Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-0504 | 1 Vote Pro | 1 Vote Pro | 2017-10-19 | 10.0 HIGH | N/A |
| Eval injection vulnerability in poll_frame.php in Vote! Pro 4.0, and possibly other scripts, allows remote attackers to execute arbitrary code via the poll_id parameter, which is supplied to an eval function call, a different vulnerability type than CVE-2005-4632. | |||||
| CVE-2007-0508 | 1 Bbclone | 1 Bbclone | 2017-10-19 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in lib/selectlang.php in BBClone 0.31 allows remote attackers to execute arbitrary PHP code via a URL in the BBC_LANGUAGE_PATH parameter. | |||||
| CVE-2007-0511 | 1 Phpxmldom | 1 Phpxmldom | 2017-10-19 | 6.8 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in phpXMLDOM (phpXD) 0.3 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) dom.php, (2) dtd.php, or (3) parser.php in include/. | |||||
| CVE-2007-0548 | 1 Karjasoft | 1 Sami Http Server | 2017-10-19 | 5.0 MEDIUM | N/A |
| KarjaSoft Sami HTTP Server 2.0.1 allows remote attackers to cause a denial of service (daemon hang) via a large number of requests for nonexistent objects. | |||||
| CVE-2007-0558 | 1 Inter7 | 1 Vhostadmin | 2017-10-19 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in modules/mail/main.php in Inter7 vHostAdmin 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the MODULES_DIR parameter. | |||||
| CVE-2007-0559 | 1 Rp World | 1 Rp World | 2017-10-19 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in config.php in RPW 1.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the sql_language parameter. | |||||
| CVE-2007-0562 | 1 Microsoft | 1 Windows Explorer | 2017-10-19 | 4.3 MEDIUM | N/A |
| Windows Explorer (explorer.exe) 6.0.2900.2180 in Microsoft Windows XP SP2 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted .avi file, which triggers the crash when the user right clicks on the file. | |||||
| CVE-2007-0568 | 1 Myphpcommander | 1 Myphpcommander | 2017-10-19 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in system/lib/package.php in MyPHPCommander 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the gl_root parameter. | |||||
| CVE-2007-0569 | 1 X-dev | 1 Xnews | 2017-10-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in xNews.php in xNews 1.3 allows remote attackers to execute arbitrary SQL commands via the id parameter in a shownews action. | |||||
| CVE-2007-0570 | 1 Johannes Gijsbers | 1 Ad Fundum Integratable News Script | 2017-10-19 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in ains_main.php in Johannes Gijsbers (aka Taradino) Ad Fundum Integratable News Script (AINS) 0.02b allows remote attackers to execute arbitrary PHP code via a URL in the ains_path parameter. | |||||
| CVE-2007-0571 | 1 Phpmyreports | 1 Phpmyreports | 2017-10-19 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in include/lib/lib_head.php in phpMyReports 3.0.11 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cfgPathModule parameter. | |||||
| CVE-2007-0572 | 1 Drunken Golem | 1 Gaming Portal | 2017-10-19 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in include/irc/phpIRC.php in Drunken:Golem Gaming Portal 0.5.1 Alpha 2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | |||||
| CVE-2007-0573 | 1 Nsgalphp | 1 Nsgalphp | 2017-10-19 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in includes/config.inc.php in nsGalPHP 0.41 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the racineTBS parameter. | |||||
| CVE-2007-0576 | 1 Xt-stats | 1 Xt-stats | 2017-10-19 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in xt_counter.php in Xt-Stats 2.3.x up to 2.4.0.b3 allows remote attackers to execute arbitrary PHP code via a URL in the server_base_dir parameter. | |||||
| CVE-2007-0577 | 1 Acgvclick | 1 Acgvclick | 2017-10-19 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in function.inc.php in ACGVclick 0.2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. | |||||
| CVE-2007-0580 | 1 Javier Suarez Sanz | 1 Foro Domus | 2017-10-19 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in menu.php in Foro Domus 2.10 allows remote attackers to execute arbitrary PHP code via a URL in the sesion_idioma parameter. | |||||
| CVE-2007-0582 | 1 Chernobile | 1 Chernobile | 2017-10-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in ChernobiLe 1.0 allows remote attackers to execute arbitrary SQL commands via the User (username) field. | |||||
