Export limit exceeded: 29932 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29932 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29932 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-1511 | 1 Frontbase | 1 Relational Database Server | 2026-04-23 | N/A |
| Buffer overflow in FrontBase Relational Database Server 4.2.7 and earlier allows remote authenticated users, with privileges for creating a stored procedure, to execute arbitrary code via a CREATE PROCEDURE request with a long procedure name. | ||||
| CVE-2006-6139 | 1 Sisfo Kampus | 1 Sisfo Kampus | 2026-04-23 | N/A |
| Directory traversal vulnerability in downloadexcel.php in Sisfo Kampus 2006 (Semarang 3) allows remote attackers to read arbitrary files via the fn parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-2657 | 1 Precisionid Barcode | 1 Precisionid Barcode | 2026-04-23 | N/A |
| Unspecified vulnerability in the PrecisionID Barcode 1.3 ActiveX control in PrecisionID_DataMatrix.DLL allows remote attackers to cause a denial of service via a long argument to the SaveBarCode method. | ||||
| CVE-2007-1509 | 1 Holtstraeter | 1 Rot 13 | 2026-04-23 | N/A |
| Directory traversal vulnerability in enkrypt.php in Sascha Schroeder krypt (aka Holtstraeter Rot 13) allows remote attackers to read arbitrary files via a .. (dot dot) in the datei parameter. | ||||
| CVE-2006-5595 | 1 Wireshark | 1 Wireshark | 2026-04-23 | N/A |
| Unspecified vulnerability in the AirPcap support in Wireshark (formerly Ethereal) 0.99.3 has unspecified attack vectors related to WEP key parsing. | ||||
| CVE-2006-6724 | 1 Bolintech | 1 Dream Ftp Server | 2026-04-23 | N/A |
| BolinTech Dream FTP Server 1.02 allows remote authenticated users, including anonymous users, to cause a denial of service (application crash) via a certain invalid PORT command. | ||||
| CVE-2006-6138 | 1 Sisfo Kampus | 1 Sisfo Kampus | 2026-04-23 | N/A |
| Directory traversal vulnerability in download.php in Sisfo Kampus 0.8 allows remote attackers to list arbitrary directories via an absolute pathname in the dir parameter. | ||||
| CVE-2007-2656 | 1 Hp | 1 Hpqvwocx.dll | 2026-04-23 | N/A |
| Stack-based buffer overflow in the Hewlett-Packard (HP) Magview ActiveX control in hpqvwocx.dll 1.0.0.309 allows remote attackers to cause a denial of service (application crash) and possibly have other impact via a long argument to the DeleteProfile method. | ||||
| CVE-2006-5543 | 1 Pgosd | 1 Pgosd | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in misc/function.php3 in PHP Generator of Object SQL Database (PGOSD), when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. | ||||
| CVE-2006-5527 | 1 Intelimen | 1 Intelieditor | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in lib.editor.inc.php in Intelimen InteliEditor 1.2.x allows remote attackers to execute arbitrary PHP code via a URL in the sys_path parameter. | ||||
| CVE-2006-6137 | 1 Sisfo Kampus | 1 Sisfo Kampus | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Sisfo Kampus 0.8 allow remote attackers to execute arbitrary PHP code via a URL in the (1) exec parameter to index.php or (2) print parameter to print.php, which is also accessible via the print command to index.php. | ||||
| CVE-2006-6132 | 1 Softacid | 1 Link Exchange Lite | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Link Exchange Lite allow remote attackers to execute arbitrary SQL commands via (1) the search engine field to search.asp and (2) psearch parameter to linkslist.asp. | ||||
| CVE-2006-5523 | 1 Ez-ticket | 1 Ez-ticket | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in common.php in EZ-Ticket 0.0.1 allows remote attackers to execute arbitrary PHP code via a URL in the ezt_root_path parameter. | ||||
| CVE-2006-5446 | 1 Casinosoft | 1 Casino Script | 2026-04-23 | N/A |
| SQL injection vulnerability in lobby/config.php in Casinosoft Casino Script (aka Masvet) 3.2 allows remote attackers to execute arbitrary SQL commands via the cfam parameter. | ||||
| CVE-2006-5086 | 1 Pixel Motion | 1 Pixel Motion Blog | 2026-04-23 | N/A |
| Blog Pixel Motion 2.1.1 allows remote attackers to change the username and password for the admin user via a direct request to insere_base.php with modified (1) login and (2) pass parameters. NOTE: this issue was claimed to be SQL injection by the original researcher, but it is not. | ||||
| CVE-2007-2622 | 1 Taskdriver | 1 Taskdriver | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in TaskDriver 1.2 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the username parameter to login.php or (2) the taskid parameter to notes.php. | ||||
| CVE-2007-2621 | 1 Extrovert Software | 1 Thyme Calndar | 2026-04-23 | N/A |
| SQL injection vulnerability in event_view.php in Thyme Calendar 1.3 allows remote attackers to execute arbitrary SQL commands via the eid parameter. | ||||
| CVE-2006-5980 | 1 Renasoft | 1 Netjetserver | 2026-04-23 | N/A |
| adm_lgn_admin.asp in Renasoft NetJetServer 2.5.3.939, and possibly earlier, does not properly perform login authentication, which allows remote attackers to obtain administrative privileges. NOTE: the provenance of this information is unknown; details are obtained from third party sources. | ||||
| CVE-2006-5979 | 1 Renasoft | 1 Netjetserver | 2026-04-23 | N/A |
| Renasoft NetJetServer 2.5.3.939, and possibly earlier, uses insecure permissions for Global.asa, which allows remote attackers to obtain sensitive information. NOTE: the provenance of this information is unknown; details are obtained from third party sources. | ||||
| CVE-2006-6861 | 1 Outfront | 1 Spooky Login | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Outfront Spooky Login 2.7 allow remote attackers to execute arbitrary SQL commands via (1) the UserUpdate parameter to login/register.asp or (2) unspecified parameters to includes/a_register.asp. | ||||