Export limit exceeded: 10617 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (362815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-2487 1 Atomix Productions 1 Atomixmp3 2026-04-23 N/A
Stack-based buffer overflow in AtomixMP3 allows remote attackers to execute arbitrary code via a long filename in an MP3 file, a different vector than CVE-2006-6287.
CVE-2007-2513 1 Novell 1 Groupwise 2026-04-23 N/A
Novell GroupWise 7 before SP2 20070524, and GroupWise 6 before 6.5 post-SP6 20070522, allows remote attackers to obtain credentials via a man-in-the-middle attack.
CVE-2007-2501 1 Fernando M.a.d.s. 1 Codepress 2026-04-23 N/A
Eval injection vulnerability in codepress.html in CodePress before 0.9.4 allows remote attackers to execute arbitrary code via certain input that is used in an eval function call.
CVE-2007-3108 2 Openssl, Redhat 2 Openssl, Enterprise Linux 2026-04-23 N/A
The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL 0.9.8e and earlier does not properly perform Montgomery multiplication, which might allow local users to conduct a side-channel attack and retrieve RSA private keys.
CVE-2007-4180 1 Pluck 1 Pluck 2026-04-23 N/A
Directory traversal vulnerability in data/inc/theme.php in Pluck 4.3, when register_globals is enabled, allows remote attackers to read arbitrary local files via a .. (dot dot) in the file parameter. NOTE: CVE and a reliable third party dispute this vulnerability because the code uses a fixed argument when invoking fputs, which cannot be used to read files
CVE-2007-2527 1 Dynamicpad 1 Dynamicpad 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in DynamicPAD before 1.03.31 allow remote attackers to execute arbitrary PHP code via a URL in the HomeDir parameter to (1) dp_logs.php or (2) index.php.
CVE-2007-2528 1 Trend Micro 1 Serverprotect 2026-04-23 N/A
Buffer overflow in AgRpcCln.dll for Trend Micro ServerProtect 5.58 for Windows before Security Patch 3 Build 1176 allows remote attackers to execute arbitrary code via unknown vectors related to RPC requests. NOTE: this is probably a different vulnerability than CVE-2007-2508.
CVE-2007-2530 1 Tropicalm 1 Tropicalm Crowell Resource 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in Tropicalm Crowell Resource 4.5.2 allow remote attackers to execute arbitrary PHP code via a URL in the RESPATH parameter to (1) dosearch.php or (2) printfriendly.php.
CVE-2007-2531 1 Berylium 1 Berylium2 2026-04-23 N/A
PHP remote file inclusion vulnerability in berylium-classes.php in Berylium2 2003-08-18 allows remote attackers to execute arbitrary PHP code via a URL in the beryliumroot parameter.
CVE-2007-2538 1 Runcms 1 Runcms 2026-04-23 N/A
SQL injection vulnerability in class/debug/debug_show.php in RunCms 1.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the executed_queries array parameter.
CVE-2007-2539 1 Runcms 1 Runcms 2026-04-23 N/A
The show_files function in RunCms 1.5.2 and earlier allows remote attackers to obtain sensitive information (file existence and file metadata) via unspecified vectors.
CVE-2007-2547 1 Turnkey Web Tools 1 Sunshop Shopping Cart 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 allows remote attackers to inject arbitrary web script or HTML via the l parameter.
CVE-2007-3240 1 Wordpress 1 Wordpress 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in 404.php in the Vistered-Little theme for WordPress allows remote attackers to inject arbitrary web script or HTML via the URI (REQUEST_URI) that accesses index.php. NOTE: this can be leveraged for PHP code execution in an administrative session.
CVE-2007-2556 1 Nuked-klan 1 Nuked-klan 2026-04-23 N/A
SQL injection vulnerability in Nuked-klaN 1.7.6 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For (X_FORWARDED_FOR) HTTP header, as demonstrated by a request to the /nk/ URI.
CVE-2007-3241 1 Wordpress 1 Wordpress 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in blogroll.php in the cordobo-green-park theme for WordPress allows remote attackers to inject arbitrary web script or HTML via the PHP_SELF portion of a URI.
CVE-2007-2563 1 Versalsoft 1 Http File Upload Activex Control 2026-04-23 N/A
Buffer overflow in the AddFile function in VersalSoft HTTP File Upload ActiveX control (UFileUploaderD.dll) allows remote attackers to execute arbitrary code via a long argument.
CVE-2007-2565 1 Cdelia Software 1 Imageprocessing 2026-04-23 N/A
Cdelia Software ImageProcessing allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted BMP file.
CVE-2007-2573 1 Phptree 1 Phptree 2026-04-23 N/A
PHP remote file inclusion vulnerability in plugin/HP_DEV/cms2.php in PHPtree 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the s_dir parameter.
CVE-2007-2574 1 Archangelmgt 1 Weblog 2026-04-23 N/A
Directory traversal vulnerability in index.php in Archangel Weblog 0.90.02 allows remote attackers to read arbitrary files via a .. (dot dot) in the index parameter.
CVE-2007-2575 1 Vm Watermark 1 Vm Watermark 2026-04-23 N/A
PHP remote file inclusion vulnerability in watermark.php in the vm (aka Jean-Francois Laflamme) watermark 0.4.1 mod for Gallery allows remote attackers to execute arbitrary PHP code via a URL in the GALLERY_BASEDIR parameter.