Export limit exceeded: 363415 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363415 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-5308 1 Open Conference Systems 1 Open Conference Systems 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in Open Conference Systems (OCS) before 1.1.6 allow remote attackers to execute arbitrary PHP code via a URL in the fullpath parameter in (1) include/theme.inc.php or (2) include/footer.inc.php.
CVE-2007-6208 1 Claws Mail 1 Claws Mail Tools 2026-04-23 N/A
sylprint.pl in claws mail tools (claws-mail-tools) allows local users to overwrite arbitrary files via a symlink attack on the sylprint.[USER].[PID] temporary file.
CVE-2007-6213 1 Webed 1 Webed 2026-04-23 N/A
Multiple directory traversal vulnerabilities in mod/chat/index.php in WebED 0.0.9 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) Root and (2) Path parameters.
CVE-2006-5309 1 Phpbb 1 Prillian French 2026-04-23 N/A
PHP remote file inclusion vulnerability in language/lang_french/lang_prillian_faq.php in the Prillian French 0.8.0 and earlier module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2007-6215 1 Web-meetme 1 Web-meetme 2026-04-23 N/A
Multiple directory traversal vulnerabilities in play.php in Web-MeetMe 3.0.3 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) roomNo and possibly the (2) bookid parameter.
CVE-2007-6137 1 P3mbo 1 Content Injector 2026-04-23 N/A
SQL injection vulnerability in news.php in Content Injector 1.52 allows remote attackers to execute arbitrary SQL commands via the cat parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2007-5536 2 Hp, Hpe 2 Hp-ux, Openssl 2026-04-23 N/A
Unspecified vulnerability in OpenSSL before A.00.09.07l on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to cause a denial of service via unspecified vectors.
CVE-2007-5541 1 Opera 1 Opera Browser 2026-04-23 N/A
Unspecified vulnerability in Opera before 9.24, when using an "external" newsgroup or e-mail client, allows remote attackers to execute arbitrary commands via unknown vectors.
CVE-2007-5542 1 Miranda-im 1 Miranda Im 2026-04-23 N/A
Stack-based buffer overflow in Miranda IM 0.6.8 allows remote attackers to execute arbitrary code via a crafted Yahoo! Messenger packet. NOTE: this might overlap CVE-2007-5590.
CVE-2007-5543 1 Miranda-im 1 Miranda Im 2026-04-23 N/A
Stack-based buffer overflow in Miranda IM 0.6.8 and 0.7.0 allows remote attackers to execute arbitrary code via a crafted Yahoo! Messenger packet. NOTE: this might overlap CVE-2007-5590.
CVE-2007-5559 1 Ibm 1 Thinkvantage Tpm 2026-04-23 N/A
Heap-based buffer overflow in the IBM ThinkVantage TPM Service allows remote attackers to execute arbitrary code via a crafted HTTP packet. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.
CVE-2007-5563 1 Virtuemart 1 Virtuemart 2026-04-23 N/A
Unspecified vulnerability in VirtueMart before 1.0.13 allows remote attackers to execute arbitrary PHP code via unspecified vectors.
CVE-2007-5564 1 Simple Php Forum 1 Simple Php Forum 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in NSSboard (formerly Simple PHP Forum) 6.1 allow remote attackers to inject arbitrary web script or HTML via (1) HTML tags when BBcode is disabled; or the (2) user, (3) email, or (4) Real Name fields in a profile.
CVE-2007-5565 1 Phpscms 1 Phpscms 2026-04-23 9.8 Critical
PHP remote file inclusion vulnerability in includes/functions.php in phpSCMS 0.0.1-Alpha1 allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter. NOTE: this issue is disputed by CVE because the identified code is in a function that is not accessible via direct request
CVE-2007-5566 1 Phpblog 1 Phpblog 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in PHPBlog 0.1 Alpha allow remote attackers to execute arbitrary PHP code via a URL in the blog_localpath parameter to (1) includes/functions.php or (2) includes/email.php. NOTE: this issue is disputed by CVE because the identified code is in functions that are not accessible via direct request
CVE-2007-5719 1 Minibb 1 Minibb 2026-04-23 N/A
SQL injection vulnerability in bb_func_search.php in miniBB 2.1 allows remote attackers to execute arbitrary SQL commands via the table parameter to index.php.
CVE-2007-5628 1 Towels 1 Towels 2026-04-23 N/A
PHP remote file inclusion vulnerability in src/scripture.php in The Online Web Library Site (TOWels) 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the pageHeaderFile parameter.
CVE-2006-5276 2 Snort, Sourcefire 2 Snort, Intrusion Sensor 2026-04-23 N/A
Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 before beta 2; and Sourcefire Intrusion Sensor; allows remote attackers to execute arbitrary code via crafted SMB traffic.
CVE-2007-5657 1 Tibco 4 Ems Server, Enterprise Message Service, Rtworks and 1 more 2026-04-23 N/A
TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointer offsets.
CVE-2007-5700 1 Ibm 1 Lotus Domino 2026-04-23 N/A
The Evaluate LotusScript method in IBM Lotus Domino before 7.0.3 uses an incorrect security context for @ formula commands in some circumstances, which might allow remote authenticated users to gain privileges and obtain sensitive information.