Export limit exceeded: 366715 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-0298 1 Dexxaboy 1 Lunarpoll 2026-04-23 N/A
PHP remote file inclusion vulnerability in show.php in LunarPoll, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the PollDir parameter.
CVE-2007-0299 1 Apple 1 Mac Os X 2026-04-23 N/A
Integer overflow in the byte_swap_sbin function in bsd/ufs/ufs/ufs_byte_order.c in Mac OS X 10.4.8 allows user-assisted remote attackers to cause a denial of service (kernel panic) by mounting a crafted Unix File System (UFS) DMG image, which triggers an invalid pointer dereference.
CVE-2007-0300 1 Tlm Cms 1 Tlm Cms 2026-04-23 N/A
PHP remote file inclusion vulnerability in i-accueil.php in TLM CMS 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the chemin parameter.
CVE-2007-0301 1 Fdweb 1 Espace Membre 2026-04-23 N/A
PHP remote file inclusion vulnerability in _admin/admin_menu.php in FdWeB Espace Membre 2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path parameter.
CVE-2007-0302 1 Instantasp 1 Instantasp 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in InstantASP 4.1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) SessionID parameter to (a) Logon.aspx, and the (2) Username and (3) Update parameters to (b) Members1.aspx.
CVE-2007-0303 1 Pancake.org 1 Zina 2026-04-23 N/A
Multiple unspecified vulnerabilities in Zina 1.0rc1 and earlier have unknown impact and attack vectors related to "Potential security bugs."
CVE-2007-0304 1 Mint 1 Haber Sistemi 2026-04-23 N/A
SQL injection vulnerability in duyuru.asp in MiNT Haber Sistemi 2.7 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-0306 1 Digiappz 1 Digiaffiliate 2026-04-23 N/A
SQL injection vulnerability in visu_user.asp in Digiappz DigiAffiliate 1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-0307 1 Poplar Gedcom Viewer 1 Poplar Gedcom Viewer 2026-04-23 N/A
PHP remote file inclusion vulnerability in include/common.php in Poplar Gedcom Viewer 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the env[rootPath] parameter.
CVE-2007-0308 1 Plain Black 1 Webgui 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in Plain Black WebGUI before 7.3.4 (beta) allows remote attackers to inject arbitrary web script or HTML via Wiki Page titles.
CVE-2007-0309 1 Francisco Burzi 1 Php-nuke 2026-04-23 N/A
SQL injection vulnerability in blocks/block-Old_Articles.php in Francisco Burzi PHP-Nuke 7.9 and earlier, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2007-0310 1 Bmc 1 Remedy Action Request System 2026-04-23 N/A
BMC Remedy Action Request System 5.01.02 Patch 1267 generates different error messages for failed login attempts with a valid username than for those with an invalid username, which allows remote attackers to determine valid account names.
CVE-2007-0311 1 Texas Imperial Software 2 Wftpd, Wftpd Pro Server 2026-04-23 N/A
Texas Imperial Software WFTPD and WFTPD Pro Server 3.25 and earlier allow remote attackers to cause a denial of service (application crash) via a long SITE ADMIN command.
CVE-2007-0312 1 Wcsimple Poll 1 Wcsimple Poll 2026-04-23 N/A
wcSimple Poll stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain password hashes via a direct request for password.txt.
CVE-2007-0313 1 Gonicus 1 Gonicus System Administration 2026-04-23 N/A
Unspecified vulnerability in GONICUS System Administration (GOsa) before 2.5.8 allows remote authenticated users to modify certain settings, including the admin password, via crafted POST requests.
CVE-2007-0314 1 Article System 1 Article System 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in Article System 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the INCLUDE_DIR parameter to (1) forms.php, (2) issue_edit.php, (3) client.php, and (4) classes.php.
CVE-2007-0316 1 All In One Control Panel 1 All In One Control Panel 2026-04-23 N/A
Multiple SQL injection vulnerabilities in All In One Control Panel (AIOCP) 1.3.010 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) xuser_name parameter to shared/code/cp_authorization.php, and the (2) did parameter to public/code/cp_downloads.php, different vectors than CVE-2007-0223.
CVE-2007-0317 1 Filezilla 1 Filezilla 2026-04-23 N/A
Format string vulnerability in the LogMessage function in FileZilla before 3.0.0-beta5 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted arguments. NOTE: some of these details are obtained from third party information.
CVE-2007-0318 1 Apple 1 Mac Os X 2026-04-23 N/A
The do_hfs_truncate function in Mac OS X 10.4.8 allows context-dependent attackers to cause a denial of service (kernel panic) via a crafted HFS+ filesystem in a DMG image, which causes an access of an invalid vnode structure during file removal.
CVE-2007-0319 1 Motive Incorporated 2 Self Service Manager, Service Activation Manager 2026-04-23 N/A
Multiple stack-based buffer overflows in the Motive ActiveEmailTest.EmailData (ActiveUtils EmailData) ActiveX control in ActiveUtils.dll in Motive Service Activation Manager 5.1 and Self Service Manager 5.1 and earlier allow remote attackers to execute arbitrary code via unspecified vectors.