| CVE-2007-0589 | 1 Forum Livre | 1 Forum Livre | 2017-10-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Forum Livre 1.0 allows remote attackers to execute arbitrary SQL commands via the user parameter to info_user.asp. | |||||
| CVE-2007-0590 | 1 Forum Livre | 1 Forum Livre | 2017-10-19 | 5.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in busca2.asp in Forum Livre 1.0 remote attackers to inject arbitrary web script or HTML via the palavra parameter. | |||||
| CVE-2007-0591 | 1 Vu Le An | 1 Virtual Path | 2017-10-19 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in configure.php in Vu Le An Virtual Path (VirtualPath) 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | |||||
| CVE-2007-0631 | 1 Eclectic Designs | 1 Cascadianfaq | 2017-10-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Eclectic Designs CascadianFAQ 4.1 and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter. | |||||
| CVE-2007-0633 | 1 T-systems Solutions For Research Gmbh | 1 Mynews | 2017-10-19 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in include/themes/themefunc.php in MyNews 4.2.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the myNewsConf[path][sys][index] parameter. | |||||
| CVE-2007-0637 | 1 Galeria Zdjec | 1 Galeria Zdjec | 2017-10-19 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in zd_numer.php in Galeria Zdjec 3.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the galeria parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by zd_numer.php. | |||||
| CVE-2007-0638 | 1 Vlad Alexa Mancini | 1 Phpfootball | 2017-10-19 | 5.0 MEDIUM | N/A |
| show.php in Vlad Alexa Mancini PHPFootball 1.6 allows remote attackers to obtain sensitive information (database contents) via a % (percent) character in the dbfieldv parameter. | |||||
| CVE-2007-0639 | 1 Guppy | 1 Guppy | 2017-10-19 | 7.5 HIGH | N/A |
| Multiple static code injection vulnerabilities in error.php in GuppY 4.5.16 and earlier allow remote attackers to inject arbitrary PHP code into a .inc file in the data/ directory via (1) a REMOTE_ADDR cookie or (2) a cookie specifying an element of the msg array with an error number in the first dimension and 0 in the second dimension, as demonstrated by msg[999][0]. | |||||
| CVE-2007-0643 | 1 Bloodshed Software | 1 Dev-c\+\+ | 2017-10-19 | 4.3 MEDIUM | N/A |
| Stack-based buffer overflow in Bloodshed Dev-C++ 4.9.9.2 allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long line in a .cpp file. | |||||
| CVE-2007-0656 | 1 Phpbb2-modificat | 1 Phpbb2-modificat | 2017-10-19 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in includes/functions.php in phpBB2-MODificat 0.2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | |||||
| CVE-2007-0662 | 1 Hailboards | 1 Hailboards | 2017-10-19 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in includes/usercp_viewprofile.php in Hailboards 1.2.0 allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | |||||
| CVE-2007-0676 | 1 Exo | 1 Exophpdesk | 2017-10-19 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in faq.php in ExoPHPDesk 1.2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2007-0678 | 1 Fullaspsite | 1 Asp Hosting Site | 2017-10-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in windows.asp in Fullaspsite Asp Hosting Sitesi allows remote attackers to execute arbitrary SQL commands via the kategori_id parameter. | |||||
| CVE-2007-0679 | 1 Nicolas Grandjean | 1 Phpmyring | 2017-10-19 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in lang/leslangues.php in Nicolas Grandjean PHPMyRing 4.1.3b and earlier allows remote attackers to execute arbitrary PHP code via a URL in the fichier parameter. | |||||
| CVE-2007-0680 | 1 Phpbb Tweaked | 1 Phpbb Tweaked | 2017-10-19 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in includes/functions.php in Phpbb Tweaked 3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | |||||
| CVE-2007-0681 | 1 Extcalendar | 1 Extcalendar | 2017-10-19 | 7.5 HIGH | N/A |
| profile.php in ExtCalendar 2 and earlier allows remote attackers to change the passwords of arbitrary users without providing the original password, and possibly perform other unauthorized actions, via modified values to register.php. | |||||
| CVE-2007-0682 | 1 Jv2 | 1 Folder Gallery | 2017-10-19 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in theme/include_mode/template.php in JV2 Folder Gallery 3.0.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the galleryfilesdir parameter. | |||||
| CVE-2007-0686 | 1 Intel | 1 2200bg Proset Wireless | 2017-10-19 | 7.1 HIGH | N/A |
