Total
29887 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-3959 | 1 Ipswitch | 2 Imserver, Ipswitch Collaboration Suite | 2025-04-09 | N/A |
| The IM Server (aka IMserve or IMserver) 2.0.5.30 and probably earlier in Ipswitch Instant Messaging before 2.07 in Ipswitch Collaboration Suite (ICS) allows remote attackers to cause a denial of service (daemon crash) via certain data to TCP port 5179 that overwrites a destructor, as reachable by the (1) DoAttachVideoSender, (2) DoAttachVideoReceiver, (3) DoAttachAudioSender, and (4) DoAttachAudioReceiver functions. | ||||
| CVE-2009-0374 | 1 Google | 1 Chrome | 2025-04-09 | N/A |
| Google Chrome 1.0.154.43 allows remote attackers to trick a user into visiting an arbitrary URL via an onclick action that moves a crafted element to the current mouse position, related to a "Clickjacking" vulnerability. NOTE: a third party disputes the relevance of this issue, stating that "every sufficiently featured browser is and likely will remain susceptible to the behavior known as clickjacking," and adding that the exploit code "is not a valid demonstration of the issue. | ||||
| CVE-2007-3981 | 1 Wsn Links | 1 Wsn Links | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in WSN Links Basic Edition allows remote attackers to execute arbitrary SQL commands via the catid parameter in a displaycat action. | ||||
| CVE-2007-4007 | 1 Article Directory | 1 Article Directory | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in index.php in Article Directory (Article Site Directory) allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. | ||||
| CVE-2007-4055 | 1 8pixel.net | 1 Simple Blog | 2025-04-09 | N/A |
| SQL injection vulnerability in comments_get.asp in SimpleBlog 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: this may be related to CVE-2006-4300. | ||||
| CVE-2007-4068 | 1 Webyapar | 1 Webyapar | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in Webyapar 2.0 allow remote attackers to execute arbitrary SQL commands via (1) the kat_id parameter to the default URI in a download action or (2) the id parameter to the default URI in a duyurular_detay action. | ||||
| CVE-2007-4086 | 1 Alstrasoft | 1 Video Share Enterprise | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in AlstraSoft Video Share Enterprise allow remote attackers to execute arbitrary SQL commands via (1) the gid parameter to gmembers.php, or (2) the UID parameter to (a) uvideos.php, (b) ugroups.php, (c) uprofile.php, (d) ufavour.php, (e) ufriends.php, or (f) uplaylist.php. | ||||
| CVE-2007-4102 | 1 Sblog | 1 Sblog | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php for sBlog 0.7.3 Beta allows remote attackers to inject arbitrary HTML and web script via a leading '"/></> sequence in the search string. | ||||
| CVE-2006-6666 | 1 Verliadmin | 1 Verliadmin | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in index.php in VerliAdmin 0.3 and earlier allows remote authenticated users to execute arbitrary PHP code via a URL in the q parameter. | ||||
| CVE-2007-4154 | 1 Wordpress | 1 Wordpress | 2025-04-09 | N/A |
| SQL injection vulnerability in options.php in WordPress 2.2.1 allows remote authenticated administrators to execute arbitrary SQL commands via the page_options parameter to (1) options-general.php, (2) options-writing.php, (3) options-reading.php, (4) options-discussion.php, (5) options-privacy.php, (6) options-permalink.php, (7) options-misc.php, and possibly other unspecified components. | ||||
| CVE-2006-6080 | 1 Gazatem Technologies | 1 Gnews Publisher | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in categories.asp in gNews Publisher allow remote attackers to execute arbitrary SQL commands via the (1) catID or (2) editorID parameter. | ||||
| CVE-2007-4186 | 1 Joomla | 1 Tour De France Pool | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in admin.tour_toto.php in the Tour de France Pool (com_tour_toto) 1.0.1 module for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| CVE-2009-2165 | 1 Serendipitynz | 1 Serene Bach | 2025-04-09 | N/A |
| SerendipityNZ (aka SimpleBoxes) Serene Bach 2.20R and earlier, and 3.00 beta023 and earlier 3.x versions, uses a predictable session id, which makes it easier for remote attackers to hijack sessions via a modified id. | ||||
| CVE-2006-5061 | 1 Advanced-clan-script | 1 Advanced-clan-script | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in mcf.php in Advanced-Clan-Script (AVCX) 3.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the content parameter. | ||||
| CVE-2007-4241 | 2 Cisco, Hp | 2 Local Director, Hp-ux | 2025-04-09 | N/A |
| Buffer overflow in ldcconn in Hewlett-Packard (HP) Controller for Cisco Local Director on HP-UX 11.11i allows remote attackers to execute arbitrary code via a long string to TCP port 17781. | ||||
| CVE-2006-5076 | 1 Back-end | 1 Back-end Cms | 2025-04-09 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in OpenConcept Back-End 0.4.5 allow remote attackers to execute arbitrary PHP code via a URL in the includes_path parameter in (1) admin/index.php, (2) Facts.php, or (3) search.php. | ||||
| CVE-2007-4255 | 1 Php | 1 Php | 2025-04-09 | N/A |
| Buffer overflow in the mSQL extension in PHP 5.2.3 allows context-dependent attackers to execute arbitrary code via a long first argument to the msql_connect function. | ||||
| CVE-2007-3866 | 1 Oracle | 1 E-business Suite | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10CU2 and 12.0.1 allow remote attackers to have an unknown impact via (a) Oracle Configurator (APPS02), (b) Oracle iExpenses (APPS03), (c) Oracle Application Object Library (APPS09), and (1) APPS12, (2) APPS13, and (3) APPS14 in (d) Oracle Payables. | ||||
| CVE-2006-5095 | 1 Myphotos | 1 Myphotos | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in index.php in MyPhotos 0.1.3b beta allows remote attackers to execute arbitrary PHP code via the includesdir parameter. NOTE: this issue is disputed by CVE on 20060927, since the includesdir is defined before being used when the product is installed according to the provided instructions | ||||
| CVE-2007-4264 | 1 Kai Blankenhorn Bitfolge | 1 Simple And Nice Index File | 2025-04-09 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in Kai Blankenhorn Bitfolge simple and nice index file (aka snif) 1.5.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) path and (2) download parameters. | ||||