Export limit exceeded: 346758 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346758 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-3345 | 1 Php Accounts | 1 Php Accounts | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in index.php in PHPAccounts 0.5 allow remote attackers to execute arbitrary SQL commands via the (1) Outgoing_Type_ID, (2) Outgoing_ID, (3) Project_ID, (4) Client_ID, (5) Invoice_ID, or (6) Vendor_ID parameter. | ||||
| CVE-2007-3346 | 1 Php Accounts | 1 Php Accounts | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in PHPAccounts 0.5 allows remote attackers to include arbitrary local files via unspecified manipulations of the page parameter. | ||||
| CVE-2007-3347 | 1 D-link | 2 Dph-540, Dph-541 | 2026-04-23 | N/A |
| The D-Link DPH-540/DPH-541 phone accepts SIP INVITE messages that are not from the Call Server's IP address, which allows remote attackers to engage in arbitrary SIP communication with the phone, as demonstrated by communication with forged caller ID. | ||||
| CVE-2007-3348 | 1 D-link | 2 Dph-540, Dph-541 | 2026-04-23 | N/A |
| The D-Link DPH-540/DPH-541 phone allows remote attackers to cause a denial of service (device outage) via a malformed SDP header in a SIP INVITE message. | ||||
| CVE-2007-3349 | 1 Aastra Telecom | 1 9112i Sip Phone | 2026-04-23 | N/A |
| The Aastra 9112i SIP Phone with firmware 1.4.0.1048 and boot version 1.1.0.10 allows remote attackers to (1) cause a denial of service (device freeze) via a malformed SIP message of a certain length or (2) cause a denial of service (continuous ring) via a malformed SIP message of a certain other length. | ||||
| CVE-2007-3350 | 2 Aol, Microsoft | 2 Instant Messenger, Windows Xp | 2026-04-23 | N/A |
| AOL Instant Messenger (AIM) 6.1.32.1 on Windows XP allows remote attackers to cause a denial of service (application hang) via a flood of spoofed SIP INVITE requests. | ||||
| CVE-2007-3351 | 3 Dell, Microsoft, Sj Labs | 3 Axim X3, Windows Mobile, Sjphone | 2026-04-23 | N/A |
| The SJPhone SIP soft phone 1.60.303c, when installed on the Dell Axim X3 running Windows Mobile 2003, allows remote attackers to cause a denial of service (device hang and traffic amplification) via a direct crafted INVITE transaction, which causes the phone to transmit many RTP packets. | ||||
| CVE-2006-5192 | 1 Phpgreetz | 1 Phpgreetz | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in includes/footer.php in phpGreetz 0.99 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the PHPGREETZ_INCLUDE_DIR parameter. | ||||
| CVE-2007-3370 | 1 Kim Kyoung Min | 1 Sun Board | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Sun Board 1.00.00 Alpha allow remote attackers to execute arbitrary PHP code via a URL in (1) the sunPath parameter to include.php or (2) the dir parameter to skin/board/default/doctype.php. | ||||
| CVE-2006-5193 | 1 Wikyblog | 1 Wikyblog | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in index.php in Josh Schmidt WikyBlog 1.2.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the includeDir parameter. | ||||
| CVE-2007-3404 | 1 Sitedepth | 1 Sitedepth Cms | 2026-04-23 | N/A |
| Directory traversal vulnerability in ShowImage.php in SiteDepth CMS 3.44 allows remote attackers to read arbitrary files via a .. (dot dot) in the name parameter. | ||||
| CVE-2007-3405 | 1 Lebisoft | 1 Lebisoft Zdefter | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in defter_yaz.asp in Lebisoft zdefter 4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) ad and (2) konu parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-3406 | 1 Microsoft | 2 Internet Explorer, Windows Xp | 2026-04-23 | N/A |
| Multiple absolute path traversal vulnerabilities in Microsoft Internet Explorer 6 on Windows XP SP2 allow remote attackers to access arbitrary local files via the file: URI in the (1) src attribute of a (a) bgsound, (b) input, (c) EMBED, (d) img, or (e) script tag; (2) data attribute of an object tag; (3) value attribute of a param tag; (4) background attribute of a body tag; or (5) the background:url attribute declared in the BODY parameter of a STYLE tag. | ||||
| CVE-2006-5194 | 1 Net2ftp | 1 Net2ftp | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in net2ftp 0.93 allows remote attackers to inject arbitrary web script or HTML via the username parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-3437 | 2 Aol, Microsoft | 2 Instant Messenger, Windows Xp | 2026-04-23 | N/A |
| AOL Instant Messenger (AIM) 6.1.32.1 on Windows XP allows remote attackers to cause a denial of service (application crash) via a malformed header value in a SIP INVITE message, a different vulnerability than CVE-2007-3350. | ||||
| CVE-2007-3458 | 1 Sun | 1 Solaris | 2026-04-23 | N/A |
| The libsldap library in Sun Solaris 8, 9, and 10 allows local users to cause a denial of service (Name Service Caching Daemon (nscd) crash) via unspecified vectors. | ||||
| CVE-2007-3500 | 1 Xeforum | 1 Xeforum | 2026-04-23 | N/A |
| Xeweb XEForum allows remote attackers to gain privileges via a modified xeforum cookie. | ||||
| CVE-2007-3534 | 1 Daniel Toma | 1 Webchat | 2026-04-23 | N/A |
| SQL injection vulnerability in login.php in WebChat 0.78 allows remote attackers to execute arbitrary SQL commands via the rid parameter. | ||||
| CVE-2007-1125 | 1 Xeroxer | 1 Simple One-file Gallery | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in gallery.php in XeroXer Simple one-file gallery allows remote attackers to inject arbitrary web script or HTML via the f parameter. | ||||
| CVE-2007-3490 | 1 Microsoft | 1 Excel | 2026-04-23 | N/A |
| Unspecified vulnerability in Microsoft Excel 2003 SP2 allows remote attackers to have an unknown impact via unspecified vectors, possibly related to the sheet name, as demonstrated by 2670.xls. | ||||