | 1 Mybb | 1 Mybb | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in calendar.php in MyBB (aka MyBulletinBoard) 1.2.5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) year or (2) month parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-5295 | 1 Clam Anti-virus | 1 Clamav | 2026-04-23 | N/A |
| Unspecified vulnerability in ClamAV before 0.88.5 allows remote attackers to cause a denial of service (scanning service crash) via a crafted Compressed HTML Help (CHM) file that causes ClamAV to "read an invalid memory location." | ||||