Search Results (351250 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-0333 2 Matthias Graubner, Typo3 2 Mg Help, Typo3 2026-04-23 N/A
SQL injection vulnerability in the Helpdesk (mg_help) extension 1.1.6 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-0334 2 Francisco Cifuentes, Typo3 2 Vote For Tt News, Typo3 2026-04-23 N/A
SQL injection vulnerability in the Vote rank for news (vote_for_tt_news) extension 1.0.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-1345 1 Myiosoft 1 Easycalendar 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in plugins/calendar/calendar_backend.php in MyioSoft EasyCalendar 4.0tr and earlier allows remote attackers to inject arbitrary web script or HTML via the day parameter in a dayview action.
CVE-2010-0335 2 Francisco Cifuentes, Typo3 2 Vote For Tt News, Typo3 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the Vote rank for news (vote_for_tt_news) extension 1.0.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-0336 1 Typo3 2 Kiddog Mysqldumper, Typo3 2026-04-23 N/A
Unspecified vulnerability in the kiddog_mysqldumper (kiddog_mysqldumper) extension 0.0.3 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown attack vectors.
CVE-2008-1347 1 Myiosoft 1 Easycalendar 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in staticpages/easygallery/index.php in MyioSoft EasyGallery 5.0tr and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO or (2) the q parameter in an about action to the help system.
CVE-2007-0508 1 Bbclone 1 Bbclone 2026-04-23 N/A
PHP remote file inclusion vulnerability in lib/selectlang.php in BBClone 0.31 allows remote attackers to execute arbitrary PHP code via a URL in the BBC_LANGUAGE_PATH parameter.
CVE-2007-2542 1 Workbench Survival Guide 1 Workbench Survival Guide 2026-04-23 N/A
PHP remote file inclusion vulnerability in header.php in workbench survival guide 0.11 allows remote attackers to execute arbitrary PHP code via a URL in the path parameter.
CVE-2010-0337 1 Typo3 2 Dl3 Tt News Alerts, Typo3 2026-04-23 N/A
SQL injection vulnerability in the tt_news Mail alert (dl3_tt_news_alerts) extension 0.2.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-0340 1 Typo3 2 Mjseventpro, Typo3 2026-04-23 N/A
SQL injection vulnerability in the MJS Event Pro (mjseventpro) extension 0.2.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-0347 1 Typo3 2 Typo3, Vd Gemomap 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the VD / Geomap (vd_geomap) extension 0.3.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-0356 1 Viscomsoft 1 Movie Player Pro Sdk Activex 2026-04-23 N/A
Stack-based buffer overflow in the MOVIEPLAYER.MoviePlayerCtrl.1 ActiveX control in MoviePlayer.ocx 6.8.0.0 in Viscom Software Movie Player Pro SDK ActiveX 6.8 allows remote attackers to execute arbitrary code via a long strFontName parameter to the DrawText method.
CVE-2010-0363 1 Zeus 1 Zeus Web Server 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in Zeus Web Server before 4.3r5, when SSL is enabled for the admin server, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2002-1785.
CVE-2007-6602 1 Noserub 1 Noserub 2026-04-23 N/A
SQL injection vulnerability in app/models/identity.php in NoseRub 0.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the username field to the login script.
CVE-2008-1353 1 Zabbix 1 Zabbix 2026-04-23 N/A
zabbix_agentd in ZABBIX 1.4.4 allows remote attackers to cause a denial of service (CPU and connection consumption) via multiple vfs.file.cksum commands with a special device node such as /dev/urandom or /dev/zero.
CVE-2007-2570 1 Guilain Omont 1 Wikivi5 2026-04-23 N/A
PHP remote file inclusion vulnerability in handlers/page/show.php in Wikivi5 allows remote attackers to execute arbitrary PHP code via a URL in the sous_rep parameter.
CVE-2007-2584 1 Mcafee 3 Security Center, Securitycenter Agent, Virusscan 2026-04-23 N/A
Buffer overflow in the IsOldAppInstalled function in the McSubMgr.McSubMgr Subscription Manager ActiveX control (MCSUBMGR.DLL) in McAfee SecurityCenter before 6.0.25 and 7.x before 7.2.147 allows remote attackers to execute arbitrary code via a crafted argument.
CVE-2008-5202 1 Otmanager 1 Otmanager Cms 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in OTManager CMS 24a allows remote attackers to inject arbitrary web script or HTML via the conteudo parameter.
CVE-2007-2588 1 Office Ocx 1 Office Viewer Ocx 2026-04-23 N/A
Multiple buffer overflows in the Office Viewer OCX ActiveX control (oa.ocx) 3.2 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long argument to the (1) HttpDownloadFile, (2) Open, (3) OpenWebFile, (4) DoOleCommand, (5) FTPDownloadFile, (6) FTPUploadFile, (7) HttpUploadFile, (8) Save, or (9) SaveWebFile function.
CVE-2007-6199 2 Rsync, Slackware 2 Rsync, Slackware Linux 2026-04-23 N/A
rsync before 3.0.0pre6, when running a writable rsync daemon that is not using chroot, allows remote attackers to access restricted files via unknown vectors that cause rsync to create a symlink that points outside of the module's hierarchy.