CVE-2007-2xxx

There are 993 CVE in this subgroup.
Last updated: 
← Back to 2007
ID Summary Flags Max Score
CVE-2007-2000 Multiple SQL injection vulnerabilities in admin/admin.php in Crea-Book 1.0 and earlier allow remote ...
E
CVE-2007-2001 Multiple direct static code injection vulnerabilities in admin/configurer2.php in Crea-Book 1.0 and ...
E
CVE-2007-2002 InoutMailingListManager 3.1 and earlier allows remote attackers to access certain restricted functio...
E
CVE-2007-2003 InoutMailingListManager 3.1 and earlier sends a Location redirect header but does not exit after an ...
E
CVE-2007-2004 Multiple SQL injection vulnerabilities in InoutMailingListManager 3.1 and earlier allow remote attac...
E
CVE-2007-2005 Multiple PHP remote file inclusion vulnerabilities in the Taskhopper 1.1 component for Mambo and Joo...
E
CVE-2007-2006 Multiple SQL injection vulnerabilities in login.php in pL-PHP beta 0.9 allow remote attackers to exe...
E
CVE-2007-2007 admin.php in pL-PHP beta 0.9 allows remote attackers to bypass authentication by setting the is_admi...
E
CVE-2007-2008 Directory traversal vulnerability in admin.php in pL-PHP beta 0.9 allows remote attackers to include...
E
CVE-2007-2009 PHP remote file inclusion vulnerability in index.php in SimpCMS Light 04.10.2007 and earlier allows ...
E
CVE-2007-2010 Double free vulnerability in bftpd before 1.8 allows remote authenticated users to cause a denial of...
S
CVE-2007-2011 Cross-site scripting (XSS) vulnerability in login.php in DeskPro 2.0.1 allows remote attackers to in...
E
CVE-2007-2012 Multiple directory traversal vulnerabilities in MimarSinan CompreXX 4.1 allow remote attackers to cr...
CVE-2007-2013 Cross-site scripting (XSS) vulnerability in index.php in JEx-Treme Einfacher Passworschutz allows re...
CVE-2007-2014 PHP remote file inclusion vulnerability in include/blocks/week_events.php in MyNews 4.2.2 allows rem...
CVE-2007-2015 PHP remote file inclusion vulnerability in index.php in Request It 1.0b allows remote attackers to e...
CVE-2007-2016 Cross-site scripting (XSS) vulnerability in mysql/phpinfo.php in phpMyAdmin 2.6.1 allows remote atta...
CVE-2007-2017 siteadmin/useredit.php in AlstraSoft Video Share Enterprise does not check authentication, which all...
CVE-2007-2018 SQL injection vulnerability in msg.php in AlstraSoft Video Share Enterprise allows remote authentica...
CVE-2007-2019 PHP remote file inclusion vulnerability in init.gallery.php in phpGalleryScript 1.0 allows remote at...
CVE-2007-2020 Unspecified vulnerability in administration.php in xodagallery allows remote attackers to execute ar...
CVE-2007-2021 Multiple PHP remote file inclusion vulnerabilities in Pineapple Technologies Lore 1 allow remote att...
CVE-2007-2022 Adobe Macromedia Flash Player 7 and 9, when used with Opera before 9.20 or Konqueror before 20070613...
CVE-2007-2023 USB20.dll in Secustick USB flash drive decouples the authorization and file access routines, which a...
CVE-2007-2024 Unrestricted file upload vulnerability in the UpLoad feature (lib/plugin/UpLoad.php) in PhpWiki 1.3....
CVE-2007-2025 Unrestricted file upload vulnerability in the UpLoad feature (lib/plugin/UpLoad.php) in PhpWiki 1.3....
CVE-2007-2026 The gnu regular expression code in file 4.20 allows context-dependent attackers to cause a denial of...
CVE-2007-2027 Untrusted search path vulnerability in the add_filename_to_string function in intl/gettext/loadmsgca...
E
CVE-2007-2028 Memory leak in freeRADIUS 1.1.5 and earlier allows remote attackers to cause a denial of service (me...
CVE-2007-2029 File descriptor leak in the PDF handler in Clam AntiVirus (ClamAV) allows remote attackers to cause ...
S
CVE-2007-2030 lharc.c in lha does not securely create temporary files, which might allow local users to read or wr...
CVE-2007-2031 Buffer overflow in the HTTP proxy service for 3proxy 0.5 to 0.5.3g, and 0.6b-devel before 20070413, ...
S
CVE-2007-2032 Cisco Wireless Control System (WCS) before 4.0.96.0 has a hard-coded FTP username and password for b...
S
CVE-2007-2033 Unspecified vulnerability in Cisco Wireless Control System (WCS) before 4.0.81.0 allows remote authe...
CVE-2007-2034 Unspecified vulnerability in Cisco Wireless Control System (WCS) before 4.0.87.0 allows remote authe...
CVE-2007-2035 Cisco Wireless Control System (WCS) before 4.0.66.0 stores sensitive information under the web root ...
CVE-2007-2036 The SNMP implementation in the Cisco Wireless LAN Controller (WLC) before 20070419 uses the default ...
S
CVE-2007-2037 Cisco Wireless LAN Controller (WLC) before 3.2.116.21, and 4.0.x before 4.0.155.0, allows remote att...
S
CVE-2007-2038 The Network Processing Unit (NPU) in the Cisco Wireless LAN Controller (WLC) before 3.2.193.5, 4.0.x...
CVE-2007-2039 The Network Processing Unit (NPU) in the Cisco Wireless LAN Controller (WLC) before 3.2.171.5, 4.0.x...
S
CVE-2007-2040 Cisco Aironet 1000 Series and 1500 Series Lightweight Access Points before 3.2.185.0, and 4.0.x befo...
S
CVE-2007-2041 Cisco Wireless LAN Controller (WLC) before 4.0.206.0 saves the WLAN ACL configuration with an invali...
CVE-2007-2042 Multiple PHP remote file inclusion vulnerabilities in the Avant-Garde Solutions MOSMedia Lite 1.0.6 ...
CVE-2007-2043 Multiple PHP remote file inclusion vulnerabilities in the Avant-Garde Solutions MOSMedia (com_mosmed...
E
CVE-2007-2044 PHP remote file inclusion vulnerability in mod_weather.php in the Antonis Ventouris Weather module f...
E
CVE-2007-2045 Unspecified vulnerability in the IP implementation in Sun Solaris 8 and 9 allows remote attackers to...
S
CVE-2007-2046 Multiple CRLF injection vulnerabilities in adclick.php in (a) Openads (phpAdsNew) 2.0.11 and earlier...
S
CVE-2007-2047 CRLF injection vulnerability in www/delivery/ck.php in Openads 2.3 (aka Max Media Manager, MMM) befo...
S
CVE-2007-2048 Directory traversal vulnerability in /console in the Management Console in webMethods Glue 6.5.1 and...
E
CVE-2007-2049 Multiple PHP remote file inclusion vulnerabilities in the Calendar Module (com_calendar) 1.5.5 for M...
E
CVE-2007-2050 Multiple directory traversal vulnerabilities in header.php in RicarGBooK 1.2.1 allow remote attacker...
E
CVE-2007-2051 Buffer overflow in the parsecmd function in bftpd before 1.8 has unknown impact and attack vectors r...
S
CVE-2007-2052 Off-by-one error in the PyLocale_strxfrm function in Modules/_localemodule.c for Python 2.4 and 2.5 ...
CVE-2007-2053 Multiple stack-based buffer overflows in AFFLIB before 2.2.6 allow remote attackers to cause a denia...
S
CVE-2007-2054 Multiple format string vulnerabilities in AFFLIB before 2.2.6 allow remote attackers to execute arbi...
S
CVE-2007-2055 AFFLIB 2.2.8 and earlier allows attackers to execute arbitrary commands via shell metacharacters inv...
CVE-2007-2056 Rejected reason: The getlock function in aimage/aimage.cpp in AFFLIB 2.2.8 and earlier allows local ...
R
CVE-2007-2057 Stack-based buffer overflow in aircrack-ng airodump-ng 0.7 allows remote attackers to execute arbitr...
E
CVE-2007-2058 Directory traversal vulnerability in Acubix PicoZip 4.02 allows user-assisted remote attackers to ov...
CVE-2007-2059 Multiple buffer overflows in the ESA protocol implementation in eIQnetworks Enterprise Security Anal...
S
CVE-2007-2060 Cross-zone scripting vulnerability in the Wizz RSS Reader before 2.1.9 extension to Mozilla Firefox ...
S
CVE-2007-2061 Cross-site scripting (XSS) vulnerability in check_login.asp in AfterLogic MailBee WebMail Pro 3.4 al...
E
CVE-2007-2062 Stack-based buffer overflow in VCDGear 3.55 and 3.56 BETA allows user-assisted remote attackers to e...
E
CVE-2007-2063 SSH Tectia Server for IBM z/OS before 5.4.0 uses insecure world-writable permissions for (1) the ser...
S
CVE-2007-2064 Multiple PHP remote file inclusion vulnerabilities in Robert Ladstaetter ActionPoll 1.1.0, and possi...
E S
CVE-2007-2065 PHP remote file inclusion vulnerability in db/PollDB.php in Robert Ladstaetter ActionPoll 1.1.1 allo...
E S
CVE-2007-2066 UseBB before 1.0.6 allows remote attackers to obtain sensitive information via a request with unspec...
CVE-2007-2067 Multiple PHP remote file inclusion vulnerabilities in Marco Antonio Islas Cruz Web Slider (WebSlider...
E
CVE-2007-2068 Multiple PHP remote file inclusion vulnerabilities in the StoreFront mods for Gallery allow remote a...
E
CVE-2007-2069 Directory traversal vulnerability in scr/soustab.php in openMairie 1.11 and earlier allows remote at...
E
CVE-2007-2070 Multiple PHP remote file inclusion vulnerabilities in Turnkey Web Tools SunShop Shopping Cart before...
E
CVE-2007-2071 Multiple cross-site scripting (XSS) vulnerabilities in Open-gorotto 2.0a 2006/02/08 edition, 2006/03...
CVE-2007-2072 PHP remote file inclusion vulnerability in index.php in Ivan Gallery Script 0.1 allows remote attack...
E
CVE-2007-2073 PHP remote file inclusion vulnerability in index.php in Ivan Gallery Script 0.3 allows remote attack...
CVE-2007-2074 Certain programs in containers in ScramDisk 4 Linux before 1.0-1 execute with SUID permissions, whic...
CVE-2007-2075 ScramDisk 4 Linux before 1.0-1 does not perform permission checks on mount points, which allows loca...
S
CVE-2007-2076 PHP remote file inclusion vulnerability in index.php in Maian Gallery 1.0 allows remote attackers to...
E
CVE-2007-2077 PHP remote file inclusion vulnerability in search.php in Maian Search 1.1 allows remote attackers to...
E
CVE-2007-2078 PHP remote file inclusion vulnerability in index.php in Maian Weblog 3.1 allows remote attackers to ...
E
CVE-2007-2079 The ADONewConnection Connect function in adodb.php in XAMPP 1.6.0a and earlier for Windows uses untr...
E
CVE-2007-2080 Multiple SQL injection vulnerabilities in XAMPP 1.6.0a for Windows allow remote attackers to execute...
E
CVE-2007-2081 MyBlog 0.9.8 and earlier allows remote attackers to bypass authentication requirements via the admin...
E
CVE-2007-2082 Direct static code injection vulnerability in admin/settings.php in MyBlog 0.9.8 and earlier allows ...
CVE-2007-2083 vsdatant.sys in Check Point Zone Labs ZoneAlarm Pro before 7.0.302.000 does not validate certain arg...
S
CVE-2007-2084 PHP remote file inclusion vulnerability in MobilePublisherphp 1.1.2 allows remote attackers to execu...
CVE-2007-2085 Cross-site scripting (XSS) vulnerability in oe2edit.cgi in oe2edit CMS allows remote attackers to in...
CVE-2007-2086 Multiple PHP remote file inclusion vulnerabilities in CNStats 2.9 allow remote attackers to execute ...
E
CVE-2007-2087 Multiple PHP remote file inclusion vulnerabilities in CNStats 2.12, when register_globals is enabled...
CVE-2007-2088 Multiple PHP remote file inclusion vulnerabilities in Sitebar 3.3.5 and earlier allow remote attacke...
CVE-2007-2089 Multiple PHP remote file inclusion vulnerabilities in the Jx Development Article 1.1 and earlier com...
E
CVE-2007-2090 Cross-site scripting (XSS) vulnerability in index.php in TuMusika Evolution 1.6 allows remote attack...
CVE-2007-2091 PHP remote file inclusion vulnerability in blocks/tsdisplay4xoops_block2.php in tsdisplay4xoops (TSD...
E
CVE-2007-2092 Direct static code injection vulnerability in index.php in Limesoft Guestbook (LS Simple Guestbook) ...
CVE-2007-2093 Direct static code injection vulnerability in index.php in Limesoft Guestbook (LS Simple Guestbook) ...
E
CVE-2007-2094 PHP remote file inclusion vulnerability in index.php in Anthologia 0.5.2 allows remote attackers to ...
E
CVE-2007-2095 PHP remote file inclusion vulnerability in chat.php in MySpeach 1.9 allows remote attackers to execu...
CVE-2007-2096 PHP remote file inclusion vulnerability in common.php in Hinton Design PHPHD Download System (phphd_...
CVE-2007-2097 Multiple PHP remote file inclusion vulnerabilities in OpenConcept Back-End CMS 0.4.7 allow remote at...
CVE-2007-2098 Multiple cross-site scripting (XSS) vulnerabilities in showpic.php in Wabbit PHP Gallery 0.9 allow r...
CVE-2007-2099 Cross-site scripting (XSS) vulnerability in htdocs/php.php in OpenConcept Back-End CMS 0.4.7 allows ...
CVE-2007-2100 FAC Guestbook 2.0 stores sensitive information under the web root with insufficient access control, ...
CVE-2007-2101 FAC Guestbook 3.01 stores sensitive information under the web root with insufficient access control,...
CVE-2007-2102 Cross-site scripting (XSS) vulnerability in weblog.php in my little weblog allows remote attackers t...
CVE-2007-2103 Multiple PHP remote file inclusion vulnerabilities in my little forum 1.7 allow remote attackers to ...
CVE-2007-2104 Multiple directory traversal vulnerabilities in iXon CMS 0.30 allow remote attackers to include and ...
CVE-2007-2105 Directory traversal vulnerability in admin/index.php in Monkey CMS 0.0.3 allows remote attackers to ...
CVE-2007-2106 Directory traversal vulnerability in index.php in Kai Content Management System (K-CMS) 1.0 allows r...
CVE-2007-2107 SQL injection vulnerability in visit.php in the Rha7 Downloads (rha7downloads) 1.0 module for XOOPS ...
CVE-2007-2108 Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.0.1.5, 9.2.0.8, 10.1.0.5,...
CVE-2007-2109 Multiple unspecified vulnerabilities in Oracle Database 10.2.0.3 have unknown impact and remote auth...
CVE-2007-2110 Unspecified vulnerability in the Core RDBMS component for Oracle Database 9.0.1.5+, 9.2.0.7, and 10....
CVE-2007-2111 SQL injection vulnerability in the SYS.DBMS_AQADM_SYS package in Oracle Database 9.0.1.5, 9.2.0.7, a...
S
CVE-2007-2112 Unspecified vulnerability in the Authentication component for Oracle Database 10.1.0.5 and 10.2.0.3 ...
CVE-2007-2113 SQL injection vulnerability in the Upgrade/Downgrade component (DBMS_UPGRADE_INTERNAL) for Oracle Da...
CVE-2007-2114 Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and 10.2.0.2 have unknown impact an...
CVE-2007-2115 Unspecified vulnerability in the Change Data Capture (CDC) component in Oracle Database 9.2.0.7, 10....
CVE-2007-2116 Unspecified vulnerability in the Advanced Replication component in Oracle Database 9.0.1.5+, 9.2.0.7...
CVE-2007-2117 Unspecified vulnerability in the Oracle Text component in Oracle Database 9.0.1.5+ and 9.2.0.5 has u...
CVE-2007-2118 Unspecified vulnerability in the Upgrade/Downgrade component of Oracle Database 9.0.1.5 and 9.2.0.7 ...
CVE-2007-2119 Cross-site scripting (XSS) vulnerability in boundary_rules.jsp in the Administration Front End for O...
CVE-2007-2120 The Oracle Discoverer servlet in Oracle Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2.0 allow...
