Export limit exceeded: 366896 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-2289 1 Alexscriptengine 1 Download-engine 2026-04-23 N/A
PHP remote file inclusion vulnerability in admin/includes/spaw/dialogs/insert_link.php in download engine (Download-Engine) 1.4.1 allows remote authenticated users to execute arbitrary PHP code via a URL in the spaw_root parameter, a different vector than CVE-2007-2255. NOTE: this may be an issue in SPAW.
CVE-2007-0740 1 Apple 1 Mac Os X 2026-04-23 N/A
Alias Manager in Apple Mac OS X 10.3.9 and 10.4.9 does not display files with the same name in mounted disk images that have the same name, which might allow user-assisted attackers to trick a user into executing malicious files.
CVE-2007-2258 1 Phpmybibli 1 Phpmybibli 2026-04-23 N/A
PHP remote file inclusion vulnerability in includes/init.inc.php in PHPMyBibli allows remote attackers to execute arbitrary PHP code via a URL in the base_path parameter.
CVE-2007-0741 1 Apple 1 Mac Os X 2026-04-23 N/A
Buffer overflow in natd in network_cmds in Apple Mac OS X 10.3.9 through 10.4.9, when Internet Sharing is enabled, allows remote attackers to execute arbitrary code via malformed RTSP packets.
CVE-2007-3452 1 Edocstore 1 Edocstore 2026-04-23 N/A
SQL injection vulnerability in essentials/minutes/doc.php in eDocStore allows remote attackers to execute arbitrary SQL commands via the doc_id parameter in an inline action.
CVE-2007-2943 1 Webavis 1 Webavis 2026-04-23 N/A
PHP remote file inclusion vulnerability in class/class.php in Webavis 0.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the root parameter.
CVE-2007-2126 1 Oracle 1 E-business Suite 2026-04-23 N/A
Unspecified vulnerability in Oracle E-Business Suite 11.5.10CU2 has unknown impact and remote attack vectors in the (1) Common Applications (APPS01) and (2) iProcurement (APPS02).
CVE-2007-0742 1 Apple 1 Mac Os X 2026-04-23 N/A
The WebFoundation framework in Apple Mac OS X 10.3.9 and earlier allows subdomain cookies to be accessed by the parent domain, which allows remote attackers to obtain sensitive information.
CVE-2007-2290 1 Cafelog 1 B2 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in B2 Weblog and News Publishing Tool 0.6.1 allow remote attackers to execute arbitrary PHP code via a URL in the b2inc parameter to (1) b2archives.php, (2) b2categories.php, or (3) b2mail.php. NOTE: this may overlap CVE-2002-1466.
CVE-2007-0287 1 Oracle 2 Application Server, Collaboration Suite 2026-04-23 N/A
Unspecified vulnerability in Oracle Application Server 9.0.4.3, 10.1.2.0.0, and 10.1.2.0.2; and Collaboration Suite 9.0.4.2 and 10.1.2; has unknown impact and attack vectors related to Containers for J2EE, aka OC4J08.
CVE-2007-2932 1 Boastmachine 1 Boastmachine 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in BoastMachine allows remote attackers to inject arbitrary web script or HTML via the blog parameter in a content search action.
CVE-2007-0288 1 Oracle 1 Application Server 2026-04-23 N/A
Unspecified vulnerability in Oracle Application Server 10.1.4.0 has unknown impact and attack vectors related to Oracle Internet Directory, aka OID01.
CVE-2007-3620 1 Maia Mailguard 1 Maia Mailguard 2026-04-23 N/A
Multiple directory traversal vulnerabilities in Maia Mailguard 1.0.2 and earlier might allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) prevlang and (2) super parameters to (a) php/login.php; the (3) charset parameter to (a) php/login.php, (b) php/internal-init.php, and (c) php/xlogin.php; the (4) lang parameter to (b) php/internal-init.php; and the (5) language parameter to (c) php/xlogin.php.
CVE-2007-2919 1 E-book Systems 1 Flipviewer 2026-04-23 N/A
Multiple stack-based buffer overflows in the FViewerLoading ActiveX control (FlipViewerX.dll) in E-Book Systems FlipViewer before 4.1 allow remote attackers to cause a denial of service (crash) or execute arbitrary code via long (1) UID, (2) Opf, (3) PAGENO, (4) LaunchMode, (5) SubID, (6) BookID, (7) LibraryID, (8) SubURL, and (9) LoadOpf properties.
CVE-2007-0263 1 Total Commander 1 Total Commander 2026-04-23 N/A
Unspecified vulnerability in Total Commander before 6.5.6 allows user-assisted remote attackers to delete arbitrary files and corrupt a filesystem via a crafted RAR file. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-0289 1 Oracle 1 Application Server 2026-04-23 N/A
Multiple unspecified vulnerabilities in Oracle Collaboration Suite 9.0.4.2 have unknown impact and attack vectors related to Oracle Containers for J2EE, aka (1) OC4J01, (2) OC4J05, and (3) OC4J06.
CVE-2007-0233 1 Wordpress 1 Wordpress 2026-04-23 N/A
wp-trackback.php in WordPress 2.0.6 and earlier does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary SQL commands via the tb_id parameter. NOTE: it could be argued that this vulnerability is due to a bug in the unset PHP command (CVE-2006-3017) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in WordPress.
CVE-2007-3427 1 Zoneo-soft 1 Phptraffica 2026-04-23 N/A
SQL injection vulnerability in index.php in phpTrafficA 1.4.2 and earlier allows remote attackers to execute arbitrary SQL commands via the pageid parameter in a stats action.
CVE-2007-2031 1 3proxy 1 3proxy 2026-04-23 N/A
Buffer overflow in the HTTP proxy service for 3proxy 0.5 to 0.5.3g, and 0.6b-devel before 20070413, might allow remote attackers to execute arbitrary code via crafted transparent requests.
CVE-2007-2012 1 Mimarsinan 1 Comprexx 2026-04-23 N/A
Multiple directory traversal vulnerabilities in MimarSinan CompreXX 4.1 allow remote attackers to create files in arbitrary directories via a .. (dot dot) in a (1) .rar, (2) .jar or (3) .zip archive.