Export limit exceeded: 359646 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359646 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-0391 | 1 Bitdefender | 1 Bitdefender Client | 2026-04-23 | N/A |
| Format string vulnerability in the log creation functionality of BitDefender Client Professional Plus 8.02 allows attackers to execute arbitrary code via certain scan job settings. | ||||
| CVE-2007-0390 | 1 Sabros.us | 1 Sabros.us | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in sabros.us 1.7 allows remote attackers to inject arbitrary web script or HTML via the tag parameter. | ||||
| CVE-2007-0387 | 1 Joomla | 1 Joomla | 2026-04-23 | N/A |
| SQL injection vulnerability in models/category.php in the Weblinks component for Joomla! SVN 20070118 (com_weblinks) allows remote attackers to execute arbitrary SQL commands via the catid parameter. | ||||
| CVE-2007-0382 | 1 Letterman | 1 Letterman | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in letterman.class.php in the Letterman 1.2.3 (com_letterman) component for Joomla! before 1.0.12 allow remote attackers to execute arbitrary SQL commands via the id parameter, related to the (1) lm_sendMail, (2) saveNewsletter, and (3) cancelNewsletter functions. | ||||
| CVE-2007-0381 | 1 Adaptive Technology Resource Centre | 1 Atutor | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in ATutor 1.5.3.2 allow remote attackers to execute arbitrary SQL commands via unspecified parameters. NOTE: CVE analysis suggests that the vendor fixed these issues. | ||||
| CVE-2006-7091 | 1 Hinton Design | 1 Phpht Topsites Free | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in config.php in phpht Topsites FREE 1.022b allows remote attackers to execute arbitrary PHP code via a URL in the fullpath parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-3399 | 1 Phpee | 1 Power Phlogger | 2026-04-23 | N/A |
| SQL injection vulnerability in include/get_userdata.php in Power Phlogger (PPhlogger) 2.2.5 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter to login.php. | ||||
| CVE-2006-7097 | 1 Taskfreak | 1 Taskfreak | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in TaskFreak! before 0.1.4 have unknown impact and attack vectors. | ||||
| CVE-2006-7099 | 1 Solarpay | 1 Solarpay | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in SolarPay allows remote attackers to read certain files via a .. (dot dot) in the read parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-3401 | 1 B1g | 1 B1gbb | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in footer.inc.php in B1G b1gBB 2.24 allows remote attackers to execute arbitrary PHP code via a URL in the tfooter parameter. | ||||
| CVE-2006-7104 | 1 Mambo | 1 Mostlyce | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in htmltemplate.php in the Chad Auld MOStlyContent Editor (MOStlyCE) as created on May 2006, a component for Mambo 4.5.4, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| CVE-2006-7106 | 1 Powerphlogger | 1 Powerphlogger | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in config.inc.php3 in Power Phlogger 2.0.9 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rel_path parameter. | ||||
| CVE-2007-3402 | 1 Pagetool | 1 Pagetool | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in pagetool 1.07 allows remote attackers to execute arbitrary SQL commands via the news_id parameter in a pagetool_news action. | ||||
| CVE-2006-7111 | 1 Futomis Cgi Cafe | 1 Kmail Cgi | 2026-04-23 | N/A |
| Unspecified vulnerability in Futomi's CGI Cafe KMail CGI 1.0.3 and earlier allows remote attackers to bypass authentication and obtain unauthorized email access via unspecified vectors. | ||||
| CVE-2006-7112 | 1 Maxdev | 1 Mdpro | 2026-04-23 | N/A |
| Directory traversal vulnerability in error.php in MD-Pro 1.0.76 and earlier allows remote authenticated users to read and include arbitrary files via the PNSVlang cookie, as demonstrated by uploading a GIF image using AddDownload or injecting PHP code into a log file, then accessing it. | ||||
| CVE-2006-7113 | 1 Planerd.net | 1 P-news | 2026-04-23 | N/A |
| Unrestricted file upload vulnerability in P-News 2.0 allows remote attackers to upload and execute arbitrary files via an avatar file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-7114 | 1 Planerd.net | 1 P-news | 2026-04-23 | N/A |
| P-News 2.0 stores db/user.txt under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as usernames and password hashes via a direct request. NOTE: this might be the same issue as CVE-2006-6888. | ||||
| CVE-2006-7115 | 1 Phpkit | 1 Phpkit | 2026-04-23 | N/A |
| SQL injection vulnerability in PHPKit 1.6.1 RC2 allows remote attackers to inject arbitrary SQL commands via the catid parameter to include.php when the path parameter is set to faq/faq.php, and other unspecified vectors involving guestbook/print.php. | ||||
| CVE-2006-7207 | 1 Ageet | 1 Agephone | 2026-04-23 | N/A |
| Buffer overflow in ageet AGEphone before 1.4.0 might allow remote attackers to have an unknown impact via unspecified vectors. | ||||
| CVE-2006-7122 | 1 Joomla | 1 Bsq Sitestats | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the IP Address Lookup functionality in BSQ Sitestats (component for Joomla) 1.8.0, and possibly other versions before 2.2.1, allows remote attackers to inject arbitrary web script and HTML via the ip parameter. | ||||