Export limit exceeded: 346164 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346164 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-5929 | 1 Openbase International Ltd | 1 Openbase | 2026-04-23 | N/A |
| Buffer overflow in OpenBase 10.0.5 and earlier might allow remote authenticated users to execute arbitrary code or cause a denial of service (daemon crash) by creating a stored procedure with a long name and invoking this procedure, which triggers heap corruption. | ||||
| CVE-2007-6324 | 1 City Writer | 1 Citywriter | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in head.php in CityWriter 0.9.7 allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. | ||||
| CVE-2008-1092 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Xp and 1 more | 2026-04-23 | N/A |
| Buffer overflow in msjet40.dll before 4.0.9505.0 in Microsoft Jet Database Engine allows remote attackers to execute arbitrary code via a crafted Word file, as exploited in the wild in March 2008. NOTE: as of 20080513, Microsoft has stated that this is the same issue as CVE-2007-6026. | ||||
| CVE-2008-1494 | 1 Easy-clanpage | 1 Easy-clanpage | 2026-04-23 | N/A |
| SQL injection vulnerability in inc/module/online.php in Easy-Clanpage 2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a user details action, a different vector than CVE-2008-1425. | ||||
| CVE-2008-2167 | 1 Zyxel | 1 Zywall 100 | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in ZyXEL ZyWALL 100 allows remote attackers to inject arbitrary web script or HTML via the Referer header, which is not properly handled in a 404 Error page. | ||||
| CVE-2008-2175 | 1 Gamma Scripts | 1 Blogme Php | 2026-04-23 | N/A |
| SQL injection vulnerability in comments.php in Gamma Scripts BlogMe PHP 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-2180 | 1 Cplinks | 1 Cplinks | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in cpLinks 1.03, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) admin_username parameter (aka the username field) to admin/index.php and the (2) search_text and (3) search_category parameters to search.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-2181 | 1 Cplinks | 1 Cplinks | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in search.php in cpLinks 1.03 allow remote attackers to inject arbitrary web script or HTML via the (1) search_text and (2) search_category parameters. NOTE: the XSS reportedly occurs in a forced SQL error message. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-2183 | 1 Toocharger | 1 Smartblog | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in SMartBlog (aka SMBlog) 1.3 allows remote attackers to execute arbitrary SQL commands via the idt parameter. | ||||
| CVE-2008-3134 | 1 Graphicsmagick | 1 Graphicsmagick | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via (a) unspecified vectors in the (1) AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6) MTV, (7) PALM, (8) RLA, and (9) TGA decoder readers; and (b) the GetImageCharacteristics function in magick/image.c, as reachable from a crafted (10) PNG, (11) JPEG, (12) BMP, or (13) TIFF file. | ||||
| CVE-2008-4761 | 1 Kayako | 1 Esupport | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in includes/htmlArea/plugins/HtmlTidy/html-tidy-logic.php in Kayako eSupport 3.20.2 allows remote attackers to inject arbitrary web script or HTML via the jsMakeSrc parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: this issue is probably in the HTMLArea HTMLTidy (HTML Tidy) plugin, not eSupport. | ||||
| CVE-2008-5208 | 2 Joomla, Mambo | 3 Com Datsogallery, Joomla, Mambo | 2026-04-23 | N/A |
| SQL injection vulnerability in sub_votepic.php in the Datsogallery (com_datsogallery) module 1.6 for Joomla! allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header. | ||||
| CVE-2008-6730 | 1 China-on-site | 1 Flexphplink | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPLink Pro 0.0.6 and 0.0.7, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via (1) the checkuser parameter (aka username field), or (2) the checkpass parameter (aka password field), to admin/index.php. | ||||
| CVE-2008-6731 | 1 China-on-site | 1 Flexphplink | 2026-04-23 | N/A |
| Unrestricted file upload vulnerability in submitlink.php in FlexPHPLink Pro 0.0.7 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the renamed file in linkphoto/. | ||||
| CVE-2009-1346 | 1 Interguias | 1 Nethoteles | 2026-04-23 | N/A |
| SQL injection vulnerability in publico/ficha.php in NetHoteles 3.0 allows remote attackers to execute arbitrary SQL commands via the id_establecimiento parameter. | ||||
| CVE-2009-1730 | 1 Netmechanica | 1 Netdecision Tftp Server | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in NetMechanica NetDecision TFTP Server 4.2 allow remote attackers to read or modify arbitrary files via directory traversal sequences in the (1) GET or (2) PUT command. | ||||
| CVE-2009-2671 | 2 Redhat, Sun | 5 Enterprise Linux, Network Satellite, Rhel Extras and 2 more | 2026-04-23 | N/A |
| The SOCKS proxy implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to discover the username of the account that invoked an untrusted (1) applet or (2) Java Web Start application via unspecified vectors. | ||||
| CVE-2009-3536 | 1 Epicdjsoftware | 1 Epicvj | 2026-04-23 | N/A |
| Multiple stack-based buffer overflows in EpicDJSoftware EpicVJ 1.2.8.0 and 1.3.1.2 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a (1) .m3u or (2) .mpl playlist file. | ||||
| CVE-2007-3697 | 1 Tufat | 1 Flashbb | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in phpbb/sendmsg.php in FlashBB 1.1.8 and earlier allows remote attackers to execute arbitrary code via a URL in the phpbb_root_path parameter. | ||||
| CVE-2007-3702 | 1 Mail Machine | 1 Mail Machine | 2026-04-23 | N/A |
| Directory traversal vulnerability in the load function in cgi-bin/mail/mailmachine.cgi in Mail Machine 3.989 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the archives parameter in a Load action. | ||||