Search Results (351250 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-5401 1 Layton Technology 1 Helpbox 2026-04-23 N/A
Unrestricted file upload vulnerability in uploadrequest.asp in Layton HelpBox 3.7.1 allows remote authenticated users to upload and execute arbitrary ASP files, related to not properly checking file extensions.
CVE-2009-0595 1 Phpskelsite 1 Phpskelsite 2026-04-23 N/A
PHP remote file inclusion vulnerability in skysilver/login.tpl.php in phpSkelSite 1.4, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the theme parameter.
CVE-2008-6674 1 Quickersite 1 Quickersite 2026-04-23 N/A
mailPage.asp in QuickerSite 1.8.5 allows remote attackers to flood e-mail accounts with messages via a large number of requests with a modified sEmail parameter.
CVE-2007-5394 1 Adobe 1 Pagemaker 2026-04-23 N/A
Stack-based buffer overflow in AldFs32.dll in Adobe PageMaker 7.0.1 and 7.0.2 allows user-assisted remote attackers to execute arbitrary code via a .PMD file with a crafted font structure, a different vulnerability than CVE-2007-5169 and CVE-2007-6432.
CVE-2007-5391 1 Hp 1 Select Identity 2026-04-23 N/A
Unspecified vulnerability in HP Select Identity 4.01 through 4.01.010 and 4.10 through 4.13.001 allows remote attackers to obtain unspecified access via unknown vectors.
CVE-2007-5373 1 Ldapscripts 1 Ldapscripts 2026-04-23 N/A
ldapscripts 1.4 and 1.7 sends a password as a command line argument when calling some LDAP programs, which might allow local users to read the password by listing the process and its arguments, as demonstrated by a call to ldappasswd in the _changepassword function.
CVE-2007-5372 2 Dws Systems Inc., Ledgersmb 2 Sql-ledger, Ledgersmb 2026-04-23 N/A
Multiple SQL injection vulnerabilities in (a) LedgerSMB 1.0.0 through 1.2.7 and (b) DWS Systems SQL-Ledger 2.x allow remote attackers to execute arbitrary SQL commands via (1) the invoice quantity field or (2) the sort field.
CVE-2007-5340 2 Mozilla, Redhat 4 Firefox, Seamonkey, Thunderbird and 1 more 2026-04-23 N/A
Multiple vulnerabilities in the Javascript engine in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption.
CVE-2007-5330 1 Broadcom 2 Brightstor Arcserve Backup, Brightstor Enterprise Backup 2026-04-23 N/A
The cadbd RPC service in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to (1) execute arbitrary code via stack-based buffer overflows in unspecified RPC procedures, and (2) trigger memory corruption related to the use of "handle" RPC arguments as pointers.
CVE-2008-6670 1 Vertex4 1 Sunage 2026-04-23 N/A
Integer overflow in Vertex4 SunAge 1.08.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted packet to UDP port 27960.
CVE-2007-5332 1 Broadcom 2 Brightstor Arcserve Backup, Brightstor Enterprise Backup 2026-04-23 N/A
Multiple unspecified vulnerabilities in (1) mediasvr and (2) caloggerd in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, have unknown impact and attack vectors related to memory corruption.
CVE-2007-5322 1 Microsoft 1 Visual Foxpro 2026-04-23 N/A
Insecure method vulnerability in the FPOLE.OCX 6.0.8450.0 ActiveX control in Microsoft Visual FoxPro 6.0 allows remote attackers to execute arbitrary programs by specifying them as an argument to the FoxDoCmd function.
CVE-2008-6669 1 Dirk Bartley 1 Nweb2fax 2026-04-23 N/A
viewrq.php in nweb2fax 0.2.7 and earlier allows remote attackers to execute arbitrary code via shell metacharacters in the var_filename parameter in a (1) tif or (2) pdf format action.
CVE-2007-5323 1 Emc 1 Replistor 2026-04-23 N/A
The RepliStor Server Service in EMC Replistor 6.1.3 allows remote attackers to execute arbitrary code via a size value that causes RepliStor to create a smaller buffer than expected, which triggers a buffer overflow when that buffer is used in a recv function call.
CVE-2007-5313 1 Script-solution.de 1 Picturesolution 2026-04-23 N/A
PHP remote file inclusion vulnerability in install/config.php in Picturesolution 2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path parameter.
CVE-2008-6153 1 Jayeshp 1 Pixel8 Web Photo Album 2026-04-23 N/A
SQL injection vulnerability in Photo.asp in Jay Patel Pixel8 Web Photo Album 3.0 allows remote attackers to execute arbitrary SQL commands via the AlbumID parameter.
CVE-2007-5303 1 Snewscms 1 Snewscms Rus 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in news_page.php in SnewsCMS Rus 2.1 allows remote attackers to inject arbitrary web script or HTML via the page_id parameter.
CVE-2007-5306 1 Yannick Tanguy 1 Else If Cms 2026-04-23 N/A
ELSEIF CMS Beta 0.6 allows remote attackers to obtain sensitive information (full path) via unspecified vectors to utilisateurs/votesresultats.php.
CVE-2007-5297 1 Minki 1 Minki 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in Minki 1.30 allows remote attackers to inject arbitrary web script or HTML via the page parameter.
CVE-2007-5294 1 Idmos 1 Idmos 2026-04-23 N/A
PHP remote file inclusion vulnerability in core/aural.php in IDMOS 1.0-beta (aka Phoenix) allows remote attackers to execute arbitrary PHP code via a URL in the site_absolute_path parameter.