Export limit exceeded: 363321 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363321 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-3942 1 Ozsari 1 Full Php Emlak Script 2026-04-23 N/A
SQL injection vulnerability in landsee.php in Full PHP Emlak Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-0305 2 Microsoft, Research In Motion Limited 2 Internet Explorer, Blackberry Application Web Loader 2026-04-23 N/A
Multiple stack-based buffer overflows in the Research in Motion RIM AxLoader ActiveX control in AxLoader.ocx and AxLoader.dll in BlackBerry Application Web Loader 1.0 allow remote attackers to execute arbitrary code via unspecified use of the (1) load or (2) loadJad method.
CVE-2009-1954 1 Ibm 1 Aix 2026-04-23 N/A
Unspecified vulnerability in portmapper (aka portmap) in IBM AIX 5.3 allows attackers to cause a denial of service (daemon hang) via unknown vectors, related to libtli.
CVE-2007-4262 1 Ez Photo Sales 1 Ez Photo Sales 2026-04-23 N/A
Unrestricted file upload vulnerability in EZPhotoSales 1.9.3 and earlier allows remote authenticated administrators to upload and execute arbitrary PHP code under OnlineViewing/galleries/.
CVE-2007-1111 1 Activecalendar 1 Activecalendar 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in ActiveCalendar 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the css parameter to (1) flatevents.php, (2) js.php, (3) mysqlevents.php, (4) m_2.php, (5) m_3.php, (6) m_4.php, (7) xmlevents.php, (8) y_2.php, or (9) y_3.php in data/.
CVE-2007-1114 1 Microsoft 1 Ie 2026-04-23 N/A
The child frames in Microsoft Internet Explorer 7 inherit the default charset from the parent window when a charset is not specified in an HTTP Content-Type header or META tag, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated using the UTF-7 character set.
CVE-2007-1127 1 Watersweb Shops 1 Shop Kit Plus 2026-04-23 N/A
Directory traversal vulnerability in enc/stylecss.php in shopkitplus allows remote attackers to read arbitrary files via a .. (dot dot) in the changetheme parameter.
CVE-2007-1146 1 Delmaa.com 1 Arabhost 2026-04-23 N/A
PHP remote file inclusion vulnerability in function.php in arabhost allows remote attackers to execute arbitrary PHP code via a URL in the adminfolder parameter.
CVE-2007-1154 1 Webspell 1 Webspell 2026-04-23 N/A
SQL injection vulnerability in webSPELL allows remote attackers to execute arbitrary SQL commands via a ws_auth cookie, a different vulnerability than CVE-2006-4782.
CVE-2007-1156 1 Man Machine Systems 1 Jbrowser 2026-04-23 N/A
JBrowser allows remote attackers to bypass authentication and access certain administrative capabilities via a direct request for _admin/.
CVE-2007-1164 1 Dbscripts 1 Dbimagegallery 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in DBImageGallery 1.2.2 allow remote attackers to execute arbitrary PHP code via a URL in the donsimg_base_path parameter to (1) attributes.php, (2) images.php, or (3) scan.php in admin/; or (4) attributes.php, (5) db_utils.php, (6) images.php, (7) utils.php, or (8) values.php in includes/.
CVE-2007-1189 1 Bell Labs 1 Plan 9 2026-04-23 N/A
Integer overflow in the envwrite function in the Alcatel-Lucent Bell Labs Plan 9 kernel allows local users to overwrite certain memory addresses with kernel memory via a large n argument, as demonstrated by (1) modifying the iseve function to gain privileges and (2) making the devpermcheck function grant unrestricted device permissions.
CVE-2007-1205 1 Microsoft 3 Windows 2000, Windows 2003 Server, Windows Xp 2026-04-23 N/A
Unspecified vulnerability in Microsoft Agent (msagent\agentsvr.exe) in Windows 2000 SP4, XP SP2, and Server 2003, 2003 SP1, and 2003 SP2 allows remote attackers to execute arbitrary code via crafted URLs, which result in memory corruption.
CVE-2007-1215 1 Microsoft 4 Windows 2000, Windows 2003 Server, Windows Vista and 1 more 2026-04-23 N/A
Buffer overflow in the Graphics Device Interface (GDI) in Microsoft Windows 2000 SP4; XP SP2; Server 2003 Gold, SP1, and SP2; and Vista allows local users to gain privileges via certain "color-related parameters" in crafted images.
CVE-2007-1222 2 Apple, Parallels 2 Mac Os X, Parallels Desktop 2026-04-23 N/A
Parallels Desktop for Mac before 20070216 implements Drag and Drop by sharing the entire host filesystem as the .psf share, which allows local users of the guest operating system to write arbitrary files to the host filesystem, and execute arbitrary code via launchd by writing a plist file to a LaunchAgents directory.
CVE-2007-1223 3 Hitachi, Ibm, Sun 4 Hi-ux\/we2, Osas\/ft\/w, Aix and 1 more 2026-04-23 N/A
Unspecified vulnerability in Hitachi OSAS/FT/W before 20070223 allows attackers to cause a denial of service (responder control processing halt) by sending "data unexpectedly through the port".
CVE-2007-1225 1 Grok Developments 1 Netproxy 2026-04-23 N/A
The connection log file implementation in Grok Developments NetProxy 4.03 does not record requests that omit http:// in a URL, which might allow remote attackers to conduct unauthorized activities and avoid detection.
CVE-2007-1246 1 Mplayer 1 Mplayer 2026-04-23 N/A
The DMO_VideoDecoder_Open function in loader/dmo/DMO_VideoDecoder.c in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerability than CVE-2007-1387.
CVE-2007-1247 1 Aweb Labs 1 Awebnews 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in aWeb Labs aWebNews 1.5 allow remote attackers to execute arbitrary PHP code via a URL in the path_to_news parameter to (1) listing.php or (2) visview.php.
CVE-2007-1249 1 Contelligent 1 C1 Financial Services 2026-04-23 N/A
MoveSortedContentAction in C1 Financial Services Contelligent 9.1.4 does not check "the additional environment security configuration," which allows remote attackers with write permissions to reorder components.