Total
260150 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-4968 | 1 Postnuke Software Foundation | 1 Pnphpbb | 2024-02-04 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in includes/functions_admin.php in PNphpBB 1.2g allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | |||||
| CVE-2007-1061 | 1 Francisco Burzi | 1 Php-nuke | 2024-02-04 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in Francisco Burzi PHP-Nuke 8.0 Final and earlier, when the "HTTP Referers" block is enabled, allows remote attackers to execute arbitrary SQL commands via the HTTP Referer header (HTTP_REFERER variable). | |||||
| CVE-2006-6402 | 1 Mystats | 1 Mystats | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in mystats.php in MyStats 1.0.8 and earlier allows remote attackers to execute arbitrary SQL commands via the details parameter. | |||||
| CVE-2006-5604 | 1 Phpcards | 1 Phpcards | 2024-02-04 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in phpcards.header.php in phpCards 1.3 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the CardLanguageFile parameter. | |||||
| CVE-2006-5131 | 1 Salims Softhouse | 1 Jaf Cms | 2024-02-04 | 7.5 HIGH | N/A |
| module/shout/jafshout.php (aka the shoutbox) in ph03y3nk just another flat file (JAF) CMS 4.0 RC1 allows remote attackers to execute arbitrary code within sections bounded by "<?php" and "?>", possibly due to a static code injection vulnerability involving admin/data_inc.php. | |||||
| CVE-2008-0696 | 1 Ibm | 1 Db2 | 2024-02-04 | 7.5 HIGH | N/A |
| IBM DB2 UDB before 8.2 Fixpak 16 does not properly check authorization for the ALTER TABLE statement, which has unknown impact and attack vectors. | |||||
| CVE-2007-3783 | 1 Envivosoft | 1 Envivo Cms | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in enVivo!CMS allows remote attackers to execute arbitrary SQL commands via the ID parameter in an article action. NOTE: this is probably different from CVE-2005-1413.4. | |||||
| CVE-2007-2972 | 1 Avira | 2 Antivir, Av Pack | 2024-02-04 | 7.8 HIGH | N/A |
| The file parsing engine in Avira Antivir Antivirus before 7.04.00.24 allows remote attackers to cause a denial of service (application crash) via a crafted UPX compressed file, which triggers a divide-by-zero error. | |||||
| CVE-2007-4604 | 1 Dinkumsoft.com | 1 Dl Paycart | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in viewitem.php in DL PayCart 1.01 allows remote attackers to execute arbitrary SQL commands via the ItemID parameter. | |||||
| CVE-2007-3739 | 2 Apple, Redhat | 2 Powerpc, Enterprise Linux | 2024-02-04 | 4.7 MEDIUM | N/A |
| mm/mmap.c in the hugetlb kernel, when run on PowerPC systems, does not prevent stack expansion from entering into reserved kernel page memory, which allows local users to cause a denial of service (OOPS) via unspecified vectors. | |||||
| CVE-2007-4863 | 1 Quirm | 1 Saxon | 2024-02-04 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in example.php in SAXON 5.4 allows remote attackers to execute arbitrary SQL commands via the template parameter. | |||||
| CVE-2006-5071 | 1 Eyeos Project | 1 Eyeos | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in eyeOS before 0.9.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving (1) eyeNav and (2) system/baixar.php. | |||||
| CVE-2007-6442 | 2024-02-04 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6114. Reason: This candidate is a duplicate of CVE-2007-6114. Notes: All CVE users should reference CVE-2007-6114 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
| CVE-2007-0912 | 1 Jportal | 1 Jportal Web Server | 2024-02-04 | 9.3 HIGH | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in admin/admin.adm.php in Jportal 2.3.1, and possibly earlier, allows remote attackers to perform privileged actions as administrators by tricking the admin into accessing a URL with modified arguments to admin/admin.adm.php. | |||||
| CVE-2006-5468 | 1 Wireshark | 1 Wireshark | 2024-02-04 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the HTTP dissector in Wireshark (formerly Ethereal) 0.99.3 allows remote attackers to cause a denial of service (crash) via unspecified vectors. | |||||
| CVE-2007-5410 | 2 Joomla, Webmaster-tips | 2 Joomla, Flash Rss Reader | 2024-02-04 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in admin.wmtrssreader.php in the webmaster-tips.net Flash RSS Reader (com_wmtrssreader) 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter. | |||||
| CVE-2008-1071 | 1 Wireshark | 1 Wireshark | 2024-02-04 | 4.3 MEDIUM | N/A |
| The SNMP dissector in Wireshark (formerly Ethereal) 0.99.6 through 0.99.7 allows remote attackers to cause a denial of service (crash) via a malformed packet. | |||||
| CVE-2007-2278 | 1 Dcp-portal | 1 Dcp-portal | 2024-02-04 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in DCP-Portal 6.1.1 allow remote attackers to execute arbitrary PHP code via a URL in (1) the path parameter to library/adodb/adodb.inc.php, (2) the abs_path_editor parameter to library/editor/editor.php, or (3) the cfgfile_to_load parameter to admin/phpMyAdmin/libraries/common.lib.php. | |||||
| CVE-2006-6897 | 1 Widcomm | 1 Bluetooth For Windows | 2024-02-04 | 5.4 MEDIUM | N/A |
| Directory traversal vulnerability in Widcomm Bluetooth for Windows (BTW) 3.0.1.905 allows remote attackers to conduct unauthorized file operations via a .. (dot dot) in an unspecified parameter. | |||||
| CVE-2007-6639 | 1 Iptbb Team | 1 Iptbb | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in IPTBB 0.5.4 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter in a viewdir action. | |||||