CVE-2007-2121 Unspecified vulnerability in the COREid Access component in Oracle Application Server 7.0.4.4 has un...
CVE-2007-2122 Unspecified vulnerability in the Wireless component in Oracle Application Server 9.0.4.3 has unknown...
CVE-2007-2123 Unspecified vulnerability in the Portal component in Oracle Application Server 10.1.3 up to 10.1.3.2...
CVE-2007-2124 Unspecified vulnerability in the Portal component in Oracle Application Server 10.1.4.1.0 has unknow...
CVE-2007-2125 Unspecified vulnerability in Collaborative Workspace in Oracle Collaboration Suite 10.1.2 has unknow...
CVE-2007-2126 Unspecified vulnerability in Oracle E-Business Suite 11.5.10CU2 has unknown impact and remote attack...
CVE-2007-2127 Multiple unspecified vulnerabilities in Oracle E-Business Suite 12.0.0 have unknown impact and remot...
CVE-2007-2128 Unspecified vulnerability in the Sales Online component for Oracle E-Business Suite 11.5.10 has unkn...
CVE-2007-2129 Unspecified vulnerability in the Agent component in Oracle Enterprise Manager 9.2.0.8 has unknown im...
CVE-2007-2130 Unspecified vulnerability in Workflow Cartridge, as used in Oracle Database Server 9.2.0.1, 10.1.0.2...
CVE-2007-2131 Unspecified vulnerability in PeopleTools in Oracle PeopleSoft Enterprise 8.22.14, 8.47.12, and 8.48....
CVE-2007-2132 Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise 8.47.12 and 8...
CVE-2007-2133 Unspecified vulnerability in the PeopleSoft Enterprise Human Capital Management component in Oracle ...
CVE-2007-2134 Unspecified vulnerability in the HTML Server in Oracle JD Edwards EnterpriseOne SP23_Q1 and 8.96.I1 ...
CVE-2007-2135 The ADI_BINARY component in the Oracle E-Business Suite allows remote attackers to download arbitrar...
S
CVE-2007-2136 Stack-based buffer overflow in bgs_sdservice.exe in BMC Patrol PerformAgent allows remote attackers ...
CVE-2007-2137 Heap-based buffer overflow in kde.dll in IBM Tivoli Monitoring Express 6.1.0 before Fix Pack 2, as u...
S
CVE-2007-2138 Untrusted search path vulnerability in PostgreSQL before 7.3.19, 7.4.x before 7.4.17, 8.0.x before 8...
S
CVE-2007-2139 Multiple stack-based buffer overflows in the SUN RPC service in CA (formerly Computer Associates) Br...
S
CVE-2007-2140 PHP remote file inclusion vulnerability in everything.php in Franklin Huang Flip (aka Flip-search-ad...
CVE-2007-2141 Direct static code injection vulnerability in shoutbox.php in ShoutPro 1.5.2 allows remote attackers...
E
CVE-2007-2142 Multiple PHP remote file inclusion vulnerabilities in AjPortal2Php allow remote attackers to execute...
E
CVE-2007-2143 PHP remote file inclusion vulnerability in index.php in the Be2004-2 template for Joomla! allows rem...
E
CVE-2007-2144 PHP remote file inclusion vulnerability in includes/CAltInstaller.php in the JoomlaPack (com_jpack) ...
E
CVE-2007-2145 The imagecomments function in classes.php in MiniGal b13 allows remote attackers to inject arbitrary...
E
CVE-2007-2146 The imagecomments function in classes.php in MiniGal b13 allow remote attackers to inject arbitrary ...
CVE-2007-2147 admin/options.php in Stephen Craton (aka WiredPHP) Chatness 2.5.3 and earlier does not check for adm...
CVE-2007-2148 Direct static code injection vulnerability in admin/save.php in Stephen Craton (aka WiredPHP) Chatne...
CVE-2007-2149 Stephen Craton (aka WiredPHP) Chatness 2.5.3 and earlier stores usernames and unencrypted passwords ...
CVE-2007-2150 BlueArc-FTPD in BlueArc Titan 2x00 devices with firmware 4.2.944b allows remote attackers to redirec...
S
CVE-2007-2151 The administration server in McAfee e-Business Server before 8.1.1 and 8.5.x before 8.5.2 allows rem...
S
CVE-2007-2152 Buffer overflow in the On-Access Scanner in McAfee VirusScan Enterprise before 8.0i Patch 12 allows ...
S
CVE-2007-2153 Cross-site scripting (XSS) vulnerability in atmail.php in @Mail 5.0 allows remote attackers to injec...
CVE-2007-2154 PHP remote file inclusion vulnerability in services/samples/inclusionService.php in Cabron Connector...
E
CVE-2007-2155 Directory traversal vulnerability in template.php in in phpFaber TopSites 3 allows remote attackers ...
CVE-2007-2156 Multiple PHP remote file inclusion vulnerabilities in Rezervi Generic 0.9 allow remote attackers to ...
E
CVE-2007-2157 Directory traversal vulnerability in upload/force_download.php in Zomplog 3.8 allows remote attacker...
E
CVE-2007-2158 PHP remote file inclusion vulnerability in index.php in jGallery 1.3 allows remote attackers to exec...
E
CVE-2007-2159 Multiple cross-site scripting (XSS) vulnerabilities in the Database Administration (dba) module 4.6....
S
CVE-2007-2160 Multiple cross-site request forgery (CSRF) vulnerabilities in the Database Administration (dba) modu...
S
CVE-2007-2161 Microsoft Internet Explorer 7 allows remote attackers to cause a denial of service (browser hang) vi...
CVE-2007-2162 (1) Mozilla Firefox 2.0.0.3 and (2) GNU IceWeasel 2.0.0.3 allow remote attackers to cause a denial o...
CVE-2007-2163 Apple Safari allows remote attackers to cause a denial of service (browser crash) via JavaScript tha...
CVE-2007-2164 Konqueror 3.5.5 release 45.4 allows remote attackers to cause a denial of service (browser crash or ...
CVE-2007-2165 The Auth API in ProFTPD before 20070417, when multiple simultaneous authentication modules are confi...
S
CVE-2007-2166 PHP remote file inclusion vulnerability in administration/user/lib/group.inc.php in OpenSurveyPilot ...
E
CVE-2007-2167 Static code injection vulnerability in process.php in AimStats 3.2 allows remote attackers to inject...
E
CVE-2007-2168 Static code injection vulnerability in process.php in AimStats 3.2 and earlier allows remote attacke...
CVE-2007-2169 Static code injection vulnerability in add.php in Mozzers SubSystem 1.0 allows remote attackers to i...
E
CVE-2007-2170 The APPLSYS.FND_DM_NODES package in Oracle E-Business Suite does not check for valid sessions, which...
S
CVE-2007-2171 Stack-based buffer overflow in the base64_decode function in GWINTER.exe in Novell GroupWise (GW) We...
S
CVE-2007-2172 A typo in Linux kernel 2.6 before 2.6.21-rc6 and 2.4 before 2.4.35 causes RTA_MAX to be used as an a...
S
CVE-2007-2173 Eval injection vulnerability in (1) courier-imapd.indirect and (2) courier-pop3d.indirect in Courier...
S
CVE-2007-2174 The IOCTL handling in srescan.sys in the ZoneAlarm Spyware Removal Engine (SRE) in Check Point ZoneA...
S
CVE-2007-2175 Apple QuickTime Java extensions (QTJava.dll), as used in Safari and other browsers, and when Java is...
CVE-2007-2176 Unspecified vulnerability in Mozilla Firefox allows remote attackers to execute arbitrary code via u...
CVE-2007-2177 Stack-based buffer overflow in the Microgaming Download Helper ActiveX control (dlhelper.dll) before...
S
CVE-2007-2178 Multiple unspecified vulnerabilities in Objective Development Sharity before 3.3 allow remote attack...
CVE-2007-2179 Multiple unspecified vulnerabilities in IXceedCompression in XceddZipLib (RaidenFTPD.dll) in RaidenF...
CVE-2007-2180 Buffer overflow in Nullsoft Winamp 5.3 allows user-assisted remote attackers to cause a denial of se...
E
CVE-2007-2181 PHP remote file inclusion vulnerability in admin/login.php in Webinsta FM Manager 0.1.4 and earlier ...
E
CVE-2007-2182 Unrestricted file upload vulnerability in forum_write.php in Maran PHP Forum allows remote attackers...
E
CVE-2007-2183 SQL injection vulnerability in index.php in PHP-Ring Webring System (aka uPHP_ring_website) 0.9 allo...
E
CVE-2007-2184 Directory traversal vulnerability in imgsrv.php in jchit counter 1.0.0 allows remote attackers to re...
E
CVE-2007-2185 Multiple PHP remote file inclusion vulnerabilities in Supasite 1.23b allow remote attackers to execu...
E
CVE-2007-2186 Foxit Reader 2.0 allows remote attackers to cause a denial of service (application crash) via a craf...
E
CVE-2007-2187 Stack-based buffer overflow in eXtremail 2.1.1 and earlier allows remote attackers to execute arbitr...
E
CVE-2007-2188 eXtremail 2.1.1 and earlier does not verify the ID field (aka transaction id) in DNS responses, whic...
E
CVE-2007-2189 PHP remote file inclusion vulnerability in admin/admin_album_otf.php in the MX Smartor Full Album Pa...
E
CVE-2007-2190 PHP remote file inclusion vulnerability in admin/public/webpages.php in Eba News 1.1 allows remote a...
S
CVE-2007-2191 Multiple cross-site scripting (XSS) vulnerabilities in freePBX 2.2.x allow remote attackers to injec...
E
CVE-2007-2192 Buffer overflow in Photofiltre Studio 8.1.1 allows user-assisted remote attackers to execute arbitra...
E
CVE-2007-2193 Stack-based buffer overflow in the ID_X.apl plugin in ACDSee 9.0 Build 108, Pro 8.1 Build 99, and Ph...
E
CVE-2007-2194 Stack-based buffer overflow in XnView 1.90.3 allows user-assisted remote attackers to execute arbitr...
E
CVE-2007-2195 aMSN (aka Alvaro's Messenger) 0.96 and earlier allows remote attackers to cause a denial of service ...
E
CVE-2007-2196 PHP remote file inclusion vulnerability in jambook.php in the Jambook (com_Jambook) 1.0 beta7 module...
CVE-2007-2197 Race condition in the NeatUpload ASP.NET component 1.2.11 through 1.2.16, 1.1.18 through 1.1.23, and...
CVE-2007-2198 Cross-site scripting (XSS) vulnerability in LAN Management System (LMS) before 1.6.9 allows remote a...
S
CVE-2007-2199 PHP remote file inclusion vulnerability in lib/pcltar.lib.php (aka pcltar.php) in the PclTar module ...
E
CVE-2007-2200 Directory traversal vulnerability in navigator/navigator_ok.php in Pagode 0.5.8 allows remote attack...
E
CVE-2007-2201 Multiple PHP remote file inclusion vulnerabilities in Post Revolution 6.6 and 7.0 RC2 allow remote a...
E
CVE-2007-2202 PHP remote file inclusion vulnerability in inc_ACVS/SOAP/Transport.php in Accueil et Conseil en Visi...
CVE-2007-2203 Cross-site scripting (XSS) vulnerability in Big Blue Guestbook allows remote attackers to inject arb...
CVE-2007-2204 Multiple PHP remote file inclusion vulnerabilities in GPL PHP Board (GPB) unstable-2001.11.14-1 allo...
E
CVE-2007-2205 PHP remote file inclusion vulnerability in modules/rtmessageadd.php in LAN Management System (LMS) 1...
S
CVE-2007-2206 Cross-site scripting (XSS) vulnerability in contact/index.php in Ripe Website Manager 0.8.4 and earl...
CVE-2007-2207 SQL injection vulnerability in contact/index.php in Ripe Website Manager 0.8.4 and earlier allows re...
CVE-2007-2208 Multiple PHP remote file inclusion vulnerabilities in Extreme PHPBB2 3.0 Pre Final allow remote atta...
CVE-2007-2209 Buffer overflow in igcore15d.dll 15.1.2.0 and 15.2.0.0 for AccuSoft ImageGear, as used in Corel Pain...
E
CVE-2007-2210 A certain ActiveX control in askPopStp.dll in Netsprint Ask IE Toolbar 1.1 allows remote attackers t...
CVE-2007-2211 SQL injection vulnerability in calendar.php in MyBB (aka MyBulletinBoard) 1.2.5 and earlier allows r...
E
CVE-2007-2212 Multiple SQL injection vulnerabilities in calendar.php in MyBB (aka MyBulletinBoard) 1.2.5 and earli...
CVE-2007-2213 Unspecified vulnerability in the Initialize function in NetscapeFTPHandler in WS_FTP Home and Profes...
CVE-2007-2214 Unrestricted file upload vulnerability in includes/upload_file.php in DmCMS allows remote attackers ...
CVE-2007-2215 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2007-2216 The tblinf32.dll (aka vstlbinf.dll) ActiveX control for Internet Explorer 5.01, 6 SP1, and 7 uses an...
S
CVE-2007-2217 Kodak Image Viewer in Microsoft Windows 2000 SP4, and in some cases XP SP2 and Server 2003 SP1 and S...
E S
CVE-2007-2218 Unspecified vulnerability in the Windows Schannel Security Package for Microsoft Windows 2000 SP4, X...
CVE-2007-2219 Unspecified vulnerability in the Win32 API on Microsoft Windows 2000, XP SP2, and Server 2003 SP1 an...
CVE-2007-2220 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2007-2221 Unspecified vulnerability in the mdsauth.dll COM object in Microsoft Windows Media Server in the Mic...
CVE-2007-2222 Multiple buffer overflows in the (1) ActiveListen (Xlisten.dll) and (2) ActiveVoice (Xvoice.dll) spe...
E
CVE-2007-2223 Microsoft XML Core Services (MSXML) 3.0 through 6.0 allows remote attackers to execute arbitrary cod...
S
CVE-2007-2224 Object linking and embedding (OLE) Automation, as used in Microsoft Windows 2000 SP4, XP SP2, Server...
CVE-2007-2225 A component in Microsoft Outlook Express 6 and Windows Mail in Windows Vista does not properly handl...
CVE-2007-2226 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2007-2227 The MHTML protocol handler in Microsoft Outlook Express 6 and Windows Mail in Windows Vista does not...
CVE-2007-2228 rpcrt4.dll (aka the RPC runtime library) in Microsoft Windows XP SP2, XP Professional x64 Edition, S...
CVE-2007-2229 Microsoft Windows Vista uses insecure default permissions for unspecified "local user information da...
CVE-2007-2230 SQL injection vulnerability in CA Clever Path Portal allows remote authenticated users to execute li...
E
CVE-2007-2231 Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot before 1.0.rc29, when usin...
CVE-2007-2232 The CHECK command in Cosign 2.0.1 and earlier allows remote attackers to bypass authentication requi...
S
CVE-2007-2233 cosign-bin/cosign.cgi in Cosign 2.0.2 and earlier allows remote authenticated users to perform unaut...
S
CVE-2007-2234 include/common.php in PunBB 1.2.14 and earlier does not properly handle a disabled ini_get function ...
CVE-2007-2235 Multiple cross-site scripting (XSS) vulnerabilities in PunBB 1.2.14 and earlier allow remote attacke...
S
CVE-2007-2236 footer.php in PunBB 1.2.14 and earlier allows remote attackers to include local files in include/use...
S
CVE-2007-2237 Microsoft Windows Graphics Device Interface (GDI+, GdiPlus.dll) allows context-dependent attackers t...
E
CVE-2007-2238 Multiple stack-based buffer overflows in the Whale Client Components ActiveX control (WhlMgr.dll), a...
S
CVE-2007-2239 Stack-based buffer overflow in the SaveBMP method in the AXIS Camera Control (aka CamImage) ActiveX ...
S
CVE-2007-2240 The IBM Lenovo Access Support acpRunner ActiveX control, as distributed in acpcontroller.dll before ...
CVE-2007-2241 Unspecified vulnerability in query.c in ISC BIND 9.4.0, and 9.5.0a1 through 9.5.0a3, when recursion ...
CVE-2007-2242 The IPv6 protocol allows remote attackers to cause a denial of service via crafted IPv6 type 0 route...
S
CVE-2007-2243 OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabled, allows remote attackers to...
CVE-2007-2244 Multiple buffer overflows in Adobe Photoshop CS2 and CS3, Illustrator CS3, and GoLive 9 allow user-a...
