Export limit exceeded: 362976 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (362976 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-6084 | 1 Hotscripts | 1 Clone Script | 2026-04-23 | N/A |
| SQL injection vulnerability in software-description.php in HotScripts Clone Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2007-6085 | 1 Vigilecms | 1 Vigilecms | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in VigileCMS 1.4 allow remote attackers to inject arbitrary web script or HTML via the message field in the (1) vedipm or (2) live_chat module. | ||||
| CVE-2007-6086 | 1 Vigilecms | 1 Vigilecms | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in VigileCMS 1.4 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the module parameter. | ||||
| CVE-2007-6087 | 1 Vigilecms | 1 Vigilecms | 2026-04-23 | N/A |
| Cross-site request forgery (CSRF) vulnerability in index.php in VigileCMS 1.4 allows remote attackers to change the admin password via certain parameters to the changepass module. | ||||
| CVE-2007-6088 | 1 Phpbbviet | 1 Phpbbviet | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in includes/functions_mod_user.php in phpBBViet 02.03.07 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | ||||
| CVE-2007-6089 | 1 Mebiblio | 1 Mebiblio | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in index.php in meBiblio 0.4.5 allows remote attackers to execute arbitrary PHP code via a URL in the action parameter. | ||||
| CVE-2007-6090 | 1 Nuked-klan | 1 Nuked-klan | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Nuked-Klan 1.7.5 allows remote attackers to inject arbitrary web script or HTML via the file parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-6091 | 1 Jiro | 1 Banner System | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in files/login.asp in JiRo's Banner System (JBS) 2.0, and possibly JiRo's Upload Manager (aka JiRo's Upload System or JUS), allow remote attackers to execute arbitrary SQL commands via the (1) Username (aka Login or Email) or (2) Password field. | ||||
| CVE-2007-6092 | 1 Ingate | 2 Ingate Firewall, Ingate Siparator | 2026-04-23 | N/A |
| Buffer overflow in libsrtp in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 has unknown impact and attack vectors. NOTE: it is not clear whether this issue crosses privilege boundaries. | ||||
| CVE-2007-6093 | 1 Ingate | 2 Ingate Firewall, Ingate Siparator | 2026-04-23 | N/A |
| The SRTP implementation in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 allows remote attackers to cause a denial of service (kernel crash) via an RTCP index that is "much more than expected." | ||||
| CVE-2007-6094 | 1 Ingate | 2 Ingate Firewall, Ingate Siparator | 2026-04-23 | N/A |
| The IPsec module in the VPN component in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 allows remote attackers to cause a denial of service (module crash) via an IPsec Phase 2 proposal that lacks Perfect Forward Secrecy (PFS). | ||||
| CVE-2007-6095 | 1 Ingate | 2 Ingate Firewall, Ingate Siparator | 2026-04-23 | N/A |
| The SIP component in Ingate Firewall before 4.6.0 and SIParator before 4.6.0, when Remote NAT Traversal is employed, does not properly perform user registration and message distribution, which might allow remote authenticated users to receive messages intended for other users. | ||||
| CVE-2007-6096 | 1 Ingate | 2 Ingate Firewall, Ingate Siparator | 2026-04-23 | N/A |
| Ingate Firewall before 4.6.0 and SIParator before 4.6.0 use cleartext storage for passwords of "administrators with less privileges," which might allow attackers to read these passwords via unknown vectors. | ||||
| CVE-2007-6097 | 1 Ingate | 2 Ingate Firewall, Ingate Siparator | 2026-04-23 | N/A |
| Unspecified vulnerability in the ICMP implementation in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 has unknown impact and remote attack vectors, related to ICMP packets that are "incorrectly accepted." | ||||
| CVE-2007-6098 | 1 Ingate | 2 Ingate Firewall, Ingate Siparator | 2026-04-23 | N/A |
| Ingate Firewall before 4.6.0 and SIParator before 4.6.0 do not log truncated (1) ICMP, (2) UDP, and (3) TCP packets, which has unknown impact and remote attack vectors; and do not log (4) serial-console login attempts with nonexistent usernames, which might make it easier for attackers with physical access to guess valid login credentials while avoiding detection. | ||||
| CVE-2007-6099 | 1 Ingate | 2 Ingate Firewall, Ingate Siparator | 2026-04-23 | N/A |
| Unspecified vulnerability in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 might leave "media pinholes" open upon a restart of the SIP module, which might make it easier for remote attackers to conduct unauthorized activities. | ||||
| CVE-2007-6100 | 1 Phpmyadmin | 1 Phpmyadmin | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in libraries/auth/cookie.auth.lib.php in phpMyAdmin before 2.11.2.2, when logins are authenticated with the cookie auth_type, allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter to index.php, a different vulnerability than CVE-2005-0992. | ||||
| CVE-2007-6101 | 1 Code-crafters | 1 Ability Mail Server | 2026-04-23 | N/A |
| Ability Mail Server before 2.61 allows remote authenticated users to cause a denial of service (daemon crash) via (1) malformed number list ranges in unspecified IMAP commands, and possibly (2) a blank string in unspecified messages. | ||||
| CVE-2007-6102 | 1 Feed2js | 1 Feed2js | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Feed to JavaScript (Feed2JS) 1.91 allows remote attackers to inject arbitrary web script or HTML via a URL in a feed. | ||||
| CVE-2007-6103 | 1 Ihu | 1 I Hear U | 2026-04-23 | N/A |
| I Hear U (IHU) 0.5.6 and earlier allows remote attackers to cause (1) a denial of service (infinite loop) via a packet that contains zero in the size field in its header, which is improperly handled by the Receiver::processPacket function; and (2) a denial of service (daemon crash) via an (a) IHU_INFO_INIT or a (b) IHU_INFO_RING packet that does not specify the mode, which is improperly handled by the Player::ring function in Player.cpp. | ||||