Total
29869 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-6661 | 1 Php-update | 1 Php-update | 2025-04-09 | 7.5 HIGH | N/A |
|
Variable overwrite vulnerability in blog.php in PHP-Update 2.7 and earlier allows remote attackers to overwrite arbitrary program variables and execute arbitrary PHP code via multiple vectors that use the extract function, as demonstrated by the (1) f, (2) newmessage, (3) newusername, (4) adminuser, and (5) permission parameters.
|
|||||
| CVE-2007-4097 | 1 Tor | 1 Tor | 2025-04-09 | 6.4 MEDIUM | N/A |
|
Tor before 0.1.2.15 sends "destroy cells" containing the reason for tearing down a circuit, which allows remote attackers to obtain sensitive information, contrary to specifications.
|
|||||
| CVE-2006-5944 | 1 Mginternet | 1 Car Site Manager | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in csm/asp/listings.asp in MGinternet Car Site Manager (CSM) allows remote attackers to inject arbitrary web script or HTML via the s parameter.
|
|||||
| CVE-2006-6067 | 1 20 20 Applications | 1 20 20 Datashed | 2025-04-09 | 7.5 HIGH | N/A |
|
Multiple SQL injection vulnerabilities in 20/20 DataShed (aka Real Estate Listing System) allow remote attackers to execute arbitrary SQL commands via the (1) itemID parameter to (a) f-email.asp, or the (2) peopleID and (2) sort_order parameters to (b) listings.asp, different vectors than CVE-2006-5955.
|
|||||
| CVE-2006-5293 | 1 Phpoutsourcing | 1 Noahs Classifieds | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in index.php in PhpOutsourcing Noah's Classifieds 1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the frommethod parameter.
|
|||||
| CVE-2007-3062 | 1 Hp | 1 System Management Homepage | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 2.1.2 running on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2007-0643 | 1 Bloodshed Software | 1 Dev-c\+\+ | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Stack-based buffer overflow in Bloodshed Dev-C++ 4.9.9.2 allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long line in a .cpp file.
|
|||||
| CVE-2007-0749 | 1 Apple | 2 Darwin Streaming Server, Mac Os X Server | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple stack-based buffer overflows in the is_command function in proxy.c in Apple Darwin Streaming Proxy, when using Darwin Streaming Server before 5.5.5, allow remote attackers to execute arbitrary code via a long (1) cmd or (2) server value in an RTSP request.
|
|||||
| CVE-2007-2366 | 1 Corel | 1 Paint Shop Pro | 2025-04-09 | 7.4 HIGH | N/A |
|
Buffer overflow in Corel Paint Shop Pro 11.20 allows user-assisted remote attackers to execute arbitrary code via a crafted .PNG file.
|
|||||
| CVE-2007-0530 | 1 Advanced Guestbook | 1 Advanced Guestbook | 2025-04-09 | 7.5 HIGH | N/A |
|
Multiple PHP remote file inclusion vulnerabilities in Advanced Guestbook 2.4.2 allow remote attackers to execute arbitrary PHP code via a URL in the include_path parameter to (1) index.php, (2) addentry.php, or (3) picture.php, a different set of vectors than CVE-2006-5804. NOTE: this issue has been disputed by third party researchers, stating that the include_path variable is instantiated before use
|
|||||
| CVE-2007-2175 | 1 Apple | 1 Safari | 2025-04-09 | 7.6 HIGH | N/A |
|
Apple QuickTime Java extensions (QTJava.dll), as used in Safari and other browsers, and when Java is enabled, allows remote attackers to execute arbitrary code via parameters to the toQTPointer method in quicktime.util.QTHandleRef, which can be used to modify arbitrary memory when creating QTPointerRef objects, as demonstrated during the "PWN 2 0WN" contest at CanSecWest 2007.
|
|||||
| CVE-2006-5745 | 1 Microsoft | 1 Xml Core Services | 2025-04-09 | 7.6 HIGH | N/A |
|
Unspecified vulnerability in the setRequestHeader method in the XMLHTTP (XML HTTP) ActiveX Control 4.0 in Microsoft XML Core Services 4.0 on Windows, when accessed by Internet Explorer, allows remote attackers to execute arbitrary code via crafted arguments that lead to memory corruption, a different vulnerability than CVE-2006-4685. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2007-2064 | 1 Actionpoll | 1 Actionpoll | 2025-04-09 | 7.5 HIGH | N/A |
|
Multiple PHP remote file inclusion vulnerabilities in Robert Ladstaetter ActionPoll 1.1.0, and possibly 1.1.1, allow remote attackers to execute arbitrary PHP code via a URL in (1) the CONFIG_POLLDB parameter to actionpoll.php or (2) the CONFIG_DB parameter to db/DataReaderWriter.php, different vectors than CVE-2001-1297.