E
CVE-2007-2245 Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.10.1.0 allow remote attac...
CVE-2007-2246 Unspecified vulnerability in HP-UX B.11.00 and B.11.11, when running sendmail 8.9.3 or 8.11.1; and H...
S
CVE-2007-2247 SQL injection vulnerability in modules/news/article.php in phpMySpace Gold 8.10 allows remote attack...
CVE-2007-2248 Multiple cross-site scripting (XSS) vulnerabilities in admin.php in Phorum before 5.1.22 allow remot...
E S
CVE-2007-2249 include/controlcenter/users.php in Phorum before 5.1.22 allows remote authenticated moderators to ga...
E S
CVE-2007-2250 admin.php in Phorum before 5.1.22 allows remote attackers to obtain the full path via the module[] p...
E S
CVE-2007-2251 Unspecified vulnerability in the Roles module in Xaraya 1.1.2 and earlier allows attackers to gain p...
S
CVE-2007-2252 Directory traversal vulnerability in iconspopup.php in Exponent CMS 0.96.6 Alpha and earlier allows ...
E
CVE-2007-2253 Exponent CMS 0.96.6 Alpha and earlier allows remote attackers to obtain path information via a direc...
E
CVE-2007-2254 PHP remote file inclusion vulnerability in admin/setup/level2.php in PHP Classifieds 6.04, and proba...
CVE-2007-2255 Multiple PHP remote file inclusion vulnerabilities in Download-Engine 1.4.3 allow remote attackers t...
CVE-2007-2256 Cross-site scripting (XSS) vulnerability in you.php in TJSChat 0.95 allows remote attackers to injec...
CVE-2007-2257 PHP remote file inclusion vulnerability in subscp.php in Fully Modded phpBB2 allows remote attackers...
E
CVE-2007-2258 PHP remote file inclusion vulnerability in includes/init.inc.php in PHPMyBibli allows remote attacke...
CVE-2007-2259 SQL injection vulnerability in forum.php in EsForum 3.0 allows remote attackers to execute arbitrary...
CVE-2007-2260 Multiple PHP remote file inclusion vulnerabilities in bibtex mase beta 2.0 allow remote attackers to...
CVE-2007-2261 PHP remote file inclusion vulnerability in espaces/communiques/annotations.php in C-Arbre 0.6PR7 and...
CVE-2007-2262 Multiple PHP remote file inclusion vulnerabilities in html/php/detail.php in Sinato jmuffin allow re...
E
CVE-2007-2263 Heap-based buffer overflow in RealNetworks RealPlayer 10.0, 10.1, and possibly 10.5, RealOne Player,...
S
CVE-2007-2264 Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player...
S
CVE-2007-2265 Cross-site scripting (XSS) vulnerability in YA Book 0.98-alpha allows remote attackers to inject arb...
CVE-2007-2266 Progress Webspeed Messenger allows remote attackers to read, create, modify, and execute arbitrary f...
E
CVE-2007-2267 Unspecified vulnerability in Sun Cluster 3.1 and Solaris Cluster 3.2 before 20070424 allows remote a...
CVE-2007-2268 Multiple directory traversal vulnerabilities in SWsoft Plesk for Windows 7.6.1, 8.1.0, and 8.1.1 all...
S
CVE-2007-2269 Directory traversal vulnerability in top.php3 in SWsoft Plesk for Windows 8.1 and 8.1.1 allows remot...
CVE-2007-2270 The Linksys SPA941 VoIP Phone allows remote attackers to cause a denial of service (device reboot) v...
E
CVE-2007-2271 Directory traversal vulnerability in Rajneel Lal TotaRam USP FOSS Distribution 1.01 allows remote at...
E
CVE-2007-2272 PHP remote file inclusion vulnerability in docs/front-end-demo/cart2.php in Advanced Webhost Billing...
E
CVE-2007-2273 PHP remote file inclusion vulnerability in include/loading.php in Alessandro Lulli wavewoo 0.1.1 all...
E
CVE-2007-2274 The BitTorrent implementation in Opera 9.2 allows remote attackers to cause a denial of service (CPU...
E
CVE-2007-2275 Unspecified vulnerability in HP StorageWorks Command View Advanced Edition for XP before 5.6.0-01, X...
CVE-2007-2276 3Com TippingPoint IPS allows remote attackers to cause a denial of service (device hang) via a flood...
CVE-2007-2277 Session fixation vulnerability in Plogger allows remote attackers to hijack web sessions by setting ...
CVE-2007-2278 Multiple PHP remote file inclusion vulnerabilities in DCP-Portal 6.1.1 allow remote attackers to exe...
CVE-2007-2279 The Scheduler Service (VxSchedService.exe) in Symantec Storage Foundation for Windows 5.0 allows rem...
S
CVE-2007-2280 Stack-based buffer overflow in OmniInet.exe (aka the backup client service daemon) in the Applicatio...
S
CVE-2007-2281 Integer overflow in the _ncp32._NtrpTCPReceiveMsg function in rds.exe in the Cell Manager Database S...
S
CVE-2007-2282 Cisco Network Services (CNS) NetFlow Collection Engine (NFC) before 6.0 has an nfcuser account with ...
CVE-2007-2283 Buffer overflow in Fresh View 7.15 allows user-assisted remote attackers to execute arbitrary code v...
E
CVE-2007-2284 Buffer overflow in ABC-View Manager 1.42 allows user-assisted remote attackers to execute arbitrary ...
E
CVE-2007-2285 Directory traversal vulnerability in examples/layout/feed-proxy.php in Jack Slocum Ext 1.0 alpha1 (E...
E
CVE-2007-2286 PHP remote file inclusion vulnerability in config.php in Built2Go PHP Link Portal 1.79 allows remote...
CVE-2007-2287 PHP remote file inclusion vulnerability in accept.php in comus 2.0 Final allows remote attackers to ...
CVE-2007-2288 PHP remote file inclusion vulnerability in info.php in Doruk100.net doruk100net allows remote attack...
CVE-2007-2289 PHP remote file inclusion vulnerability in admin/includes/spaw/dialogs/insert_link.php in download e...
CVE-2007-2290 Multiple PHP remote file inclusion vulnerabilities in B2 Weblog and News Publishing Tool 0.6.1 allow...
CVE-2007-2291 CRLF injection vulnerability in the Digest Authentication support for Microsoft Internet Explorer 7....
E
CVE-2007-2292 CRLF injection vulnerability in the Digest Authentication support for Mozilla Firefox before 2.0.0.8...
CVE-2007-2293 Multiple stack-based buffer overflows in the process_sdp function in chan_sip.c of the SIP channel T...
E S
CVE-2007-2294 The Manager Interface in Asterisk before 1.2.18 and 1.4.x before 1.4.3 allows remote attackers to ca...
S
CVE-2007-2295 Heap-based buffer overflow in the JVTCompEncodeFrame function in Apple Quicktime 7.1.5 and other ver...
CVE-2007-2296 Integer overflow in the FlipFileTypeAtom_BtoN function in Apple Quicktime 7.1.5, and other versions ...
CVE-2007-2297 The SIP channel driver (chan_sip) in Asterisk before 1.2.18 and 1.4.x before 1.4.3 does not properly...
S
CVE-2007-2298 Multiple PHP remote file inclusion vulnerabilities in Garennes 0.6.1 and earlier allow remote attack...
E S
CVE-2007-2299 Multiple SQL injection vulnerabilities in Frogss CMS 0.7 and earlier allow remote attackers to execu...
E
CVE-2007-2300 Multiple cross-site scripting (XSS) vulnerabilities in Endy Kristanto Surat kabar / News Management ...
E
CVE-2007-2301 Multiple PHP remote file inclusion vulnerabilities in audioCMS arash 0.1.4 allow remote attackers to...
E
CVE-2007-2302 PHP remote file inclusion vulnerability in autoindex.php in Expow 0.8 allows remote attackers to exe...
E
CVE-2007-2303 Directory traversal vulnerability in includes/footer.php in News Manager Deluxe (NMDeluxe) 1.0.1 all...
E
CVE-2007-2304 Multiple directory traversal vulnerabilities in Quick and Dirty Blog (QDBlog) 0.4, and possibly earl...
E
CVE-2007-2305 Multiple SQL injection vulnerabilities in authenticate.php in Quick and Dirty Blog (QDBlog) 0.4, and...
E
CVE-2007-2306 Multiple cross-site scripting (XSS) vulnerabilities in the Virtual War (VWar) 1.5.0 R15 and earlier ...
E
CVE-2007-2307 PHP remote file inclusion vulnerability in engine/engine.inc.php in WebKalk2 1.9.0 allows remote att...
E
CVE-2007-2308 Cross-site scripting (XSS) vulnerability in cas.php in FloweRS 2.0 allows remote attackers to inject...
E
CVE-2007-2309 Cross-site scripting (XSS) vulnerability in cas.php in FloweRS 2.0 allows remote attackers to inject...
CVE-2007-2310 Cross-site scripting (XSS) vulnerability in plugins/spaw/img_popup.php in BloofoxCMS 0.2.2 allows re...
E
CVE-2007-2311 PHP remote file inclusion vulnerability in install/index.php in BlooFoxCMS 0.2.2 allows remote attac...
CVE-2007-2312 Multiple SQL injection vulnerabilities in the Virtual War (VWar) 1.5.0 R15 module for PHP-Nuke allow...
E
CVE-2007-2313 PHP remote file inclusion vulnerability in getinfo1.php in the Shotcast 1.0 RC2 module for mxBB allo...
E
CVE-2007-2314 Multiple SQL injection vulnerabilities in Crea-Book 1.0, and possibly earlier, when magic_quotes_gpc...
CVE-2007-2315 MiniShare 1.5.4, and possibly earlier, allows remote attackers to cause a denial of service (applica...
S
CVE-2007-2316 Unspecified vulnerability in the admin script in Open Business Management (OBM) before 2.0.0 allows ...
S
CVE-2007-2317 Multiple PHP remote file inclusion vulnerabilities in MiniBB Forum 1.5a and earlier, as used by TOSM...
E
CVE-2007-2318 Multiple format string vulnerabilities in FileZilla before 2.2.32 allow remote attackers to execute ...
S
CVE-2007-2319 PHP remote file inclusion vulnerability in the AutoStand 1.1 and earlier module for Joomla! allows r...
E
CVE-2007-2320 SQL injection vulnerability in kontakt.php in Papoo 3.02 and earlier allows remote attackers to exec...
E
CVE-2007-2321 Unspecified vulnerability in the search functionality in SilverStripe 2.0.0 has unknown impact and a...
S
CVE-2007-2322 NMMediaServer.exe in Nero MediaHome 2.5.5.0 and CE 1.3.0.4 allows remote attackers to cause a denial...
CVE-2007-2323 Multiple buffer overflows in the WinDVDX ActiveX control in InterVideo Home Theater 2.1.13.0 and 2.5...
CVE-2007-2324 Directory traversal vulnerability in file.php in JulmaCMS 1.4 allows remote attackers to read arbitr...
E
CVE-2007-2325 PHP remote file inclusion vulnerability in include.php in MyNewsGroups :) allows remote attackers to...
CVE-2007-2326 Multiple PHP remote file inclusion vulnerabilities in HYIP Manager Pro allow remote attackers to exe...
CVE-2007-2327 PHP remote file inclusion vulnerability in _editor.php in HTMLeditbox 2.2 allows remote attackers to...
CVE-2007-2328 PHP remote file inclusion vulnerability in addvip.php in phpMYTGP 1.4b allows remote attackers to ex...
CVE-2007-2329 PHP remote file inclusion vulnerability in searchbot.php in Searchactivity allows remote attackers t...
CVE-2007-2330 PHP remote file inclusion vulnerability in includes_handler.php in DynaTracker 151 allows remote att...
CVE-2007-2331 PHP remote file inclusion vulnerability in cart.php in Shop-Script 2.0 allows remote attackers to ex...
CVE-2007-2332 Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 6_05.140 uses a fixed DES key to...
CVE-2007-2333 Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.3...
S
CVE-2007-2334 Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.3...
S
CVE-2007-2335 Cross-site scripting (XSS) vulnerability in the RSS feed reader functionality in Lunascape 4.1.3 bui...
S
CVE-2007-2336 Unspecified vulnerability in InterVations NaviCOPA Web Server 2.01 20070323 allows remote attackers ...
S
CVE-2007-2337 Multiple cross-site scripting (XSS) vulnerabilities in Exponent CMS 0.96.6 Alpha and earlier allow r...
E
CVE-2007-2338 Cross-site request forgery (CSRF) vulnerability in include/admin/banlist.php in Phorum before 5.1.22...
E S
CVE-2007-2339 Multiple SQL injection vulnerabilities in Phorum before 5.1.22 allow remote attackers to execute arb...
E S
CVE-2007-2340 Multiple PHP remote file inclusion vulnerabilities in inc/include_all.inc.php in phporacleview allow...
E
CVE-2007-2341 PHP remote file inclusion vulnerability in suite/index.php in phpBandManager 0.8 allows remote attac...
E
CVE-2007-2342 SQL injection vulnerability in error.asp in CreaScripts CreaDirectory 1.2 allows remote attackers to...
E
CVE-2007-2343 Stack-based buffer overflow in the TFTPD component in Enterasys NetSight Console 2.1 and NetSight In...
E S
CVE-2007-2344 The BOOTPD component in Enterasys NetSight Console 2.1 and NetSight Inventory Manager 2.1, and possi...
S
CVE-2007-2345 PHP remote file inclusion vulnerability in include/include_stream.inc.php in CodeWand phpBrowse allo...
E
CVE-2007-2346 Multiple PHP remote file inclusion vulnerabilities in PHP-Generics 1.0 beta allow remote attackers t...
E
CVE-2007-2347 PHP remote file inclusion vulnerability in main/forum/komentar.php in OneClick CMS (aka Sisplet CMS)...
E
CVE-2007-2348 mirror --script in lftp before 3.5.9 does not properly quote shell metacharacters, which might allow...
CVE-2007-2349 Cross-site scripting (XSS) vulnerability in Invision Power Board (IP.Board) 2.1.x and 2.2.x allows r...
S
CVE-2007-2350 admin/config.php in the music-on-hold module in freePBX 2.2.x allows remote authenticated administra...
E
CVE-2007-2351 Unspecified vulnerability in the HP Power Manager Remote Agent (RA) 4.0Build10 and earlier in HP-UX ...
S
CVE-2007-2352 Multiple format string vulnerabilities in AFFLIB 2.2.6 allow remote attackers to execute arbitrary c...
S
CVE-2007-2353 Apache Axis 1.0 allows remote attackers to obtain sensitive information by requesting a non-existent...
E
CVE-2007-2354 Progress Webspeed Messenger allows remote attackers to obtain sensitive information via a WService p...
CVE-2007-2355 The get_url function in DODS_Dispatch.pm for the CGI_server in OPeNDAP 3 allows remote attackers to ...
S
CVE-2007-2356 Stack-based buffer overflow in the set_color_table function in sunras.c in the SUNRAS plugin in Gimp...
E S
CVE-2007-2357 Cross-site scripting (XSS) vulnerability in mods/Core/result.php in SineCms 2.3.4 allows remote atta...
CVE-2007-2358 Multiple PHP remote file inclusion vulnerabilities in b2evolution allow remote attackers to execute ...
CVE-2007-2359 Buffer overflow in Ghost Service Manager, as used in Symantec Norton Ghost, Norton Save & Recovery, ...
CVE-2007-2360 Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery be...
CVE-2007-2361 Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery be...
S
CVE-2007-2362 Multiple buffer overflows in MyDNS 1.1.0 allow remote attackers to (1) cause a denial of service (da...
E
CVE-2007-2363 Buffer overflow in IrfanView 4.00 and earlier allows user-assisted remote attackers to execute arbit...
E
CVE-2007-2364 Multiple PHP remote file inclusion vulnerabilities in burnCMS 0.2 and earlier allow remote attackers...
E
CVE-2007-2365 Buffer overflow in Adobe Photoshop CS2 and CS3, Photoshop Elements 5.0, Illustrator CS3, and GoLive ...
E
CVE-2007-2366 Buffer overflow in Corel Paint Shop Pro 11.20 allows user-assisted remote attackers to execute arbit...
E
CVE-2007-2367 Buffer overflow in wserve_console.exe in Wserve HTTP Server (whttp) 4.6 allows remote attackers to c...
CVE-2007-2368 picture.php in WebSPELL 4.01.02 and earlier allows remote attackers to read arbitrary files via the ...
