Export limit exceeded: 359662 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359662 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-0376 | 1 Virtuemart | 1 Virtuemart | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Virtuemart 1.0.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2007-0378 | 1 Docman | 1 Docman | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in DocMan 1.3 RC2 allow attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2007-0379 | 1 Docman | 1 Docman | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in DocMan 1.3 RC2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2007-0380 | 1 Docman | 1 Docman | 2026-04-23 | N/A |
| DocMan 1.3 RC2 allows remote attackers to obtain sensitive information (the full path) via unspecified vectors. | ||||
| CVE-2006-7090 | 1 Phpbb Security | 1 Phpbb Security | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in phpbb_security.php in phpBB Security 1.0.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the php_root_path parameter. | ||||
| CVE-2006-7089 | 1 Ban | 1 Ban | 2026-04-23 | N/A |
| SQL injection vulnerability in connexion.php in Ban 0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2006-7088 | 1 Simple Php Forum | 1 Simple Php Forum | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Simple PHP Forum before 0.4 allow remote attackers to execute arbitrary SQL commands via the username parameter to (1) logon_user.php and (2) update_profile.php. | ||||
| CVE-2006-7087 | 1 Dotdeb | 1 Dotdeb Php | 2026-04-23 | N/A |
| CRLF injection vulnerability in the mail function in Dotdeb PHP before 5.2.0 Rev 3 allows remote attackers to bypass the protection scheme and inject arbitrary email headers via CRLF sequences in the query string, which is processed via the PHP_SELF variable. | ||||
| CVE-2008-1880 | 2 Firebird, Gentoo | 2 Firebird, Linux | 2026-04-23 | N/A |
| The default configuration of Firebird before 2.0.3.12981.0-r6 on Gentoo Linux sets the ISC_PASSWORD environment variable before starting Firebird, which allows remote attackers to bypass SYSDBA authentication and obtain sensitive database information via an empty password. | ||||
| CVE-2007-3332 | 1 Php-nuke | 1 Satel Lite | 2026-04-23 | N/A |
| Directory traversal vulnerability in Satellite.php in Satel Lite for PhpNuke allows remote attackers to read arbitrary files via a .. (dot dot) sequence in the name parameter in a modload action. | ||||
| CVE-2008-1857 | 1 Mole | 1 Make Our Life Easy | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in viewsource.php in Make our Life Easy (Mole) 2.1.0 allow remote attackers to read arbitrary files via directory traversal sequences in the (1) dirn and (2) fname parameters. | ||||
| CVE-2007-3336 | 1 Ingres | 1 Database Server | 2026-04-23 | N/A |
| Multiple "pointer overwrite" vulnerabilities in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA (formerly Computer Associates) products, allow remote attackers to execute arbitrary code by sending certain TCP data at different times to the Ingres Communications Server Process (iigcc), which calls the (1) QUinsert or (2) QUremove functions with attacker-controlled input. | ||||
| CVE-2007-3337 | 1 Ingres | 1 Database Server | 2026-04-23 | N/A |
| wakeup in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA (Computer Associates) products, allows local users to truncate arbitrary files via a symlink attack on the alarmwkp.def file. | ||||
| CVE-2006-6826 | 1 Personal .net Portal | 1 Personal .net Portal | 2026-04-23 | N/A |
| Unspecified vulnerability in the tab editor for Personal .NET Portal before 2.0.0 has unknown impact and attack vectors related to a "Security leak." | ||||
| CVE-2006-6827 | 1 Macromedia | 1 Flash Player | 2026-04-23 | N/A |
| Flash8b.ocx in Macromedia Flash 8 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long string in the Flash8b.AllowScriptAccess method. | ||||
| CVE-2007-3340 | 1 Bughunter | 1 Http Server | 2026-04-23 | N/A |
| BugHunter HTTP SERVER (httpsv.exe) 1.6.2 allows remote attackers to cause a denial of service (application crash) via a large number of requests for nonexistent pages. | ||||
| CVE-2006-6832 | 1 Joomla | 1 Joomla | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Joomla! before 1.0.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to poll.php or the module title. | ||||
| CVE-2006-6833 | 1 Joomla | 1 Joomla | 2026-04-23 | N/A |
| com_categories in Joomla! before 1.0.12 does not validate input, which has unknown impact and remote attack vectors. | ||||
| CVE-2006-6834 | 1 Joomla | 1 Joomla | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in Joomla! before 1.0.12 have unknown impact and attack vectors related to (1) "unneeded legacy functions" and (2) "Several low level security fixes." | ||||
| CVE-2006-6835 | 1 Neocrome | 1 Land Down Under | 2026-04-23 | N/A |
| SQL injection vulnerability in Journal.inc.php in Neocrome Land Down Under (LDU) 8.x and earlier allows remote attackers to execute arbitrary SQL commands via the w parameter to journal.php. | ||||