Search Results (351250 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-0184 1 Prenotazioni On Line 1 Syshotel On Line System 2026-04-23 N/A
Absolute path traversal vulnerability in index.php in Sys-Hotel on Line System allows remote attackers to read arbitrary files via an encoded "/" ("%2F") in the file parameter.
CVE-2008-0182 1 Liferay 1 Liferay Enterprise Portal 2026-04-23 N/A
Cross-site request forgery (CSRF) vulnerability in the Admin portlet in Liferay Portal before 4.4.0 allows remote authenticated users to perform unspecified actions as unspecified other authenticated users via the Shutdown message.
CVE-2008-0177 1 Kame 1 Ipcomp 2026-04-23 N/A
The ipcomp6_input function in sys/netinet6/ipcomp_input.c in the KAME project before 20071201 does not properly check the return value of the m_pulldown function, which allows remote attackers to cause a denial of service (system crash) via an IPv6 packet with an IPComp header.
CVE-2008-0173 1 Gforge 1 Gforge 2026-04-23 N/A
SQL injection vulnerability in Gforge 4.6.99 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified parameters, related to RSS exports.
CVE-2008-0159 1 Eggblog 1 Eggblog 2026-04-23 N/A
SQL injection vulnerability in index.php in eggBlog 3.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the eggblogpassword parameter in a cookie.
CVE-2008-0158 1 Shop-script 1 Shop-script 2026-04-23 N/A
Directory traversal vulnerability in index.php in Shop-Script 2.0 and possibly other versions allows remote attackers to read arbitrary files via a .. (dot dot) in the aux_page parameter.
CVE-2008-0163 1 Linux 1 Linux Kernel 2026-04-23 N/A
Linux kernel 2.6, when using vservers, allows local users to access resources of other vservers via a symlink attack in /proc.
CVE-2008-0149 1 Tutos 1 Tutos 2026-04-23 N/A
TUTOS 1.3 allows remote attackers to read system information via a direct request to php/admin/phpinfo.php, which calls the phpinfo function.
CVE-2008-0148 1 Tutos 1 Tutos 2026-04-23 N/A
TUTOS 1.3 does not restrict access to php/admin/cmd.php, which allows remote attackers to execute arbitrary shell commands via the cmd parameter in a direct request.
CVE-2008-0140 1 Uebimiau 1 Webmail 2026-04-23 N/A
Directory traversal vulnerability in error.php in Uebimiau Webmail 2.7.10 and 2.7.2 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the selected_theme parameter, a different vector than CVE-2007-3172.
CVE-2007-5513 1 Oracle 1 Database Server 2026-04-23 N/A
The XML DB (XMLDB) component in Oracle Database 9.2.0.8, 9.2.0.8DV, and 10.1.0.5 generates incorrect audit entries in the USERID column in which (1) long usernames are trimmed to 5 characters, or (2) short entries contain any extra characters from usernames in previous entries, aka DB23.
CVE-2007-5523 1 Oracle 2 Application Server, Collaboration Suite 2026-04-23 N/A
Unspecified vulnerability in the Oracle Internet Directory component in Oracle Application Server 9.0.4.3, 10.1.2.0.2, 10.1.2.2, and 10.1.4.0, and Collaboration Suite 10.1.2, has unknown impact and remote attack vectors, aka AS08.
CVE-2007-5522 1 Oracle 1 Application Server 2026-04-23 N/A
Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 10.1.4.1 has unknown impact and remote attack vectors, aka AS07.
CVE-2007-5525 1 Oracle 2 Application Server, Collaboration Suite 2026-04-23 N/A
Unspecified vulnerability in the Oracle Single Sign-On component in Oracle Application Server 9.0.4.3, 10.1.2.0.2, 10.1.2.2, and 10.1.4.0.1; Collaboration Suite 10.1.2; and Enterprise Manager 10.1.2 has unknown impact and remote attack vectors, aka AS10.
CVE-2007-5526 1 Oracle 2 Application Server, Collaboration Suite 2026-04-23 N/A
Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 10.1.2.0.2, 10.1.2.2, and 10.1.4.1, and Collaboration Suite 10.1.2, has unknown impact and remote attack vectors, aka AS11.
CVE-2007-5535 1 Runcms 1 Runcms 2026-04-23 N/A
Unspecified vulnerability in newbb_plus in RunCms 1.5.2 has unknown impact and attack vectors.
CVE-2007-5532 1 Oracle 1 Peoplesoft Enterprise 2026-04-23 N/A
Unspecified vulnerability in the People Tools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.22.17, 8.47.14, 8.48.13, 8.49.05 has unknown impact and remote attack vectors, aka PSE01.
CVE-2007-5533 1 Oracle 1 Peoplesoft Enterprise 2026-04-23 N/A
Unspecified vulnerability in the People Tools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.47.14, 8.48.13, 8.49.05 has unknown impact and remote attack vectors, aka PSE02.
CVE-2007-5534 1 Oracle 1 Peoplesoft Enterprise 2026-04-23 N/A
Unspecified vulnerability in the HCM component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9 Bundle 13 9.0 Bundle 3 has unknown impact and remote attack vectors, aka PSE_HCM01.
CVE-2007-5536 2 Hp, Hpe 2 Hp-ux, Openssl 2026-04-23 N/A
Unspecified vulnerability in OpenSSL before A.00.09.07l on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to cause a denial of service via unspecified vectors.