E
CVE-2007-2369 Directory traversal vulnerability in picture.php in WebSPELL 4.01.02 and earlier, when PHP before 4....
E
CVE-2007-2370 SQL injection vulnerability in index.php in the John Mordo Jobs 2.4 and earlier module for XOOPS all...
E
CVE-2007-2371 admin/index.php in Gregory Kokanosky phpMyNewsletter 0.8 beta5 and earlier provides access to config...
E
CVE-2007-2372 admin/send_mod.php in Gregory Kokanosky phpMyNewsletter 0.8 beta5 and earlier prints a Location head...
E
CVE-2007-2373 SQL injection vulnerability in viewcat.php in the WF-Links (wflinks) 1.03 and earlier module for XOO...
E
CVE-2007-2374 Unspecified vulnerability in Microsoft Windows 2000, XP, and Server 2003 allows user-assisted remote...
CVE-2007-2375 The agent remote upgrade interface in Symantec Enterprise Security Manager (ESM) before 20070405 doe...
S
CVE-2007-2376 The Dojo framework exchanges data using JavaScript Object Notation (JSON) without an associated prot...
CVE-2007-2377 The Getahead Direct Web Remoting (DWR) framework 1.1.4 exchanges data using JavaScript Object Notati...
CVE-2007-2378 The Google Web Toolkit (GWT) framework exchanges data using JavaScript Object Notation (JSON) withou...
CVE-2007-2379 The jQuery framework exchanges data using JavaScript Object Notation (JSON) without an associated pr...
CVE-2007-2380 The Microsoft Atlas framework exchanges data using JavaScript Object Notation (JSON) without an asso...
CVE-2007-2381 The MochiKit framework exchanges data using JavaScript Object Notation (JSON) without an associated ...
CVE-2007-2382 The Moo.fx framework exchanges data using JavaScript Object Notation (JSON) without an associated pr...
CVE-2007-2383 The Prototype (prototypejs) framework before 1.5.1 RC3 exchanges data using JavaScript Object Notati...
CVE-2007-2384 The Script.aculo.us framework exchanges data using JavaScript Object Notation (JSON) without an asso...
CVE-2007-2385 The Yahoo! UI framework exchanges data using JavaScript Object Notation (JSON) without an associated...
CVE-2007-2386 Buffer overflow in mDNSResponder in Apple Mac OS X 10.4 up to 10.4.9 allows remote attackers to caus...
CVE-2007-2387 Apple Xserve Lights-Out Management before Firmware Update 1.0 on Intel hardware does not require a p...
S
CVE-2007-2388 Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not properly restrict QTObject subclassi...
CVE-2007-2389 Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not clear potentially sensitive memory b...
CVE-2007-2390 Buffer overflow in iChat in Apple Mac OS X 10.3.9 and 10.4.9 allows remote attackers to cause a deni...
CVE-2007-2391 Cross-site scripting (XSS) vulnerability in Apple Safari Beta 3.0.1 for Windows allows remote attack...
S
CVE-2007-2392 Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to ex...
S
CVE-2007-2393 The design of QuickTime for Java in Apple Quicktime before 7.2 allows remote attackers to bypass cer...
S
CVE-2007-2394 Integer overflow in Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted re...
S
CVE-2007-2395 Unspecified vulnerability in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary...
S
CVE-2007-2396 The JDirect support in QuickTime for Java in Apple Quicktime before 7.2 exposes certain dangerous in...
S
CVE-2007-2397 QuickTime for Java in Apple Quicktime before 7.2 does not properly check permissions, which allows r...
S
CVE-2007-2398 Apple Safari 3.0.1 beta (522.12.12) on Windows allows remote attackers to modify the window title an...
CVE-2007-2399 WebKit in Apple Mac OS X 10.3.9, 10.4.9 and later, and iPhone before 1.0.1 performs an "invalid type...
S
CVE-2007-2400 Race condition in Apple Safari 3 Beta before 3.0.2 on Mac OS X, Windows XP, Windows Vista, and iPhon...
S
CVE-2007-2401 CRLF injection vulnerability in WebCore in Apple Mac OS X 10.3.9, 10.4.9 and later, and iPhone befor...
S
CVE-2007-2402 QuickTime for Java in Apple Quicktime before 7.2 does not perform sufficient "access control," which...
S
CVE-2007-2403 CFNetwork on Apple Mac OS X 10.3.9 and 10.4.10 does not properly validate ftp: URIs, which allows re...
S
CVE-2007-2404 CRLF injection vulnerability in CFNetwork on Apple Mac OS X 10.3.9 and 10.4.10 before 20070731 allow...
S
CVE-2007-2405 Integer underflow in Preview in PDFKit on Apple Mac OS X 10.4.10 allows remote attackers to execute ...
S
CVE-2007-2406 Quartz Composer on Apple Mac OS X 10.4.10 does not initialize a certain object pointer, which might ...
S
CVE-2007-2407 The Samba server on Apple Mac OS X 10.3.9 and 10.4.10, when Windows file sharing is enabled, does no...
S
CVE-2007-2408 WebKit in Apple Safari 3 Beta before Update 3.0.3 does not properly recognize an unchecked "Enable J...
S
CVE-2007-2409 Cross-domain vulnerability in WebCore on Apple Mac OS X 10.3.9 and 10.4.10 allows remote attackers t...
S
CVE-2007-2410 WebCore on Apple Mac OS X 10.3.9 and 10.4.10 retains properties of certain global objects when a new...
S
CVE-2007-2411 PHP remote file inclusion vulnerability in index.php in Sphider 1.2.x allows remote attackers to exe...
CVE-2007-2412 Directory traversal vulnerability in modules/file.php in Seir Anphin allows remote attackers to obta...
CVE-2007-2413 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-2459. Reason: This candida...
R
CVE-2007-2414 MyServer before 0.8.8 allows remote attackers to cause a denial of service via unspecified vectors....
S
CVE-2007-2415 Pi3Web Web Server 2.0.3 PL1 allows remote attackers to cause a denial of service (application exit) ...
S
CVE-2007-2416 SQL injection vulnerability in home.php in E-Annu allows remote attackers to execute arbitrary SQL c...
E
CVE-2007-2417 Heap-based buffer overflow in _mprosrv.exe in Progress Software Progress 9.1E and OpenEdge 10.1x, as...
S
CVE-2007-2418 Heap-based buffer overflow in the Rendezvous / Extensible Messaging and Presence Protocol (XMPP) com...
S
CVE-2007-2419 Multiple buffer overflows in an ActiveX control (boisweb.dll) in Macrovision FLEXnet Connect 6.0 and...
S
CVE-2007-2420 SQL injection vulnerability in bry.asp in Burak Yilmaz Blog 1.0 allows remote attackers to execute a...
E
CVE-2007-2421 Buffer overflow in Hitachi Groupmax Mobile Option for Mobile-Phone 07-00 through 07-30, 5 for i-mode...
S
CVE-2007-2422 Multiple PHP remote file inclusion vulnerabilities in Modules Builder (modbuild) 4.1 for Comdev One ...
CVE-2007-2423 Cross-site scripting (XSS) vulnerability in index.php in MoinMoin 1.5.7 allows remote attackers to i...
E
CVE-2007-2424 PHP remote file inclusion vulnerability in help/index.php in The Merchant (themerchant) 2.2 allows r...
E
CVE-2007-2425 Directory traversal vulnerability in fileview.php in Imageview 5.3 allows remote attackers to read a...
E
CVE-2007-2426 PHP remote file inclusion vulnerability in myfunctions/mygallerybrowser.php in the myGallery 1.4b4 a...
E
CVE-2007-2427 SQL injection vulnerability in index.php in the pnFlashGames 1.5 module for PostNuke allows remote a...
E
CVE-2007-2428 Multiple PHP remote file inclusion vulnerabilities in page.php in Ahhp-Portal allow remote attackers...
E
CVE-2007-2429 ManageEngine PasswordManager Pro (PMP) allows remote attackers to obtain administrative access to a ...
E
CVE-2007-2430 shared/code/tce_tmx.php in TCExam 4.0.011 and earlier allows remote attackers to create arbitrary PH...
E S
CVE-2007-2431 Dynamic variable evaluation vulnerability in shared/config/tce_config.php in TCExam 4.0.011 and earl...
E S
CVE-2007-2432 Cross-site scripting (XSS) vulnerability in utilities/search.asp in nukedit 4.9.7b allows remote att...
CVE-2007-2433 Cross-site scripting (XSS) vulnerability in index.php in Ariadne 2.4.1 allows remote attackers to in...
CVE-2007-2434 Buffer overflow in asnsp.dll in Aventail Connect 4.1.2.13 allows remote attackers to cause a denial ...
CVE-2007-2435 Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2...
S
CVE-2007-2436 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-1861. Reason: This candida...
R
CVE-2007-2437 The X render (Xrender) extension in X.org X Window System 7.0, 7.1, and 7.2, with Xserver 1.3.0 and ...
S
CVE-2007-2438 The sandbox for vim allows dangerous functions such as (1) writefile, (2) feedkeys, and (3) system, ...
E
CVE-2007-2439 Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and earlier for Windows allows remote attacke...
S
CVE-2007-2440 Directory traversal vulnerability in Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and earl...
E S
CVE-2007-2441 Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and earlier for Windows allows remote attacke...
S
CVE-2007-2442 The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier mi...
S
CVE-2007-2443 Integer signedness error in the gssrpc__svcauth_unix function in svc_auth_unix.c in the RPC library ...
S
CVE-2007-2444 Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2 al...
S
CVE-2007-2445 The png_handle_tRNS function in pngrutil.c in libpng before 1.0.25 and 1.2.x before 1.2.17 allows re...
S
CVE-2007-2446 Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 all...
S
CVE-2007-2447 The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute...
S
CVE-2007-2448 Subversion 1.4.3 and earlier does not properly implement the "partial access" privilege for users wh...
S
CVE-2007-2449 Multiple cross-site scripting (XSS) vulnerabilities in certain JSP files in the examples web applica...
S
CVE-2007-2450 Multiple cross-site scripting (XSS) vulnerabilities in the (1) Manager and (2) Host Manager web appl...
S
CVE-2007-2451 Unspecified vulnerability in drivers/crypto/geode-aes.c in GEODE-AES in the Linux kernel before 2.6....
S
CVE-2007-2452 Heap-based buffer overflow in the visit_old_format function in locate/locate.c in locate in GNU find...
S
CVE-2007-2453 The random number feature in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, (1) do...
S
CVE-2007-2454 Heap-based buffer overflow in the VGA device in Parallels allows local users, with root access to th...
CVE-2007-2455 Parallels allows local users to cause a denial of service (virtual machine abort) via (1) certain IN...
CVE-2007-2456 Multiple PHP remote file inclusion vulnerabilities in FireFly 1.1.01 allow remote attackers to execu...
E
CVE-2007-2457 PHP remote file inclusion vulnerability in resources/includes/class.Smarty.php in Pixaria Gallery be...
E S
CVE-2007-2458 Multiple PHP remote file inclusion vulnerabilities in Pixaria Gallery before 1.4.3 allow remote atta...
E S
CVE-2007-2459 Heap-based buffer overflow in the BMP reader (bmp.c) in Imager perl module (libimager-perl) 0.45 thr...
CVE-2007-2460 PHP remote file inclusion vulnerability in modules/admin/include/config.php in FireFly 1.1.01 and ea...
CVE-2007-2461 The DHCP relay agent in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 allows remote attackers ...
S
CVE-2007-2462 Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 before 7.2(2)8, whe...
S
CVE-2007-2463 Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and...
CVE-2007-2464 Race condition in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before...
S
CVE-2007-2465 Unspecified vulnerability in Sun Solaris 9, when Solaris Auditing (BSM) is enabled for file read, wr...
S
CVE-2007-2466 Unspecified vulnerability in the LDAP Software Development Kit (SDK) for C, as used in Sun Java Syst...
S
CVE-2007-2467 ZoneAlarm Pro 6.5.737.000, 6.1.744.001, and possibly earlier versions and other products, allows loc...
CVE-2007-2468 Unspecified vulnerability in HP OpenVMS for Integrity Servers 8.2-1 and 8.3 allows local users to ca...
S
CVE-2007-2469 SQL injection vulnerability in index.php in FileRun 1.0 and earlier allows remote attackers to execu...
CVE-2007-2470 Multiple cross-site scripting (XSS) vulnerabilities in index.php in FileRun 1.0 and earlier allow re...
CVE-2007-2471 Directory traversal vulnerability in sendcard.php in Sendcard 3.4.1 and earlier allows remote attack...
E
CVE-2007-2472 Cross-site scripting (XSS) vulnerability in sendcard.php in Sendcard 3.4.1 and earlier allows remote...
E
CVE-2007-2473 SQL injection vulnerability in stylesheet.php in CMS Made Simple 1.0.5 and earlier allows remote att...
E S
CVE-2007-2474 Multiple PHP remote file inclusion vulnerabilities in Turnkey Web Tools SunShop Shopping Cart 4.0 al...
CVE-2007-2475 Unspecified vulnerability in the ADSCHEMA utility in Novell SecureLogin (NSL) 6 SP1 before 6.0.106 h...
S
CVE-2007-2476 Unspecified vulnerability in Novell SecureLogin (NSL) 6 SP1 before 6.0.106 has unknown impact and re...
S
CVE-2007-2477 PHP remote file inclusion vulnerability in phpMyChat.php3 in phpMyChat 0.14.5 allows remote attacker...
CVE-2007-2478 Multiple heap-based buffer overflows in the IRC component in Cerulean Studios Trillian Pro before 3....
S
CVE-2007-2479 Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers to obtain potentially sensitive...
CVE-2007-2480 The _udp_lib_get_port function in net/ipv4/udp.c in Linux kernel 2.6.21 and earlier does not prevent...
CVE-2007-2481 PHP remote file inclusion vulnerability in wordtube-button.php in the wordTube 1.43 and earlier plug...
E S
CVE-2007-2482 Directory traversal vulnerability in wordtube-button.php in the wordTube 1.43 and earlier plugin for...
E S
CVE-2007-2483 Directory traversal vulnerability in js/wptable-button.php in the wp-Table 1.43 and earlier plugin f...
E
CVE-2007-2484 PHP remote file inclusion vulnerability in js/wptable-button.php in the wp-Table 1.43 and earlier pl...
E
CVE-2007-2485 PHP remote file inclusion vulnerability in myflash-button.php in the myflash 1.00 and earlier plugin...
E S
CVE-2007-2486 Directory traversal vulnerability in download.asp in Motobit 1.3 and 1.5 (aka PStruh-CZ) allows remo...
E
CVE-2007-2487 Stack-based buffer overflow in AtomixMP3 allows remote attackers to execute arbitrary code via a lon...
CVE-2007-2488 The IAX2 channel driver (chan_iax2) in Asterisk before 20070504 does not properly null terminate dat...
CVE-2007-2489 Heap-based buffer overflow in LiveData Protocol Server 5.00.045, and other versions before update 50...
S
CVE-2007-2490 Unspecified vulnerability in LiveData Server before 5.00.62 allows remote attackers to cause a denia...
S
CVE-2007-2491 The PIIX4 power management subsystem in EMC VMware Workstation 5.5.3.34685 and VMware Server 1.0.1.2...
CVE-2007-2492 SQL injection vulnerability in index.php in the v4bJournal module for PostNuke allows remote authent...
E
CVE-2007-2493 PHP remote file inclusion vulnerability in faq.php in the FAQ & RULES 2.0.0 and earlier module for m...
E
CVE-2007-2494 Multiple stack-based buffer overflows in the PowerPointOCX ActiveX control in PowerPointViewer.ocx 3...
E
CVE-2007-2495 Multiple stack-based buffer overflows in the ExcelOCX ActiveX control in ExcelViewer.ocx 3.1.0.6 all...
E
CVE-2007-2496 The WordOCX ActiveX control in WordViewer.ocx 3.2.0.5 allows remote attackers to cause a denial of s...
CVE-2007-2497 RealNetworks RealPlayer 10 Gold allows remote attackers to cause a denial of service (memory consump...
E
CVE-2007-2498 libmp4v2.dll in Winamp 5.02 through 5.34 allows user-assisted remote attackers to execute arbitrary ...
E
CVE-2007-2499 Multiple cross-site scripting (XSS) vulnerabilities in DVDdb 0.6 and earlier allow remote attackers ...
CVE-2007-2500 server/parser/sprite_definition.cpp in GNU Gnash (aka GNU Flash Player) 0.7.2 allows remote attacker...