|
|||||
| CVE-2006-5343 | 1 Oracle | 1 Database Server | 2025-04-09 | 9.0 HIGH | N/A |
|
Unspecified vulnerability in Database Scheduler component in Oracle Database 10.1.0.3 has unknown impact and remote authenticated attack vectors related to sys.dbms_scheduler, aka Vuln# DB19.
|
|||||
| CVE-2006-5849 | 1 Irayoblog | 1 Irayoblog | 2025-04-09 | 7.5 HIGH | N/A |
|
PHP remote file inclusion vulnerability in inc/irayofuncs.php in IrayoBlog alpha-0.2.4 allows remote attackers to execute arbitrary PHP code via a URL in the irayodirhack parameter.
|
|||||
| CVE-2006-6259 | 1 Alternc | 1 Alternc | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple directory traversal vulnerabilities in (a) class/functions.php and (b) class/m_bro.php in AlternC 0.9.5 and earlier allow remote attackers to (1) create arbitrary files and directories via a .. (dot dot) in the "create name" field and (2) read arbitrary files via a .. (dot dot) in the "web root" field when configuring a subdomain.
|
|||||
| CVE-2007-2058 | 1 Picozip | 1 Picozip | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Directory traversal vulnerability in Acubix PicoZip 4.02 allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in the file path in an (1) GZ, (2) TAR, (3) RAR, (4) JAR, or (5) ZIP archive.
|
|||||
| CVE-2006-6542 | 1 Fantastic News | 1 Fantastic News | 2025-04-09 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in news.php in Fantastic News 2.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
|||||
| CVE-2006-6090 | 1 Baalasp | 1 Smart Form Portal | 2025-04-09 | 7.5 HIGH | N/A |
|
Multiple SQL injection vulnerabilities in BaalAsp forum allow remote attackers to execute arbitrary SQL commands via the (1) password parameter to (a) adminlogin.asp, the (2) name or (3) password parameter to (b) userlogin.asp, or the (3) search parameter to search.asp.
|
|||||
| CVE-2007-0189 | 1 Geobb | 1 Georgian Bulletin Board | 2025-04-09 | 7.5 HIGH | N/A |
|
PHP remote file inclusion vulnerability in index.php in GeoBB Georgian Bulletin Board allows remote attackers to execute arbitrary PHP code via a URL in the action parameter. NOTE: CVE disputes this issue, since GeoBB 1.0 sets $action to a whitelisted value
|
|||||
| CVE-2006-5628 | 1 Unisor Cms | 1 Unisor Cms | 2025-04-09 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in login.asp in UNISOR Content Management System (CMS) allows remote attackers to execute arbitrary SQL commands via the (1) user or (2) pass fields.
|
|||||
| CVE-2006-1167 | 1 Sgi | 1 Propack | 2025-04-09 | 1.2 LOW | N/A |
|
SGI ProPack 3 SP6 kernel displays the frame buffer contents of the last session after a reboot, which might allow local users to obtain sensitive information.
|
|||||
| CVE-2007-0185 | 1 Getahead | 1 Direct Web Remoting | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Getahead Direct Web Remoting (DWR) before 1.1.4 allows attackers to cause a denial of service (memory exhaustion and servlet outage) via unknown vectors related to a large number of calls in a batch.
|
|||||
| CVE-2007-1455 | 1 Cpanel-host | 1 Fantastico De Luxe | 2025-04-09 | 9.0 HIGH | N/A |
|
Multiple absolute path traversal vulnerabilities in Fantastico, as used with cPanel 10.x, allow remote authenticated users to include and execute arbitrary local files via (1) the userlanguage parameter to includes/load_language.php or (2) the fantasticopath parameter to includes/mysqlconfig.php and certain other files.
|
|||||
| CVE-2007-2793 | 1 Geeklog | 1 Geeklog | 2025-04-09 | 7.5 HIGH | N/A |
|
PHP remote file inclusion vulnerability in ImageImageMagick.php in Geeklog 2.x allows remote attackers to execute arbitrary PHP code via a URL in the glConf[path_system] parameter.
|
|||||
| CVE-2007-1726 | 1 Icebb | 1 Icebb | 2025-04-09 | 6.5 MEDIUM | N/A |
|
Unrestricted file upload vulnerability in index.php in IceBB 1.0-rc5 allows remote authenticated users to upload arbitrary files via the avatar function, which can later be accessed in uploads/.
|
|||||
| CVE-2007-2024 | 1 Phpwiki | 1 Phpwiki | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Unrestricted file upload vulnerability in the UpLoad feature (lib/plugin/UpLoad.php) in PhpWiki 1.3.x allows remote attackers to upload arbitrary PHP files with a (1) php3, (2) php4, or (3) php5 extension.