| The Intel 2200BG 802.11 Wireless Mini-PCI driver 9.0.3.9 (w29n51.sys) allows remote attackers to cause a denial of service (system crash) via crafted disassociation packets, which triggers memory corruption of "internal kernel structures," a different vulnerability than CVE-2006-6651. NOTE: this issue might overlap CVE-2006-3992. | |||||
| CVE-2007-0687 | 1 Michelle | 1 L2j Dropcalc | 2017-10-19 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in i-search.php in Michelle's L2J Dropcalc 4 and earlier allows remote authenticated users to execute arbitrary SQL commands via the itemid parameter. | |||||
| CVE-2007-0697 | 1 Mentiss Acgv | 1 Acgvannu | 2017-10-19 | 6.4 MEDIUM | N/A |
| index2.php in ACGVannu 1.3 and earlier allows remote attackers to change the password or profile of a user via a modified id parameter, related to templates/modif.html. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2007-0701 | 1 Epistemon | 1 Epistemon | 2017-10-19 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in inc/common.inc.php in Epistemon 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the inc_path parameter. | |||||
| CVE-2007-0702 | 1 Phpeventman | 1 Phpeventman | 2017-10-19 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in phpEventMan 1.0.2 allow remote attackers to execute arbitrary PHP code via a URL in the level parameter to (1) Shared/controller/text.ctrl.php or (2) UserMan/controller/common.function.php. | |||||
| CVE-2007-0703 | 1 Webbuilder | 1 Webbuilder | 2017-10-19 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in library/StageLoader.php in WebBuilder 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[core][module_path] parameter. | |||||
| CVE-2007-0704 | 1 Somery | 1 Somery | 2017-10-19 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in install.php in Somery 0.4.6 allows remote attackers to execute arbitrary PHP code via a URL in the skindir parameter, a different vector than CVE-2006-4669. NOTE: the documentation says to remove install.php after installation. | |||||
| CVE-2007-0757 | 1 Miguel Nunes | 1 Call Of Duty 2 Dreamstats System | 2017-10-19 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in index.php in Miguel Nunes Call of Duty 2 (CoD2) DreamStats System 4.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter. | |||||
| CVE-2007-0760 | 1 Eqdkp | 1 Eqdkp | 2017-10-19 | 7.5 HIGH | N/A |
| EQdkp 1.3.1 and earlier authenticates administrative requests by verifying that the HTTP Referer header specifies an admin/ URL, which allows remote attackers to read or modify account names and passwords via a spoofed Referer. | |||||
| CVE-2007-0761 | 1 Phpbb | 1 Ezboard Converter | 2017-10-19 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in config.php in phpBB ezBoard converter (ezconvert) 0.2 allows remote attackers to execute arbitrary PHP code via a URL in the ezconvert_dir parameter. | |||||
| CVE-2007-0762 | 1 Phpbb\+\+ | 1 Phpbb\+\+ | 2017-10-19 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in includes/functions.php in phpBB++ Build 100 allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | |||||
| CVE-2007-0763 | 1 F3site | 1 F3site | 2017-10-19 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the news comment functionality in F3Site 2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the Autor field. | |||||
| CVE-2007-0764 | 1 F3site | 1 F3site | 2017-10-19 | 6.5 MEDIUM | N/A |
| Unrestricted file upload vulnerability in F3Site 2.1 and earlier allows remote authenticated administrators to upload and execute arbitrary PHP scripts via GIF86 header in a file in the uplf parameter, which can be later accessed via a relative pathname in the dir parameter in adm.php. | |||||
| CVE-2007-0765 | 1 Db Masters Multimedia | 1 Curium Cms | 2017-10-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in news.php in dB Masters Curium CMS 1.03 and earlier allows remote attackers to execute arbitrary SQL commands via the c_id parameter. | |||||
| CVE-2007-0766 | 1 Remotesoft | 1 .net Explorer | 2017-10-19 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Remotesoft .NET Explorer 2.0.1 allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long line in a .cpp file. | |||||
| CVE-2007-0785 | 1 Flipsource | 1 Flip | 2017-10-19 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in previewtheme.php in Flipsource Flip 2.01-final 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the inc_path parameter. | |||||