CVE-2007-2501 Eval injection vulnerability in codepress.html in CodePress before 0.9.4 allows remote attackers to ...
S
CVE-2007-2502 Unspecified vulnerability in HP ProCurve 9300m Series switches with software 08.0.01c through 08.0.0...
S
CVE-2007-2503 Directory traversal vulnerability in turbulence.php in PHP Turbulence 0.0.1 alpha allows remote atta...
CVE-2007-2504 PHP remote file inclusion vulnerability in user/turbulence.php in PHP Turbulence 0.0.1 alpha allows ...
CVE-2007-2505 Stack-based buffer overflow in InterVations MailCOPA 8.01 20070323 allows user-assisted remote attac...
S
CVE-2007-2506 WebSpeed 3.x in OpenEdge 10.x in Progress Software Progress 9.1e, and certain other 9.x versions, al...
E S
CVE-2007-2507 Directory traversal vulnerability in includes/download.php in Treble Designs 1024 CMS 0.7 allows rem...
E
CVE-2007-2508 Multiple stack-based buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2 Buil...
E S
CVE-2007-2509 CRLF injection vulnerability in the ftp_putcmd function in PHP before 4.4.7, and 5.x before 5.2.2 al...
S
CVE-2007-2510 Buffer overflow in the make_http_soap_request function in PHP before 5.2.2 has unknown impact and re...
CVE-2007-2511 Buffer overflow in the user_filter_factory_create function in PHP before 5.2.2 has unknown impact an...
CVE-2007-2512 Alcatel-Lucent IP-Touch Telephone running OmniPCX Enterprise 7.0 and later enables the mini switch b...
CVE-2007-2513 Novell GroupWise 7 before SP2 20070524, and GroupWise 6 before 6.5 post-SP6 20070522, allows remote ...
S
CVE-2007-2514 Stack-based buffer overflow in XferWan.exe as used in multiple products including (1) Symantec Disco...
S
CVE-2007-2518 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-2518. Reason: This candida...
R
CVE-2007-2519 Directory traversal vulnerability in the installer in PEAR 1.0 through 1.5.3 allows user-assisted re...
E S
CVE-2007-2520 SQL injection vulnerability in admin.php in MyNews 0.10, when magic_quotes_gpc is disabled, allows r...
E
CVE-2007-2521 PHP remote file inclusion vulnerability in common.php in E-GADS! before 2.2.7 allows remote attacker...
E S
CVE-2007-2522 Stack-based buffer overflow in the inoweb Console Server in CA Anti-Virus for the Enterprise r8, Thr...
CVE-2007-2523 CA Anti-Virus for the Enterprise r8 and Threat Manager r8 before 20070510 use weak permissions (NULL...
S
CVE-2007-2524 Cross-site scripting (XSS) vulnerability in index.pl in Open Ticket Request System (OTRS) 2.0.x allo...
E
CVE-2007-2525 Memory leak in the PPP over Ethernet (PPPoE) socket implementation in the Linux kernel before 2.6.21...
S
CVE-2007-2526 Heap-based buffer overflow in the ConnectAsyncEx function in VNC Viewer ActiveX control (scvncctrl.d...
E
CVE-2007-2527 Multiple PHP remote file inclusion vulnerabilities in DynamicPAD before 1.03.31 allow remote attacke...
E
CVE-2007-2528 Buffer overflow in AgRpcCln.dll for Trend Micro ServerProtect 5.58 for Windows before Security Patch...
S
CVE-2007-2529 Integer signedness error in the acl (facl) system call in Solaris 10 before 20070507 allows local us...
S
CVE-2007-2530 Multiple PHP remote file inclusion vulnerabilities in Tropicalm Crowell Resource 4.5.2 allow remote ...
E
CVE-2007-2531 PHP remote file inclusion vulnerability in berylium-classes.php in Berylium2 2003-08-18 allows remot...
E
CVE-2007-2532 Multiple cross-site scripting (XSS) vulnerabilities in Minh Nguyen Duong Obie Website Mini Web Shop ...
E
CVE-2007-2533 Multiple buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2- Build 1174 allo...
S
CVE-2007-2534 Multiple SQL injection vulnerabilities in admin.php in phpHoo3 allow remote attackers to execute arb...
E
CVE-2007-2535 WinAce allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a...
E
CVE-2007-2536 PicoZip allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with ...
E
CVE-2007-2537 Multiple SQL injection vulnerabilities in mainfile.php in NPDS 5.10 and earlier allow remote authent...
E
CVE-2007-2538 SQL injection vulnerability in class/debug/debug_show.php in RunCms 1.5.2 and earlier allows remote ...
E S
CVE-2007-2539 The show_files function in RunCms 1.5.2 and earlier allows remote attackers to obtain sensitive info...
E S
CVE-2007-2540 Multiple PHP remote file inclusion vulnerabilities in PMECMS 1.0 and earlier allow remote attackers ...
E
CVE-2007-2541 PHP remote file inclusion vulnerability in includes/ajax_listado.php in Versado CMS 1.07 allows remo...
E
CVE-2007-2542 PHP remote file inclusion vulnerability in header.php in workbench survival guide 0.11 allows remote...
E
CVE-2007-2543 SQL injection vulnerability in game.php in the Flashgames 1.0.1 module for XOOPS allows remote attac...
E
CVE-2007-2544 PHP remote file inclusion vulnerability in templates/default/tpl_message.php in PHP TopTree BBS 2.0....
E
CVE-2007-2545 Multiple PHP remote file inclusion vulnerabilities in Persism CMS 0.9.2 and earlier allow remote att...
E
CVE-2007-2546 Session fixation vulnerability in Simple Machines Forum (SMF) 1.1.2 and earlier allows remote attack...
CVE-2007-2547 Cross-site scripting (XSS) vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 a...
E
CVE-2007-2548 Unspecified vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 has unknown impa...
CVE-2007-2549 SQL injection vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 allows remote ...
E
CVE-2007-2550 Multiple CRLF injection vulnerabilities in Devellion CubeCart 3.0.15 allow remote attackers to injec...
CVE-2007-2551 Cross-site scripting (XSS) vulnerability in usersettings.php in WikkaWiki (Wikka Wiki) before 1.1.6....
CVE-2007-2552 The RecentChanges feature in WikkaWiki (Wikka Wiki) before 1.1.6.3 allows remote attackers to obtain...
S
CVE-2007-2553 Unspecified vulnerability in dop in HP Tru64 UNIX 5.1B-4, 5.1B-3, and 5.1A PK6 allows local users to...
E S
CVE-2007-2554 Associated Press (AP) Newspower 4.0.1 and earlier uses a default blank password for the MySQL root a...
CVE-2007-2555 Unspecified vulnerability in Default.aspx in Podium CMS allows remote attackers to have an unknown i...
CVE-2007-2556 SQL injection vulnerability in Nuked-klaN 1.7.6 allows remote attackers to execute arbitrary SQL com...
E
CVE-2007-2557 MOStlyDB Admin in Mambo 4.6.1 does not properly check privileges, which allows remote authenticated ...
S
CVE-2007-2558 PHP remote file inclusion vulnerability in index.php in phpFullAnnu CMS (pfa CMS) 6.0 allows remote ...
CVE-2007-2559 Multiple PHP remote file inclusion vulnerabilities in american cart 3.5 allow remote attackers to ex...
CVE-2007-2560 Directory traversal vulnerability in theme/acgv.php in ACGVannu 1.3 and earlier allows remote attack...
E
CVE-2007-2561 SQL injection vulnerability in index.asp in fipsCMS 2.1 allows remote attackers to execute arbitrary...
CVE-2007-2562 Cross-site scripting (XSS) vulnerability in index.php in Kayako eSupport 3.00.90 allows remote attac...
CVE-2007-2563 Buffer overflow in the AddFile function in VersalSoft HTTP File Upload ActiveX control (UFileUploade...
S
CVE-2007-2564 Multiple stack-based buffer overflows in the Sienzo Digital Music Mentor (DMM) 2.6.0.4 ActiveX contr...
CVE-2007-2565 Cdelia Software ImageProcessing allows user-assisted remote attackers to cause a denial of service (...
E
CVE-2007-2566 The SaveBarCode function in the Taltech Tal Bar Code ActiveX control allows remote attackers to caus...
CVE-2007-2567 Buffer overflow in the SaveBarCode function in the Taltech Tal Bar Code ActiveX control allows remot...
CVE-2007-2568 Multiple stack-based buffer overflows in VCDGear 3.55 allow user-assisted remote attackers to execut...
CVE-2007-2569 Multiple PHP remote file inclusion vulnerabilities in Friendly 1.0d1 and earlier allow remote attack...
E
CVE-2007-2570 PHP remote file inclusion vulnerability in handlers/page/show.php in Wikivi5 allows remote attackers...
E
CVE-2007-2571 SQL injection vulnerability in index.php in the wfquotes 1.0 0 module for XOOPS allows remote attack...
E
CVE-2007-2572 PHP remote file inclusion vulnerability in modules/noevents/templates/mfa_theme.php in NoAh (aka PHP...
E
CVE-2007-2573 PHP remote file inclusion vulnerability in plugin/HP_DEV/cms2.php in PHPtree 1.3 allows remote attac...
E
CVE-2007-2574 Directory traversal vulnerability in index.php in Archangel Weblog 0.90.02 allows remote attackers t...
E
CVE-2007-2575 PHP remote file inclusion vulnerability in watermark.php in the vm (aka Jean-Francois Laflamme) wate...
E
CVE-2007-2576 Buffer overflow in the East Wind Software advdaudio.ocx 1.5.1.1 ActiveX control allows user-assisted...
E
CVE-2007-2577 Multiple SQL injection vulnerabilities in ACP3 4.0 beta 3 allow remote attackers to execute arbitrar...
CVE-2007-2578 Unspecified vulnerability in search/list/action_search/index.php in ACP3 4.0 beta 3 allows remote at...
CVE-2007-2579 Multiple cross-site scripting (XSS) vulnerabilities in ACP3 4.0 beta 3 allow remote attackers to inj...
CVE-2007-2580 Unspecified vulnerability in Apple Safari allows local users to obtain sensitive information (saved ...
CVE-2007-2581 Multiple cross-site scripting (XSS) vulnerabilities in Microsoft Windows SharePoint Services 3.0 for...
CVE-2007-2582 Multiple buffer overflows in the DB2 JDBC Applet Server (DB2JDS) service in IBM DB2 9.x and earlier ...
S
CVE-2007-2583 The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5.1 before 5.1.18-beta, ...
E S
CVE-2007-2584 Buffer overflow in the IsOldAppInstalled function in the McSubMgr.McSubMgr Subscription Manager Acti...
S
CVE-2007-2585 Stack-based buffer overflow in the Verify function in the BarCodeWiz ActiveX control 2.0 and 2.52 (B...
CVE-2007-2586 The FTP Server in Cisco IOS 11.3 through 12.4 does not properly check user authorization, which allo...
E
CVE-2007-2587 The IOS FTP Server in Cisco IOS 11.3 through 12.4 allows remote authenticated users to cause a denia...
S
CVE-2007-2588 Multiple buffer overflows in the Office Viewer OCX ActiveX control (oa.ocx) 3.2 allow remote attacke...
E
CVE-2007-2589 Cross-site request forgery (CSRF) vulnerability in compose.php in SquirrelMail 1.4.0 through 1.4.9a ...
S
CVE-2007-2590 Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107, and 6.6.2.2, possibly involving Novell Groupwise...
E S
CVE-2007-2591 usrmgr/userList.asp in Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107, and 6.6.2.2, possibly inv...
E S
CVE-2007-2592 Multiple cross-site scripting (XSS) vulnerabilities in Nokia Intellisync Mobile Suite 6.4.31.2, 6.6....
E S
CVE-2007-2593 The Terminal Server in Microsoft Windows 2003 Server, when using TLS, allows remote attackers to byp...
CVE-2007-2594 PHP remote file inclusion vulnerability in inc/articles.inc.php in phpMyPortal 3.0.0 RC3 allows remo...
E
CVE-2007-2595 RSAuction 2.73.1.3 allows remote authenticated users to move their own account status from Suspended...
S
CVE-2007-2596 PHP remote file inclusion vulnerability in common/func.php in aForum 1.32 and earlier allows remote ...
E
CVE-2007-2597 Multiple PHP remote file inclusion vulnerabilities in telltarget CMS 1.3.3 allow remote attackers to...
E
CVE-2007-2598 SQL injection vulnerability in print.php in SimpleNews 1.0.0 FINAL allows remote attackers to execut...
E
CVE-2007-2599 Multiple SQL injection vulnerabilities in TutorialCMS (aka Photoshop Tutorials) 1.00 and earlier all...
E
CVE-2007-2600 Multiple cross-site scripting (XSS) vulnerabilities in TutorialCMS (aka Photoshop Tutorials) 1.00 an...
E
CVE-2007-2601 Buffer overflow in a certain ActiveX control in the GDivX Zenith Player AviFixer class in fix.dll 1....
E
CVE-2007-2602 Buffer overflow in MIBEXTRA.EXE in Ipswitch WhatsUp Gold 11 allows attackers to cause a denial of se...
CVE-2007-2603 Unspecified vulnerability in the Init function in the Audio CD Ripper OCX (AudioCDRipperOCX.ocx) 1.0...
CVE-2007-2604 Unspecified vulnerability in the FlexLabel ActiveX control allows remote attackers to cause a denial...
CVE-2007-2605 Unspecified vulnerability in the GetPropertyById function in ISoftomateObj in SoftomateLib in BRUJUL...
CVE-2007-2606 Multiple buffer overflows in Firebird 2.1 allow attackers to trigger memory corruption and possibly ...
CVE-2007-2607 PHP remote file inclusion vulnerability in views/print/printbar.php in LaVague 0.3 and earlier allow...
E
CVE-2007-2608 PHP remote file inclusion vulnerability in lib/smarty/SmartyFU.class.php in Miplex2 Alpha 1 allows r...
E
CVE-2007-2609 Multiple PHP remote file inclusion vulnerabilities in gnuedu 1.3b2 allow remote attackers to execute...
E
CVE-2007-2610 Cross-site scripting (XSS) vulnerability in OpenLD before 1.1.9, and 1.1-modified before 1.1-modifie...
S
CVE-2007-2611 Multiple PHP remote file inclusion vulnerabilities in CGX 20050314 allow remote attackers to execute...
E
CVE-2007-2612 SQL injection vulnerability in libs/Wakka.class.php in WikkaWiki (Wikka Wiki) before 1.1.6.3 allows ...
S
CVE-2007-2613 WikkaWiki (Wikka Wiki) before 1.1.6.3 allows attackers in a shared virtual host server environment t...
S
CVE-2007-2614 PHP remote file inclusion vulnerability in examples/widget8.php in phpHtmlLib 2.4.0 and earlier allo...
CVE-2007-2615 Multiple PHP remote file inclusion vulnerabilities in Crie seu PHPLojaFacil 0.1.5 allow remote attac...
E
CVE-2007-2616 Stack-based buffer overflow in the SSL version of the NMDMC.EXE service in Novell NetMail 3.52e FTF2...
S
CVE-2007-2617 srsexec in Sun Remote Services (SRS) Net Connect Software Proxy Core package in Sun Solaris 10 does ...
S
CVE-2007-2618 CRLF injection vulnerability in index.php in Drake CMS 0.4.0 allows remote attackers to inject arbit...
CVE-2007-2619 Symantec pcAnywhere 11.5.x and 12.0.x retains unencrypted login credentials for the most recent logi...
S
CVE-2007-2620 PHP remote file inclusion vulnerability in inc/config.inc.php in Jakub Steiner (aka jimmac) original...
E
CVE-2007-2621 SQL injection vulnerability in event_view.php in Thyme Calendar 1.3 allows remote attackers to execu...
E
CVE-2007-2622 Multiple SQL injection vulnerabilities in TaskDriver 1.2 and earlier allow remote attackers to execu...
E
CVE-2007-2623 Multiple buffer overflows in RControl.dll in Remote Display Dev kit 1.2.1.0 allow remote attackers t...
E
CVE-2007-2624 Dynamic variable evaluation vulnerability in shared/config/cp_config.php in All In One Control Panel...
S
CVE-2007-2625 Cross-site scripting (XSS) vulnerability in shared/code/cp_authorization.php in All In One Control P...
S
CVE-2007-2626 SQL injection vulnerability in admin.php in SchoolBoard allows remote attackers to execute arbitrary...
