Export limit exceeded: 346373 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346373 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-1224 | 1 Grok Developments | 1 Netproxy | 2026-04-23 | N/A |
| Grok Developments NetProxy 4.03 allows remote attackers to bypass URL filtering via a request that omits "http://" from the URL and specifies the destination port (:80). | ||||
| CVE-2007-1225 | 1 Grok Developments | 1 Netproxy | 2026-04-23 | N/A |
| The connection log file implementation in Grok Developments NetProxy 4.03 does not record requests that omit http:// in a URL, which might allow remote attackers to conduct unauthorized activities and avoid detection. | ||||
| CVE-2007-1226 | 1 Mcafee | 1 Virex | 2026-04-23 | N/A |
| McAfee VirusScan for Mac (Virex) before 7.7 patch 1 has weak permissions (0666) for /Library/Application Support/Virex/VShieldExclude.txt, which allows local users to reconfigure Virex to skip scanning of arbitrary files. | ||||
| CVE-2007-1227 | 1 Mcafee | 1 Virex | 2026-04-23 | N/A |
| VShieldCheck in McAfee VirusScan for Mac (Virex) before 7.7 patch 1 allow local users to change permissions of arbitrary files via a symlink attack on /Library/Application Support/Virex/VShieldExclude.txt, as demonstrated by symlinking to the root crontab file to execute arbitrary commands. | ||||
| CVE-2007-1231 | 1 Sqlitemanager | 1 Sqlitemanager | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in SQLiteManager 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) database name, (2) table name, (3) ViewName, (4) view, (5) trigger, and (6) function fields in main.php and certain other files. | ||||
| CVE-2007-1232 | 1 Sqlite Manager | 1 Sqlite Manager | 2026-04-23 | N/A |
| Directory traversal vulnerability in SQLiteManager 1.2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in a SQLiteManager_currentTheme cookie. | ||||
| CVE-2007-1233 | 1 Stwc-counter | 1 Stwc-counter | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in downloadcounter.php in STWC-Counter 3.4.0.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the stwc_counter_verzeichniss parameter. | ||||
| CVE-2007-1234 | 1 Bj Sintay | 1 Sitex | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in sitex allow remote attackers to inject arbitrary web script or HTML via (1) the sxYear parameter to calendar.php, (2) the search parameter to search.php, (3) the linkid parameter to redirect.php, or (4) the page parameter to calendar_events.php. | ||||
| CVE-2007-1236 | 1 Sitex | 1 Sitex | 2026-04-23 | N/A |
| sitex allows remote attackers to obtain sensitive information via a request with a numerical value for the (1) sxMonth[] or (2) sxYear[] parameter to calendar.php, or the (3) page[] parameter to calendar_events.php, which reveals the path in various error messages. | ||||
| CVE-2008-1958 | 1 Easyscripts | 1 Tr Script News | 2026-04-23 | N/A |
| Unrestricted file upload vulnerability in the ajout_cat mode in admin/main.php in Tr Script News 2.1 allows remote authenticated users to execute arbitrary code by uploading a file with a .php extension. | ||||
| CVE-2008-1962 | 1 Chimaera | 1 Aterr | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in Aterr 0.9.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) class parameter to include/functions.inc.php and the (2) file parameter to include/common.inc.php. | ||||
| CVE-2007-1250 | 1 Angel Learning | 1 Learning Management Suite | 2026-04-23 | N/A |
| SQL injection vulnerability in section/default.asp in ANGEL Learning Management Suite (LMS) 7.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2007-1251 | 1 Netrek | 1 Netrek Vanilla Server | 2026-04-23 | N/A |
| Format string vulnerability in the new_warning function in ntserv/warning.c for Netrek Vanilla Server 2.12.0, when EVENTLOG is enabled, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via format string specifiers in the message handling. | ||||
| CVE-2007-1253 | 1 Blender | 1 Blender | 2026-04-23 | N/A |
| Eval injection vulnerability in the (a) kmz_ImportWithMesh.py Script for Blender 0.1.9h, as used in (b) Blender before 2.43, allows user-assisted remote attackers to execute arbitrary Python code by importing a crafted (1) KML or (2) KMZ file. | ||||
| CVE-2007-1254 | 1 Connectix | 1 Connectix Boards | 2026-04-23 | N/A |
| SQL injection vulnerability in part.userprofile.php in Connectix Boards 0.7 and earlier allows remote authenticated users to execute arbitrary SQL commands and obtain privileges via the p_skin parameter to index.php. | ||||
| CVE-2007-2125 | 1 Oracle | 1 Collaboration Suite | 2026-04-23 | N/A |
| Unspecified vulnerability in Collaborative Workspace in Oracle Collaboration Suite 10.1.2 has unknown impact and attack vectors, aka OCS01. | ||||
| CVE-2006-5124 | 1 Joshua Muheim | 1 Phpmywebmin | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Joshua Muheim phpMyWebmin 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the (1) target and (2) action parameters in window.php, and possibly the (3) target parameter in home.php. | ||||
| CVE-2007-1258 | 1 Cisco | 4 Catalyst 6000, Catalyst 6500, Catalyst 7600 and 1 more | 2026-04-23 | N/A |
| Unspecified vulnerability in Cisco IOS 12.2SXA, SXB, SXD, and SXF; and the MSFC2, MSFC2a and MSFC3 running in Hybrid Mode on Cisco Catalyst 6000, 6500 and Cisco 7600 series systems; allows remote attackers on a local network segment to cause a denial of service (software reload) via a certain MPLS packet. | ||||
| CVE-2007-1259 | 1 Web-app.org | 1 Webapp | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in WebAPP before 0.9.9.6 have unknown impact and attack vectors. | ||||
| CVE-2007-1260 | 1 Webmod | 1 Webmod | 2026-04-23 | N/A |
| Stack-based buffer overflow in the connectHandle function in server.cpp in WebMod 0.48 allows remote attackers to execute arbitrary code via a long string in the Content-Length HTTP header. | ||||