|
|||||
| CVE-2007-3232 | 1 Ibm | 1 Totalstorage Ds400 | 2025-04-09 | 10.0 HIGH | N/A |
|
The IBM TotalStorage DS400 with firmware 4.15 uses a blank password for the (1) root, (2) user, (3) manager, (4) administrator, and (5) operator accounts, which allows remote attackers to gain login access via certain Linux daemons, including a telnet daemon on a nonstandard port, tcp/6000.
|
|||||
| CVE-2007-3697 | 1 Tufat | 1 Flashbb | 2025-04-09 | 7.5 HIGH | N/A |
|
PHP remote file inclusion vulnerability in phpbb/sendmsg.php in FlashBB 1.1.8 and earlier allows remote attackers to execute arbitrary code via a URL in the phpbb_root_path parameter.
|
|||||
| CVE-2007-1663 | 2 Debian, Ekg | 2 Debian Linux, Ekg | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Memory leak in the image message functionality in ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service.
|
|||||
| CVE-2007-0105 | 1 Cisco | 1 Secure Access Control Server | 2025-04-09 | 7.5 HIGH | N/A |
|
Stack-based buffer overflow in the CSAdmin service in Cisco Secure Access Control Server (ACS) for Windows before 4.1 and ACS Solution Engine before 4.1 allows remote attackers to execute arbitrary code via a crafted HTTP GET request.
|
|||||
| CVE-2007-1094 | 1 Microsoft | 1 Internet Explorer | 2025-04-09 | 7.8 HIGH | N/A |
|
Microsoft Internet Explorer 7 allows remote attackers to cause a denial of service (NULL dereference and application crash) via JavaScript onUnload handlers that modify the structure of a document.
|
|||||
| CVE-2007-1003 | 1 X.org | 1 X11 | 2025-04-09 | 9.0 HIGH | N/A |
|
Integer overflow in ALLOCATE_LOCAL in the ProcXCMiscGetXIDList function in the XC-MISC extension in the X.Org X11 server (xserver) 7.1-1.1.0, and other versions before 20070403, allows remote authenticated users to execute arbitrary code via a large expression, which results in memory corruption.
|
|||||
| CVE-2007-2628 | 1 Justin Koivisto | 1 Phpsecurityadmin | 2025-04-09 | 7.5 HIGH | N/A |
|
PHP remote file inclusion vulnerability in include/logout.php in Justin Koivisto SecurityAdmin for PHP (aka PHPSecurityAdmin, PSA) 4.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the PSA_PATH parameter.
|
|||||
| CVE-2006-7014 | 1 Bloggit | 1 Bloggit | 2025-04-09 | 7.5 HIGH | N/A |
|
admin.php in BloggIT 1.01 and earlier does not properly establish a user session, which allows remote attackers to gain privileges via a direct request.
|
|||||
| CVE-2007-0425 | 1 Bea | 2 Jrockit, Weblogic Server | 2025-04-09 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in BEA WebLogic Platform and Server 8.1 through 8.1 SP5, and JRockit 1.4.2 R4.5 and earlier, allows attackers to gain privileges via unspecified vectors, related to an "overflow condition," probably a buffer overflow.
|
|||||
| CVE-2007-4282 | 1 Serendipity | 1 Serendipity | 2025-04-09 | 5.0 MEDIUM | N/A |
|
The "Extended properties for entries" (entryproperties) plugin in serendipity_event_entryproperties.php in Serendipity 1.1.3 allows remote authenticated users to bypass password protection and "deliver custom entryproperties settings to the Serendipity Frontend" via a certain request that modifies the password being checked.
|
|||||
| CVE-2006-6206 | 1 Warhound | 1 Warhound General Shopping Cart | 2025-04-09 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in item.asp in WarHound General Shopping Cart allows remote attackers to execute arbitrary SQL commands via the ItemID parameter.
|
|||||
| CVE-2007-1354 | 1 Jboss | 1 Jboss Application Server | 2025-04-09 | 6.0 MEDIUM | N/A |
|
The Access Control functionality (JMXOpsAccessControlFilter) in JMX Console in JBoss Application Server 4.0.2 and 4.0.5 before 20070416 uses a member variable to store the roles of the current user, which allows remote authenticated administrators to trigger a race condition and gain privileges by logging in during a session by a more privileged administrator, as demonstrated by privilege escalation from Read Mode to Write Mode.
|
|||||
| CVE-2006-4411 | 1 Apple | 1 Mac Os X | 2025-04-09 | 7.2 HIGH | N/A |
|
The VPN service in Apple Mac OS X 10.3.x through 10.3.9 and 10.4.x through 10.4.8 does not properly clean the environment when executing commands, which allows local users to gain privileges via unspecified vectors.
|
|||||