CVE-2007-2627 Cross-site scripting (XSS) vulnerability in sidebar.php in WordPress, when custom 404 pages that cal...
CVE-2007-2628 PHP remote file inclusion vulnerability in include/logout.php in Justin Koivisto SecurityAdmin for P...
CVE-2007-2629 Bradford CampusManager Network Control Application Server 3.1(6) allows remote attackers to obtain s...
CVE-2007-2630 Incomplete blacklist vulnerability in filemanager/browser/default/connectors/php/config.php in the F...
S
CVE-2007-2631 Cross-site request forgery (CSRF) vulnerability in SquirrelMail 1.4.8-4.fc6 and earlier allows remot...
CVE-2007-2632 Multiple cross-site scripting (XSS) vulnerabilities in PHP Multi User Randomizer (phpMUR) 2006.09.13...
CVE-2007-2633 Directory traversal vulnerability in H-Sphere SiteStudio 1.6 allows remote attackers to read, or inc...
S
CVE-2007-2634 PHP remote file inclusion vulnerability in common/errormsg.php in aForum 1.32 and possibly earlier, ...
E
CVE-2007-2635 Unspecified vulnerability in Interchange before 5.4.2 allows remote attackers to cause an unspecifie...
CVE-2007-2636 Unspecified vulnerability in phpTodo before 0.8.1 allows remote attackers to have an unknown impact ...
S
CVE-2007-2637 MoinMoin before 20070507 does not properly enforce ACLs for calendars and includes, which allows rem...
S
CVE-2007-2638 eFileCabinet 3.3 allows remote attackers to bypass authentication and access restricted portions of ...
CVE-2007-2639 Directory traversal vulnerability in TFTPdWin 0.4.2 allows remote attackers to read or modify arbitr...
CVE-2007-2640 LibTMCG before 1.1.1 does not perform a range check to avoid "trivial group generators," which allow...
S
CVE-2007-2641 SQL injection vulnerability in W1L3D4_bolum.asp in W1L3D4 Philboard 0.2 allows remote attackers to e...
E
CVE-2007-2642 Directory traversal vulnerability in galeria.php in R2K Gallery 1.7 allows remote attackers to read ...
E
CVE-2007-2643 Directory traversal vulnerability in phpThumb.php in PinkCrow Designs Gallery or maGAZIn 2.0 allows ...
E
CVE-2007-2644 A certain ActiveX control in Morovia Barcode ActiveX Professional 3.3.1304 allows remote attackers t...
E
CVE-2007-2645 Integer overflow in the exif_data_load_data_entry function in exif-data.c in libexif before 0.6.14 a...
E S
CVE-2007-2646 Heap-based buffer overflow in yEnc32 1.0.7.207 allows user-assisted remote attackers to execute arbi...
S
CVE-2007-2647 Static code injection vulnerability in admin/admin_configuration.php in Monalbum 0.8.7 allows remote...
E
CVE-2007-2648 Stack-based buffer overflow in the Clever Database Comparer 2.2 ActiveX control (comparerax.ocx) all...
E
CVE-2007-2649 Deutsche Telekom (T-com) Speedport W 700v uses JavaScript delays for invalid authentication attempts...
CVE-2007-2650 The OLE2 parser in Clam AntiVirus (ClamAV) allows remote attackers to cause a denial of service (res...
S
CVE-2007-2651 Multiple off-by-one errors in VooDoo cIRCle before 1.1.beta27 allow remote attackers to cause a deni...
S
CVE-2007-2652 Multiple unspecified vulnerabilities in Free-SA before 1.2.2 allow remote attackers to execute arbit...
S
CVE-2007-2653 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-2438. Reason: This candida...
R
CVE-2007-2654 xfs_fsr in xfsdump creates a .fsr temporary directory with insecure permissions, which allows local ...
E
CVE-2007-2655 Unspecified vulnerability in NetWin Webmail 3.1s-1 in SurgeMail before 3.8i2 has unknown impact and ...
S
CVE-2007-2656 Stack-based buffer overflow in the Hewlett-Packard (HP) Magview ActiveX control in hpqvwocx.dll 1.0....
E
CVE-2007-2657 Unspecified vulnerability in the PrecisionID Barcode 1.3 ActiveX control in PrecisionID_DataMatrix.D...
E
CVE-2007-2658 Unspecified vulnerability in the ID Automation Linear Barcode 1.6.0.5 ActiveX control in IDAutomatio...
E
CVE-2007-2659 Directory traversal vulnerability in index.php in PHP Advanced Transfer Manager (phpATM) 1.30 allows...
E
CVE-2007-2660 PHP remote file inclusion vulnerability in pcltrace.lib.php in the PclTar module in Vincent Blavet P...
E
CVE-2007-2661 SQL injection vulnerability in archshow.asp in BlogMe 3.0 allows remote attackers to execute arbitra...
E
CVE-2007-2662 SQL injection vulnerability in EfesTECH Haber 5.0 allows remote attackers to execute arbitrary SQL c...
E
CVE-2007-2663 PHP remote file inclusion vulnerability in language/1/splash.lang.php in Beacon 0.2.0 allows remote ...
E
CVE-2007-2664 PHP remote file inclusion vulnerability in includes/common.php in Yaap 1.5 and earlier allows remote...
E
CVE-2007-2665 PHP remote file inclusion vulnerability in block.php in PhpFirstPost 0.1 allows remote attackers to ...
E
CVE-2007-2666 Stack-based buffer overflow in LexRuby.cxx (SciLexer.dll) in Scintilla 1.73, as used by notepad++ 4....
E
CVE-2007-2667 Buffer overflow in the DB Software Laboratory VImpX ActiveX control in VImpX.ocx 4.7.3 allows remote...
E
CVE-2007-2668 Buffer overflow in webdesproxy 0.0.1 allows remote attackers to execute arbitrary code via a long UR...
E
CVE-2007-2669 Multiple cross-site scripting (XSS) vulnerabilities in PHPChain 1.0 and earlier allow remote attacke...
CVE-2007-2670 PHPChain 1.0 and earlier allows remote attackers to obtain the installation path via invalid values ...
CVE-2007-2671 Mozilla Firefox 2.0.0.3 allows remote attackers to cause a denial of service (application crash) via...
E
CVE-2007-2672 SQL injection vulnerability in index.php in PHP Coupon Script 3.0 allows remote attackers to execute...
E
CVE-2007-2673 SQL injection vulnerability in includes/funcs_vendors.php in Censura 1.15.04, and other versions bef...
E
CVE-2007-2674 SQL injection vulnerability in detail.php in Pre Shopping Mall 1.0 allows remote attackers to execut...
E
CVE-2007-2675 SQL injection vulnerability in search.php in Pre Classifieds Listings 1.0 allows remote attackers to...
E
CVE-2007-2676 PHP remote file inclusion vulnerability in skins/header.php in Open Translation Engine (OTE) 0.7.8 a...
E
CVE-2007-2677 Multiple PHP remote file inclusion vulnerabilities in phpChess Community Edition 2.0 allow remote at...
E
CVE-2007-2678 Buffer overflow in the isChecked function in toolbar.dll in Netsprint Toolbar 1.1 might allow remote...
CVE-2007-2679 PHP file inclusion vulnerability in index.php in Ivan Peevski gallery 0.3 in Simple PHP Scripts (sph...
CVE-2007-2680 Cross-site scripting (XSS) vulnerability in the management interface in Canon Network Camera Server ...
S
CVE-2007-2681 Directory traversal vulnerability in blogs/index.php in b2evolution 1.6 allows remote attackers to i...
CVE-2007-2682 The installer for Adobe Version Cue CS3 Server on Apple Mac OS X, as used in Adobe Creative Suite 3 ...
S
CVE-2007-2683 Buffer overflow in Mutt 1.4.2 might allow local users to execute arbitrary code via "&" characters i...
CVE-2007-2684 Jetbox CMS 2.1 allows remote attackers to obtain sensitive information via (1) a direct request to (...
E
CVE-2007-2685 Multiple SQL injection vulnerabilities in index.php in Jetbox CMS 2.1 allow remote attackers to exec...
E
CVE-2007-2686 Cross-site scripting (XSS) vulnerability in index.php in Jetbox CMS 2.1 allows remote attackers to i...
E
CVE-2007-2687 Stack-based buffer overflow in the MicroWorld Agent service (MWAGENT.EXE) in MicroWorld Technologies...
S
CVE-2007-2688 The Cisco Intrusion Prevention System (IPS) and IOS with Firewall/IPS Feature Set do not properly ha...
CVE-2007-2689 Check Point Web Intelligence does not properly handle certain full-width and half-width Unicode char...
CVE-2007-2690 Multiple IBM ISS Proventia Series products, including the A, G, and M series, do not properly handle...
CVE-2007-2691 MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privileg...
S
CVE-2007-2692 The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore T...
CVE-2007-2693 MySQL before 5.1.18 allows remote authenticated users without SELECT privileges to obtain sensitive ...
S
CVE-2007-2694 Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Express and WebLogic Server 6.1 ...
S
CVE-2007-2695 The HttpClusterServlet and HttpProxyServlet in BEA WebLogic Express and WebLogic Server 6.1 through ...
S
CVE-2007-2696 The JMS Server in BEA WebLogic Server 6.1 through SP7, 7.0 through SP6, and 8.1 through SP5 enforces...
S
CVE-2007-2697 The embedded LDAP server in BEA WebLogic Express and WebLogic Server 7.0 through SP6, 8.1 through SP...
S
CVE-2007-2698 The Administration Console in BEA WebLogic Server 9.0 may show plaintext Web Service attributes duri...
S
CVE-2007-2699 The Administration Console in BEA WebLogic Express and WebLogic Server 9.0 and 9.1 does not properly...
S
CVE-2007-2700 The WLST script generated by the configToScript command in BEA WebLogic Express and WebLogic Server ...
CVE-2007-2701 The JMS Message Bridge in BEA WebLogic Server 7.0 through SP7 and 8.1 through Service Pack 6, when c...
S
CVE-2007-2702 Cross-site scripting (XSS) vulnerability in the GroupSpace application in BEA WebLogic Portal 9.2 GA...
S
CVE-2007-2703 BEA WebLogic Portal 9.2 GA can corrupt a visitor entitlements role if an administrator provides a lo...
S
CVE-2007-2704 BEA WebLogic Server 9.0 through 9.2 allows remote attackers to cause a denial of service (SSL port u...
S
CVE-2007-2705 Directory traversal vulnerability in the Test View Console in BEA WebLogic Integration 9.2 before SP...
S
CVE-2007-2706 PHP remote file inclusion vulnerability in maint/ftpmedia.php in Media Gallery 1.4.8a and earlier fo...
E
CVE-2007-2707 PHP remote file inclusion vulnerability in linksnet_linkslog_rss.php in Linksnet Newsfeed 1.0 allows...
E
CVE-2007-2708 PHP remote file inclusion vulnerability in newsadmin.php in Feindt Computerservice News (News-Script...
E
CVE-2007-2709 PHP remote file inclusion vulnerability in functions/prepend_adm.php in NagiosQL 2005 2.00 allows re...
E
CVE-2007-2710 PHP remote file inclusion vulnerability in functions/prepend_adm.php in NagiosQL 2.00-P00 and earlie...
CVE-2007-2711 Stack-based buffer overflow in TinyIdentD 2.2 and earlier allows remote attackers to execute arbitra...
E
CVE-2007-2712 Unspecified vulnerability in MH Software Connect Daily before 3.3.3 has unknown impact and attack ve...
S
CVE-2007-2713 ifdate 2.x sends a redirect to the web browser but does not exit when administrative credentials are...
CVE-2007-2714 Unspecified vulnerability in akismet.php in Matt Mullenweg Akismet before 2.0.2, a WordPress plugin,...
E S
CVE-2007-2715 Admin/users.php in Snaps! Gallery 1.4.4 allows remote attackers to change arbitrary usernames and pa...
E
CVE-2007-2716 Multiple cross-site scripting (XSS) vulnerabilities in EQdkp 1.3.2c and earlier allow remote attacke...
CVE-2007-2717 SQL injection vulnerability in shop/page.php in iGeneric (iG) Shop 1.4 allows remote attackers to ex...
E
CVE-2007-2718 Cross-site scripting (XSS) vulnerability in the WebMail system in Stalker CommuniGate Pro 5.1.8 and ...
S
CVE-2007-2719 Session fixation vulnerability in HP Systems Insight Manager (SIM) 4.2 and 5.0 SP4 and SP5 allows re...
S
CVE-2007-2720 Group-Office before 2.16-13 does not properly validate user IDs, which allows remote attackers to ob...
S
CVE-2007-2721 The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer JPEG-2000 library (libjasper) befor...
E
CVE-2007-2722 Unspecified vulnerability in NewzCrawler 1.8 allows remote attackers to cause a denial of service (a...
E
CVE-2007-2723 Media Player Classic 6.4.9.0 allows user-assisted remote attackers to cause a denial of service (web...
CVE-2007-2724 Cross-site scripting (XSS) vulnerability in all_photos.html in fotolog allows remote attackers to in...
CVE-2007-2725 The DB Software Laboratory DeWizardX (DEWizardAX.ocx) ActiveX control allows remote attackers to ove...
E
CVE-2007-2726 BitsCast 0.13.0 allows remote attackers to cause a denial of service (application crash) via an RSS ...
E
CVE-2007-2727 The mcrypt_create_iv function in ext/mcrypt/mcrypt.c in PHP before 4.4.7, 5.2.1, and possibly 5.0.x ...
E S
CVE-2007-2728 The soap extension in PHP calls php_rand_r with an uninitialized seed variable, which has unknown im...
CVE-2007-2729 Comodo Firewall Pro 2.4.18.184 and Comodo Personal Firewall 2.3.6.81, and probably older Comodo Fire...
CVE-2007-2730 Check Point ZoneAlarm Pro before 6.5.737.000 does not properly test for equivalence of process ident...
CVE-2007-2731 CRLF injection vulnerability in formmail.php in Jetbox CMS 2.1 might allow remote attackers to injec...
E
CVE-2007-2732 Multiple cross-site scripting (XSS) vulnerabilities in Jetbox CMS allow remote attackers to inject a...
CVE-2007-2733 Unrestricted file upload vulnerability in Jetbox CMS allows remote authenticated users with author p...
CVE-2007-2734 The 3Com TippingPoint IPS do not properly handle certain full-width and half-width Unicode character...
S
CVE-2007-2735 SQL injection vulnerability in edit_day.php in the ResManager 1.2.1 and earlier module for Xoops all...
E
CVE-2007-2736 PHP remote file inclusion vulnerability in index.php in Achievo 1.1.0 allows remote attackers to exe...
E
CVE-2007-2737 SQL injection vulnerability in index.php in the MyConference 1.0 module for Xoops allows remote atta...
CVE-2007-2738 SQL injection vulnerability in glossaire-p-f.php in the Glossaire 1.7 and earlier module for Xoops a...
E
CVE-2007-2739 Cross-site scripting (XSS) vulnerability in xajax before 0.2.5 allows remote attackers to inject arb...
S
CVE-2007-2740 Unspecified vulnerability in xajax before 0.2.5 has unknown impact and attack vectors, not related t...
S
CVE-2007-2741 Stack-based buffer overflow in Little CMS (lcms) before 1.15 allows remote attackers to execute arbi...
E S
CVE-2007-2742 Unrestricted file upload vulnerability in labs.beffa.org w2box 4.0.0 Beta4 allows remote attackers t...
E
CVE-2007-2743 PHP remote file inclusion vulnerability in custom_vars.php in GlossWord 1.8.1 allows remote attacker...
E
CVE-2007-2744 Stack-based buffer overflow in the PrecisionID Barcode 1.9 ActiveX control in PrecisionID_Barcode.dl...
E
CVE-2007-2745 Cross-site scripting (XSS) vulnerability in printcal.pl in vDesk Webmail 4.03 allows remote attacker...
CVE-2007-2746 The viewList function in lib/WebGUI/Asset/Wobject/DataForm.pm in Plain Black WebGUI before 7.3.14 do...
E
CVE-2007-2747 Directory traversal vulnerability in rdw_helpers.py in rdiffWeb before 0.3.5.1 allows remote attacke...
S
CVE-2007-2748 The substr_count function in PHP 5.2.1 and earlier allows context-dependent attackers to obtain sens...
CVE-2007-2749 SQL injection vulnerability in question.php in FAQEngine 4.16.03 and earlier allows remote attackers...
E
CVE-2007-2750 SQL injection vulnerability in print.php in SimpNews 2.40.01 and earlier allows remote attackers to ...
