ReportizFlow
Filtered by vendor
Subscriptions
Total
29893 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-3051 | 1 Revokesoft | 1 Revokebb | 2025-04-09 | N/A |
| SQL injection vulnerability in inc/class_users.php in RevokeSoft RevokeBB 1.0 RC4 and earlier allows remote attackers to execute arbitrary SQL commands via the revokebb_user cookie. | ||||
| CVE-2007-3059 | 1 Sendcard | 1 Sendcard | 2025-04-09 | N/A |
| SendCard 3.3.0 allows remote attackers to obtain sensitive information via an invalid sc_language parameter to sendcard.php, which reveals the path in an error message. | ||||
| CVE-2007-3062 | 1 Hp | 1 System Management Homepage | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 2.1.2 running on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2007-3070 | 1 Bdigital Web Solutions | 1 Webstudio Cms | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in BDigital Web Solutions WebStudio allows remote attackers to inject arbitrary web script or HTML via the pageid parameter. | ||||
| CVE-2007-3078 | 1 Aigaion | 1 Aigaion | 2025-04-09 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Aigaion before 1.3.3 allow remote attackers to inject arbitrary web script or HTML via the title parameter (Authors and Publication titles) to (1) authoractions.php or (2) publicationactions.php. | ||||
| CVE-2007-3087 | 1 Peercast | 1 Peercast | 2025-04-09 | N/A |
| Peercast places a cleartext password in a query string, which might allow attackers to obtain sensitive information by sniffing the network, or obtaining Referer or browser history information. | ||||
| CVE-2007-3096 | 1 Pblang | 1 Pblang | 2025-04-09 | N/A |
| Directory traversal vulnerability in login.php in PBLang (PBL) 4.67.16.a and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter. | ||||
| CVE-2007-3100 | 1 Redhat | 2 Enterprise Linux, Open Iscsi | 2025-04-09 | N/A |
| usr/log.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 uses a semaphore with insecure permissions (world-writable/world-readable) for managing log messages using shared memory, which allows local users to cause a denial of service (hang) by grabbing the semaphore. | ||||
| CVE-2007-3107 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-09 | N/A |
| The signal handling in the Linux kernel before 2.6.22, including 2.6.2, when running on PowerPC systems using HTX, allows local users to cause a denial of service via unspecified vectors involving floating point corruption and concurrency, related to clearing of MSR bits. | ||||
| CVE-2007-3109 | 1 Microsoft | 2 Frontpage, Office | 2025-04-09 | N/A |
| The CERN Image Map Dispatcher (htimage.exe) in Microsoft FrontPage allows remote attackers to determine the existence, and possibly partial contents, of arbitrary files under the web root via a relative pathname in the PATH_INFO. | ||||
| CVE-2007-3111 | 2 Microsoft, Provideo | 3 Internet Explorer, Windows 2000, Camimage Activex Control | 2025-04-09 | N/A |
| Buffer overflow in the Provideo Camimage ActiveX control in ISSCamControl.dll 1.0.1.5, when Internet Explorer 6 is used on Windows 2000 SP4, allows remote attackers to execute arbitrary code via a long URL property value. | ||||
| CVE-2006-7012 | 1 Scart | 1 Scart | 2025-04-09 | N/A |
| scart.cgi in SCart 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the page parameter of a show_text action. | ||||
| CVE-2007-3112 | 1 The Cacti Group | 1 Cacti | 2025-04-09 | N/A |
| graph_image.php in Cacti 0.8.6i, and possibly other versions, allows remote authenticated users to cause a denial of service (CPU consumption) via a large value of the (1) graph_start or (2) graph_end parameter, different vectors than CVE-2007-3113. | ||||
| CVE-2007-3118 | 1 K-letter | 1 K-letter | 2025-04-09 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Kravchuk letter (K-letter) 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the scdir parameter to (1) action.php, (2) subs.php, or (3) unsubs.php. | ||||
| CVE-2007-3124 | 1 Freevms | 1 Freevms | 2025-04-09 | N/A |
| Buffer overflow in backup/src/vmsbackup.c (aka the backup utility) in FreeVMS before 0.3.6 might allow local users to gain privileges via a long string in response to an "extract [ny]" prompt. | ||||
| CVE-2006-5026 | 1 Paisterist | 1 Simple Http Scanner | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in Paisterist Simple HTTP Scanner (sHTTPScanner) before 0.3 have unknown impact and attack vectors. | ||||
| CVE-2007-1598 | 1 Intervations | 1 Filecopa | 2025-04-09 | N/A |
| Stack-based buffer overflow in InterVations FileCOPA FTP Server 1.01 allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by filecopa.tar by Immunity. NOTE: some of these details are obtained from third party information. NOTE: As of 20070322, this disclosure has no actionable information. However, since it is from a reliable researcher, it is being assigned a CVE identifier for tracking purposes. | ||||
| CVE-2007-0785 | 1 Flipsource | 1 Flip | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in previewtheme.php in Flipsource Flip 2.01-final 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the inc_path parameter. | ||||
| CVE-2007-2298 | 1 Gforge | 1 Garennes | 2025-04-09 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Garennes 0.6.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the repertoire_config parameter to index.php in (1) cpe/, (2) direction/, or (3) professeurs/. | ||||
| CVE-2007-1606 | 1 W-agora | 1 W-agora | 2025-04-09 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in w-Agora (Web-Agora) allow remote attackers to inject arbitrary web script or HTML via (1) the showuser parameter to profile.php, the (2) search_forum or (3) search_user parameter to search.php, or (4) the userid parameter to change_password.php. | ||||