E
CVE-2007-2751 Multiple PHP remote file inclusion vulnerabilities in PHPGlossar 0.8 allow remote attackers to execu...
E
CVE-2007-2752 SQL injection vulnerability in devami.asp in RunawaySoft Haber portal 1.0 allows remote attackers to...
E
CVE-2007-2753 RunawaySoft Haber portal 1.0 stores sensitive information under the web root with insufficient acces...
E
CVE-2007-2754 Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote atta...
E S
CVE-2007-2755 The PrecisionID Barcode 1.9 ActiveX control in PrecisionID_Barcode.dll, when Internet Explorer 6 is ...
E
CVE-2007-2756 The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of servi...
S
CVE-2007-2757 Multiple cross-site scripting (XSS) vulnerabilities in Redoable 1.2 allow remote attackers to inject...
CVE-2007-2758 Multiple buffer overflows in WinImage 8.0.8000 allow user-assisted remote attackers to execute arbit...
CVE-2007-2759 Multiple SQL injection vulnerabilities in the insert function in the ValuePreference class (grid/ed/...
S
CVE-2007-2760 The canUpdate function in model/MRole.java in Adempiere before 3.1.6 does not properly validate user...
S
CVE-2007-2761 Stack-based buffer overflow in MagicISO 5.4 build 239 and earlier allows remote attackers to execute...
E
CVE-2007-2762 Multiple PHP remote file inclusion vulnerabilities in Build it Fast (bif3) 0.4.1 allow remote attack...
E
CVE-2007-2763 Buffer overflow in the UnlockSupport function in the LockModules subsystem in a certain ActiveX cont...
CVE-2007-2764 The embedded Linux kernel in certain Sun-Brocade SilkWorm switches before 20070516 does not properly...
S
CVE-2007-2765 blockhosts.py in BlockHosts before 2.0.3 does not properly parse daemon log files, which allows remo...
CVE-2007-2766 lib/backup-methods.sh in Backup Manager before 0.7.6 provides the MySQL password as a plaintext comm...
S
CVE-2007-2767 Unspecified vulnerability in BES before 3.5.0 in OPeNDAP 4 (Hydrax) before 1.2.1 allows remote attac...
S
CVE-2007-2768 OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to dete...
CVE-2007-2769 BES before 3.5.0 in OPeNDAP 4 (Hydrax) before 1.2.1 does not properly handle compressed files, which...
S
CVE-2007-2770 Stack-based buffer overflow in Eudora 7.1 allows user-assisted, remote SMTP servers to execute arbit...
E
CVE-2007-2771 Stack-based buffer overflow in the LEAD Technologies LeadTools JPEG 2000 LEADJ2K.LEADJ2K.140 ActiveX...
E
CVE-2007-2772 (1) caloggerd.exe (camt70.dll) and (2) mediasvr.exe (catirpc.dll and rwxdr.dll) in CA BrightStor Bac...
E
CVE-2007-2773 SQL injection vulnerability in plugins/mp3playlist/mp3playlist.php in Zomplog 3.8 and earlier allows...
E
CVE-2007-2774 Multiple PHP remote file inclusion vulnerabilities in SunLight CMS 5.3 allow remote attackers to exe...
E
CVE-2007-2775 AlstraSoft Live Support 1.21 sends a redirect to the web browser but does not exit when administrati...
E
CVE-2007-2776 AlstraSoft Template Seller Pro 3.25 and earlier sends a redirect to the web browser but does not exi...
E
CVE-2007-2777 Unrestricted file upload vulnerability in admin/addsptemplate.php in AlstraSoft Template Seller Pro ...
E
CVE-2007-2778 Multiple directory traversal vulnerabilities in MolyX BOARD 2.5.0 allow remote attackers to read arb...
E
CVE-2007-2779 PHP remote file inclusion vulnerability in template_csv.php in Libstats 1.0.3 and earlier allows rem...
E
CVE-2007-2780 PsychoStats 3.0.6b and earlier allows remote attackers to obtain sensitive information via a request...
CVE-2007-2781 Cross-site scripting (XSS) vulnerability in include/sessionRegister.php in WikyBlog before 1.4.13 al...
S
CVE-2007-2782 Packeteer PacketShaper uses fixed increments in TCP initial sequence number (ISN) values, which allo...
CVE-2007-2783 Unspecified vulnerability in Rational Soft Hidden Administrator 1.7 and earlier allows remote attack...
E
CVE-2007-2784 Unspecified vulnerability in globus-job-manager in Globus Toolkit 4.1.1 and earlier (globus_nexus-6....
S
CVE-2007-2785 manage-admins.php in eSyndiCat Pro 1.x allows remote attackers to create additional administrative a...
CVE-2007-2786 Ratbox IRC Daemon (aka ircd-ratbox) 2.2.5 and earlier allows remote attackers to cause a denial of s...
S
CVE-2007-2787 Stack-based buffer overflow in the BrowseDir function in the (1) lttmb14E.ocx or (2) LTRTM14e.DLL Ac...
E
CVE-2007-2788 Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit (JDK) before 1...
S
CVE-2007-2789 The BMP image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03 and 1.6.x before 1.6.0_01...
S
CVE-2007-2790 Cross-site scripting (XSS) vulnerability in shopcontent.asp in VP-ASP Shopping Cart 6.50, and possib...
CVE-2007-2791 Unspecified vulnerability in the Secure Shell (SSH) in HP Tru64 UNIX 5.1B-4 and 5.1B-3 allows remote...
S
CVE-2007-2792 SQL injection vulnerability in the Yet another Newsletter Component (aka YaNC or com_yanc) component...
E
CVE-2007-2793 PHP remote file inclusion vulnerability in ImageImageMagick.php in Geeklog 2.x allows remote attacke...
E
CVE-2007-2795 Multiple buffer overflows in Ipswitch IMail before 2006.21 allow remote attackers or authenticated u...
S
CVE-2007-2796 Arris Cadant C3 CMTS allows remote attackers to cause a denial of service (service termination) via ...
CVE-2007-2797 xterm, including 192-7.el4 in Red Hat Enterprise Linux and 208-3.1 in Debian GNU/Linux, sets the wro...
S
CVE-2007-2798 Stack-based buffer overflow in the rename_principal_2_svc function in kadmind for MIT Kerberos 1.5.3...
S
CVE-2007-2799 Integer overflow in the "file" program 4.20, when running on 32-bit systems, as used in products inc...
CVE-2007-2800 index.php in eTicket 1.5.5.1 and earlier allows remote attackers to obtain sensitive information via...
CVE-2007-2801 Multiple cross-site scripting (XSS) vulnerabilities in open.php in eTicket 1.5.5 and 1.5.5.1, when r...
E
CVE-2007-2802 Cross-site scripting (XSS) vulnerability in cp/ps/Main/login/Login in RM EasyMail Plus allows remote...
E
CVE-2007-2803 SQL injection vulnerability in default.asp in Vizayn Urun Tanitim Sitesi 0.2 allows remote attackers...
E
CVE-2007-2804 Multiple cross-site scripting (XSS) vulnerabilities in scripts/prodList.asp in CandyPress Store 3.5....
CVE-2007-2805 Multiple cross-site scripting (XSS) vulnerabilities in index.php in ClientExec (CE) 3.0 beta2, and p...
CVE-2007-2806 Multiple cross-site scripting (XSS) vulnerabilities in index.php in GaliX 2.0 allow remote attackers...
E
CVE-2007-2807 Stack-based buffer overflow in mod/server.mod/servrmsg.c in Eggdrop 1.6.18, and possibly earlier, al...
E
CVE-2007-2808 Cross-site scripting (XSS) vulnerability in gnatsweb.pl in Gnatsweb 4.00 and Gnats 4.1.99 allows rem...
CVE-2007-2809 Buffer overflow in the transfer manager in Opera before 9.21 for Windows allows user-assisted remote...
S
CVE-2007-2810 SQL injection vulnerability in down_indir.asp in Gazi Download Portal allows remote attackers to exe...
E
CVE-2007-2811 Cross-site scripting (XSS) vulnerability in OSK Advance-Flow 4.41 and earlier allows remote attacker...
S
CVE-2007-2812 Cross-site scripting (XSS) vulnerability in hlstats.php in HLstats 1.35, and possibly earlier, allow...
E
CVE-2007-2813 Cisco IOS 12.4 and earlier, when using the crypto packages and SSL support is enabled, allows remote...
S
CVE-2007-2814 Multiple stack-based buffer overflows in the Pegasus ImagN' ActiveX control (IMW32O40.OCX) 4.00.041 ...
E
CVE-2007-2815 The "hit-highlighting" functionality in webhits.dll in Microsoft Internet Information Services (IIS)...
CVE-2007-2816 Multiple PHP remote file inclusion vulnerabilities in ol'bookmarks 0.7.4 allow remote attackers to e...
E
CVE-2007-2817 SQL injection vulnerability in read/index.php in ol'bookmarks 0.7.4 allows remote attackers to execu...
E
CVE-2007-2818 Cross-site scripting (XSS) vulnerability in cand_login.asp in CactuSoft Parodia 6.4 and earlier allo...
CVE-2007-2819 Cross-site scripting (XSS) vulnerability in reportItem.do in Track+ 3.3.2 and earlier allows remote ...
CVE-2007-2820 Multiple stack-based buffer overflows in the KSign KSignSWAT ActiveX Control (AxKSignSWAT.dll) 2.0.3...
S
CVE-2007-2821 SQL injection vulnerability in wp-admin/admin-ajax.php in WordPress before 2.2 allows remote attacke...
E S
CVE-2007-2822 TutorialCMS 1.01 and earlier, when register_globals is enabled, allows remote attackers to bypass au...
E
CVE-2007-2823 Multiple buffer overflows in HT Editor before 2.0.6 might allow remote attackers to execute arbitrar...
S
CVE-2007-2824 SQL injection vulnerability in paypal.php in AlstraSoft E-Friends 4.21 and earlier allows remote att...
E S
CVE-2007-2825 Multiple cross-site scripting (XSS) vulnerabilities in ReadMsg.php in @Mail 5.02 and earlier allow r...
S
CVE-2007-2826 PHP remote file inclusion vulnerability in lib/addressbook.php in Madirish Webmail 2.0 allows remote...
E
CVE-2007-2827 Heap-based buffer overflow in LEAD Technologies LEADTOOLS ISIS ActiveX Control (ltisi14E.ocx) 14.5.0...
CVE-2007-2828 Cross-site request forgery (CSRF) vulnerability in adsense-deluxe.php in the AdSense-Deluxe 0.x plug...
CVE-2007-2829 The 802.11 network stack in net80211/ieee80211_input.c in MadWifi before 0.9.3.1 allows remote attac...
S
CVE-2007-2830 The ath_beacon_config function in if_ath.c in MadWifi before 0.9.3.1 allows remote attackers to caus...
S
CVE-2007-2831 Array index error in the (1) ieee80211_ioctl_getwmmparams and (2) ieee80211_ioctl_setwmmparams funct...
S
CVE-2007-2832 Cross-site scripting (XSS) vulnerability in the web application firewall in Cisco CallManager before...
E S
CVE-2007-2833 Emacs 21 allows user-assisted attackers to cause a denial of service (crash) via certain crafted ima...
CVE-2007-2834 Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and...
S
CVE-2007-2835 Multiple stack-based buffer overflows in (1) CCE_pinyin.c and (2) xl_pinyin.c in ImmModules/cce/ in ...
CVE-2007-2836 Directory traversal vulnerability in session.rb in Hiki 0.8.0 through 0.8.6 allows remote attackers ...
S
CVE-2007-2837 The (1) getRule and (2) getChains functions in server/rules.cpp in fireflierd (fireflier-server) in ...
S
CVE-2007-2838 The populate_conns function in src/populate_conns.c in GSAMBAD 0.1.4 allows local users to overwrite...
S
CVE-2007-2839 gfax 0.4.2 and probably other versions creates temporary files insecurely, which allows local users ...
CVE-2007-2841 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-3947. Reason: This candidate...
R
CVE-2007-2843 Cross-domain vulnerability in Apple Safari 2.0.4 allows remote attackers to access restricted inform...
E
CVE-2007-2844 PHP 4.x and 5.x before 5.2.1, when running on multi-threaded systems, does not ensure thread safety ...
CVE-2007-2845 Heap-based buffer overflow in the CAB unpacker in avast! Anti-Virus Managed Client before 4.7.700 al...
S
CVE-2007-2846 Heap-based buffer overflow in the SIS unpacker in avast! Anti-Virus Managed Client before 4.7.700 al...
CVE-2007-2847 Multiple cross-site scripting (XSS) vulnerabilities in hlstats.php in HLstats 1.35, and possibly ear...
CVE-2007-2848 Stack-based buffer overflow in the SetPath function in the shComboBox ActiveX control (shcmb80.ocx) ...
CVE-2007-2849 KnowledgeTree Document Management (aka KnowledgeTree Open Source) before STABLE 3.3.7 does not requi...
S
CVE-2007-2850 The Session Reliability Service (XTE) in Citrix MetaFrame Presentation Server 3.0, Presentation Serv...
S
CVE-2007-2851 A certain ActiveX control in LeadTools Raster Variant Object Library (LTRVR14e.dll) 14.5.0.44 allows...
E
CVE-2007-2852 Multiple stack-based buffer overflows in ESET NOD32 Antivirus before 2.70.37.0 allow remote attacker...
S
CVE-2007-2853 The VCDAPILibApi ActiveX control in vc9api.DLL 9.0.0.57 in Virtual CD 9.0.0.2 allows remote attacker...
E
CVE-2007-2854 Multiple SQL injection vulnerabilities in account_change.php in BtiTracker 1.4.1 and earlier allow r...
E
CVE-2007-2855 Buffer overflow in a certain ActiveX control in DartZipLite.dll 1.8.5.3 in Dart ZipLite Compression ...
E
CVE-2007-2856 Buffer overflow in the Dart Communications PowerTCP ZIP Compression ActiveX control in DartZip.dll 1...
E
CVE-2007-2857 PHP remote file inclusion vulnerability in sample/xls2mysql in ABC Excel Parser Pro 4.0 allows remot...
CVE-2007-2858 SQL injection vulnerability in the IP-Search functionality in the IP-Tracking Mod for phpBB 2.0.x al...
CVE-2007-2859 Multiple PHP remote file inclusion vulnerabilities in SimpGB 1.46.0 allow remote attackers to execut...
CVE-2007-2860 user.php in BoastMachine 3.0 platinum allows remote authenticated users to gain privileges via a mod...
CVE-2007-2861 Multiple PHP remote file inclusion vulnerabilities in Simple Accessible XHTML Online News (SAXON) 4....
CVE-2007-2862 Multiple SQL injection vulnerabilities in CubeCart 3.0.16 might allow remote attackers to execute ar...
CVE-2007-2863 Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (form...
S
CVE-2007-2864 Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (form...
S
CVE-2007-2865 Cross-site scripting (XSS) vulnerability in sqledit.php in phpPgAdmin 4.1.1 allows remote attackers ...
CVE-2007-2866 Multiple SQL injection vulnerabilities in modules/admin/modules/gallery.php in PHPEcho CMS 2.0-rc1 a...
S
CVE-2007-2867 Multiple vulnerabilities in the layout engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x befo...
S
CVE-2007-2868 Multiple vulnerabilities in the JavaScript engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x ...
CVE-2007-2869 The form autocomplete feature in Mozilla Firefox 1.5.x before 1.5.0.12, 2.x before 2.0.0.4, and poss...
CVE-2007-2870 Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows ...
CVE-2007-2871 Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows ...
CVE-2007-2872 Multiple integer overflows in the chunk_split function in PHP 5 before 5.2.3 and PHP 4 before 4.4.8 ...
S
CVE-2007-2873 SpamAssassin 3.1.x, 3.2.0, and 3.2.1 before 20070611, when running as root in unusual configurations...
CVE-2007-2874 Buffer overflow in the wpa_printf function in the debugging code in wpa_supplicant in the Fedora Net...
S
CVE-2007-2875 Integer underflow in the cpuset_tasks_read function in the Linux kernel before 2.6.20.13, and 2.6.21...
S
CVE-2007-2876 The sctp_new function in (1) ip_conntrack_proto_sctp.c and (2) nf_conntrack_proto_sctp.c in Netfilte...
CVE-2007-2877 Buffer overflow in tcl/win/tclWinReg.c in Tcl (Tcl/Tk) before 8.5a6 allows local users to gain privi...
S
CVE-2007-2878 The VFAT compat ioctls in the Linux kernel before 2.6.21.2, when run on a 64-bit system, allow local...
E S
CVE-2007-2879 Cross-site scripting (XSS) vulnerability in mods.php in GTP GNUTurk Portal System 3G allows remote a...
CVE-2007-2880 Multiple cross-site scripting (XSS) vulnerabilities in Digirez 3.4 allow remote attackers to inject ...
CVE-2007-2881 Multiple stack-based buffer overflows in the SOCKS proxy support (sockd) in Sun Java Web Proxy Serve...
S
CVE-2007-2882 Unspecified vulnerability in the NFS client module in Sun Solaris 8 through 10 before 20070524, when...
E S
CVE-2007-2883 Credant Mobile Guardian Shield for Windows 5.2.1.105 and earlier stores account names and passwords ...
S
CVE-2007-2884 Multiple stack-based buffer overflows in Microsoft Visual Basic 6 allow user-assisted remote attacke...
E
CVE-2007-2885 The NotSafe function in the MSVDTDatabaseDesigner7 ActiveX control in VDT70.DLL in Microsoft Visual ...
E
CVE-2007-2886 Unspecified vulnerability in the Nortel CS 1000 M media card in Enterprise VoIP-Core-CS 1000E, 1000M...
S
CVE-2007-2887 Cross-site scripting (XSS) vulnerability in index.php in Web Icerik Yonetim Sistemi (WIYS) 1.0 allow...
CVE-2007-2888 Stack-based buffer overflow in UltraISO 8.6.2.2011 and earlier allows user-assisted remote attackers...
E
CVE-2007-2889 SQL injection vulnerability in tracking/courseLog.php in Dokeos 1.6.5 and earlier allows remote atta...
E
CVE-2007-2890 SQL injection vulnerability in category.php in cpCommerce 1.1.0 and earlier allows remote attackers ...
E
CVE-2007-2891 Multiple PHP remote file inclusion vulnerabilities in FirmWorX 0.1.2 allow remote attackers to execu...
E
CVE-2007-2892 Cross-site scripting (XSS) vulnerability in news.asp in ASP-Nuke 2.0.7 allows remote attackers to in...
E
CVE-2007-2893 Heap-based buffer overflow in the bx_ne2k_c::rx_frame function in iodev/ne2k.cc in the emulated NE20...
CVE-2007-2894 The emulated floppy disk controller in Bochs 2.3 allows local users of the guest operating system to...
CVE-2007-2895 Buffer overflow in a certain ActiveX control in LTRDF14e.DLL 14.5.0.44 in LeadTools Raster Dialog Fi...
CVE-2007-2896 Race condition in the Symantec Enterprise Security Manager (ESM) 6.5.3 managers and agents on Window...
S
CVE-2007-2897 Microsoft Internet Information Services (IIS) 6.0 allows remote attackers to cause a denial of servi...
CVE-2007-2898 SQL injection vulnerability in includes/rating.php in 2z Project 0.9.5 allows remote attackers to ex...
E
CVE-2007-2899 Direct static code injection vulnerability in admin_config.php in NavBoard 2.6.0 allows remote attac...
E
CVE-2007-2900 Multiple PHP remote file inclusion vulnerabilities in Scallywag 2005-04-25 allow remote attackers to...
E
CVE-2007-2901 Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.0 and earlier allow remote attacke...
E
CVE-2007-2902 SQL injection vulnerability in main/auth/my_progress.php in Dokeos 1.8.0 and earlier allows remote a...
E
CVE-2007-2903 Buffer overflow in the HelpPopup method in the Microsoft Office 2000 Controllo UA di Microsoft Offic...
E
CVE-2007-2904 Cross-site scripting (XSS) vulnerability in Sun Java System Messaging Server 6.0 through 6.3, when I...
S
CVE-2007-2905 SQL injection vulnerability in includes/rating.php in 2z Project 0.9.5 allows remote attackers to ex...
E
CVE-2007-2906 Java Embedding Plugin 0.9.6.1 allows remote attackers to cause a denial of service (browser crash) v...
S
CVE-2007-2907 Unspecified vulnerability in SSL-Explorer before 0.2.13 allows remote authenticated users to enter r...
S
CVE-2007-2908 Cross-site scripting (XSS) vulnerability in calendar.php in Jelsoft vBulletin before 3.6.6 allows re...
CVE-2007-2909 Cross-site scripting (XSS) vulnerability in calendar.php in Jelsoft vBulletin 3.6.x before 3.6.7 all...
S
CVE-2007-2910 Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin before 3.6.7 PL1 allows remote attacke...
S
CVE-2007-2911 SQL injection vulnerability in admincp/attachment.php in Jelsoft vBulletin before 3.6.6 allows remot...
S
CVE-2007-2912 Unspecified vulnerability in Jelsoft vBulletin before 3.6.6, when unauthenticated User Infraction Pe...
E
CVE-2007-2913 Cross-site scripting (XSS) vulnerability in index.php in ClonusWiki .5 allows remote attackers to in...
CVE-2007-2914 Multiple cross-site scripting (XSS) vulnerabilities in PsychoStats 3.0.6b allow remote attackers to ...
CVE-2007-2915 Cross-site scripting (XSS) vulnerability in RM EasyMail Plus allows remote attackers to inject arbit...
CVE-2007-2916 Cross-site scripting (XSS) vulnerability in showown.php in GMTT Music Distro 1.2 allows remote attac...
CVE-2007-2917 Multiple buffer overflows in a certain ActiveX control in odapi.dll in Authentium Command Antivirus ...
S
CVE-2007-2918 Multiple stack-based buffer overflows in ActiveX controls (1) VibeC in (a) vibecontrol.dll, (2) Call...
CVE-2007-2919 Multiple stack-based buffer overflows in the FViewerLoading ActiveX control (FlipViewerX.dll) in E-B...
S
CVE-2007-2920 Multiple stack-based buffer overflows in the Zoomify Viewer ActiveX control in ZActiveX.dll might al...
CVE-2007-2921 Multiple buffer overflows in acgm.dll in the Corel / Micrografx ActiveCGM Browser ActiveX control be...
S
CVE-2007-2923 The launch method in the LocalExec ActiveX control (LocalExec.ocx) in Novell exteNd Director 4.1 and...
E S
CVE-2007-2924 Multiple buffer overflows in RealNetworks GameHouse dldisplay ActiveX control (ghdlctl.dll) allow re...
E
CVE-2007-2925 The default access control lists (ACL) in ISC BIND 9.4.0, 9.4.1, and 9.5.0a1 through 9.5.0a5 do not ...
CVE-2007-2926 ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids wh...
CVE-2007-2927 Unspecified vulnerability in Atheros 802.11 a/b/g wireless adapter drivers before 5.3.0.35, and 6.x ...
S
CVE-2007-2928 Format string vulnerability in the IBM Lenovo Access Support acpRunner ActiveX control, as distribut...
CVE-2007-2929 The IBM Lenovo Access Support acpRunner ActiveX control, as distributed in acpcontroller.dll before ...
CVE-2007-2930 The (1) NSID_SHUFFLE_ONLY and (2) NSID_USE_POOL PRNG algorithms in ISC BIND 8 before 8.4.7-P1 genera...
S
CVE-2007-2931 Heap-based buffer overflow in Microsoft MSN Messenger 6.2, 7.0, and 7.5, and Live Messenger 8.0 allo...
E
CVE-2007-2932 Cross-site scripting (XSS) vulnerability in index.php in BoastMachine allows remote attackers to inj...
CVE-2007-2933 SQL injection vulnerability in index.php in the Phil-a-Form (com_philaform) 1.2.0.0 and earlier comp...
E
CVE-2007-2934 Directory traversal vulnerability in skins/common.css.php in Vistered Little 1.6a allows remote atta...
E
CVE-2007-2935 core/spellcheck/spellcheck.php in Fundanemt before 2.2.0.1 allows remote attackers to execute arbitr...
E S
CVE-2007-2936 Multiple PHP remote file inclusion vulnerabilities in Frequency Clock 0.1b (Beta 0.1) allow remote a...
E
CVE-2007-2937 PHP remote file inclusion vulnerability in admin/admin.php in TROforum 0.1 allows remote attackers t...
E
CVE-2007-2938 Buffer overflow in the BaseRunner ActiveX control in the Ademco ATNBaseLoader100 Module (ATNBaseLoad...
E
CVE-2007-2939 Multiple PHP remote file inclusion vulnerabilities in Mazen's PHP Chat 3.0.0 allow remote attackers ...
E
CVE-2007-2940 Multiple PHP remote file inclusion vulnerabilities in FlaP 1.0b (1.0 Beta) allow remote attackers to...
E
CVE-2007-2941 Multiple PHP remote file inclusion vulnerabilities in the creator in vBulletin Google Yahoo Site Map...
E
CVE-2007-2942 SQL injection vulnerability in user.php in My Little Forum 1.7 and earlier allows remote attackers t...
E
CVE-2007-2943 PHP remote file inclusion vulnerability in class/class.php in Webavis 0.1.1 allows remote attackers ...
E
CVE-2007-2944 WabCMS 1.0 stores sensitive information under the web root with insufficient access control, which a...
CVE-2007-2945 RMForum stores sensitive information under the web root with insufficient access control, which allo...
CVE-2007-2946 Buffer overflow in a certain ActiveX control in LeadTools Raster Dialog File_D Object (LTRDFD14e.DLL...
E
CVE-2007-2947 Multiple PHP remote file inclusion vulnerabilities in OpenBASE Alpha 0.6 allow remote attackers to e...
E
CVE-2007-2948 Multiple stack-based buffer overflows in stream/stream_cddb.c in MPlayer before 1.0rc1try3 allow rem...
S
CVE-2007-2949 Integer overflow in the seek_to_and_unpack_pixeldata function in the psd.c plugin in Gimp 2.2.15 all...
S
CVE-2007-2950 Centennial Discovery 2006 Feature Pack 1, which is used by (1) Numara Asset Manager 8.0 and (2) Syma...
CVE-2007-2951 The parseIrcUrl function in src/kvirc/kernel/kvi_ircurl.cpp in KVIrc 3.2.0 allows user-assisted remo...
S
CVE-2007-2952 Multiple stack-based buffer overflows in the filter service (aka k9filter.exe) in Blue Coat K9 Web P...
CVE-2007-2953 Format string vulnerability in the helptags_one function in src/ex_cmds.c in Vim 6.4 and earlier, an...
S
CVE-2007-2954 Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2...
S
CVE-2007-2955 Multiple unspecified "input validation error" vulnerabilities in multiple ActiveX controls in NavCom...
CVE-2007-2956 Stack-based buffer overflow in the readRadianceHeader function in (1) src/fileformat/rgbeio.cpp in p...
S
CVE-2007-2957 Integer overflow in McAfee E-Business Server before 8.5.3 for Solaris, and before 8.1.2 for Linux, H...
S
CVE-2007-2958 Format string vulnerability in the inc_put_error function in src/inc.c in Sylpheed 2.4.4, and Sylphe...
S
CVE-2007-2959 SQL injection vulnerability in manufacturer.php in cpCommerce before 1.1.0 allows remote attackers t...
E
CVE-2007-2960 Multiple directory traversal vulnerabilities in Scallywag 2005-04-25 allow remote attackers to inclu...
CVE-2007-2961 Unrestricted file upload vulnerability in FileCloset before 1.1.5 allows remote attackers to upload ...
S
CVE-2007-2962 Cross-site scripting (XSS) vulnerability in search.php in Particle Gallery 1.0.1 and earlier allows ...
CVE-2007-2963 Multiple cross-site scripting (XSS) vulnerabilities in Invision Power Board (IPB or IP.Board) 2.2.2,...
S
CVE-2007-2964 The fsmsh.dll host module in F-Secure Policy Manager Server 7.00 and earlier allows remote attackers...
S
CVE-2007-2965 Unspecified vulnerability in the Real-time Scanning component in multiple F-Secure products, includi...
S
CVE-2007-2966 Buffer overflow in the LHA decompression component in F-Secure anti-virus products for Microsoft Win...
S
CVE-2007-2967 Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070522 allow remote a...
S
CVE-2007-2968 Cross-site scripting (XSS) vulnerability in register.php in cpCommerce 1.1.0 and earlier allows remo...
CVE-2007-2969 PHP remote file inclusion vulnerability in newsletter.php in WAnewsletter 2.1.3 and earlier allows r...
E
CVE-2007-2970 Multiple cross-site scripting (XSS) vulnerabilities in cgi/block.cgi in 8e6 R3000 Internet Filter al...
CVE-2007-2971 SQL injection vulnerability in getnewsitem.php in gCards 1.46 and earlier allows remote attackers to...
E
CVE-2007-2972 The file parsing engine in Avira Antivir Antivirus before 7.04.00.24 allows remote attackers to caus...
S
CVE-2007-2973 Avira Antivir Antivirus before 7.03.00.09 allows remote attackers to cause a denial of service (infi...
S
CVE-2007-2974 Buffer overflow in the file parsing engine in Avira Antivir Antivirus before 7.03.00.09 allows remot...
S
CVE-2007-2975 The admin console in Ignite Realtime Openfire 3.3.0 and earlier (formerly Wildfire) does not properl...
S
CVE-2007-2976 Centrinity FirstClass 8.3 and earlier, and Server and Internet Services 8.0 and earlier, do not prop...
CVE-2007-2977 Buffer overflow in the receive function in submit/submitcommon.c in the submit daemon in DOMjudge be...
S
CVE-2007-2978 Session fixation vulnerability in eggblog 3.1.0 and earlier allows remote attackers to hijack web se...
E
CVE-2007-2979 Techno Dreams Web Directory / Search Engine 2.0 stores sensitive information under the web root with...
CVE-2007-2980 Heap-based buffer overflow in a certain ActiveX control in LEADTOOLS LEAD Raster ISIS Object (LTRIS1...
E
CVE-2007-2981 Buffer overflow in a certain ActiveX control in LEAD Technologies LEADTOOLS Raster OCR Document Obje...
CVE-2007-2982 Multiple buffer overflows in the British Telecommunications Business Connect webhelper ActiveX contr...
S
CVE-2007-2983 Multiple buffer overflows in the British Telecommunications Consumer webhelper ActiveX control befor...
E
CVE-2007-2984 Multiple stack-based buffer overflows in the Media Technology Group CDPass ActiveX control in CDPass...
S
CVE-2007-2985 Pheap 2.0 allows remote attackers to bypass authentication by setting a pheap_login cookie value to ...
E
CVE-2007-2986 PHP remote file inclusion vulnerability in lib/live_status.lib.php in AdminBot MX 9.0.5 allows remot...
E
CVE-2007-2987 Multiple buffer overflows in certain ActiveX controls in sasatl.dll in Zenturi ProgramChecker allow ...
CVE-2007-2988 A certain admin script in Inout Meta Search Engine sends a redirect to the web browser but does not ...
E
CVE-2007-2989 The libike library in Sun Solaris 9 before 20070529 contains a logic error related to a certain poin...
S
CVE-2007-2990 Unspecified vulnerability in inetd in Sun Solaris 10 before 20070529 allows local users to cause a d...
S
CVE-2007-2991 Cross-site scripting (XSS) vulnerability in includes/send.inc.php in Evenzia CMS allows remote attac...
E
CVE-2007-2992 Multiple SQL injection vulnerabilities in OmegaMw7.asp in OMEGA (aka Omegasoft) INterneSErvicesLosun...
CVE-2007-2993 Multiple cross-site scripting (XSS) vulnerabilities in OmegaMw7.asp in OMEGA (aka Omegasoft) INterne...
CVE-2007-2994 SQL injection vulnerability in news.php in DGNews 2.1 allows remote attackers to execute arbitrary S...
E
CVE-2007-2995 Unspecified vulnerability in sysmgt.websm.rte in IBM AIX 5.2.0 and 5.3.0 has unknown impact and atta...
S
CVE-2007-2996 Unspecified vulnerability in perl.rte 5.8.0.10 through 5.8.0.95 on IBM AIX 5.2, and 5.8.2.10 through...
S
CVE-2007-2997 Multiple SQL injection vulnerabilities in cgi-bin/reorder2.asp in SalesCart Shopping Cart allow remo...
CVE-2007-2998 The Pascal run-time library (PAS$RTL.EXE) before 20070418 on OpenVMS for Integrity Servers 8.3, and ...
S
CVE-2007-2999 Microsoft Windows Server 2003, when time restrictions are in effect for user accounts, generates dif...
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.