Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-2093 1 Limesoft 1 Limesoft Guestbook 2026-04-23 N/A
Direct static code injection vulnerability in index.php in Limesoft Guestbook (LS Simple Guestbook) 1.0 allows remote attackers to inject arbitrary PHP code into posts.txt via the message parameter.
CVE-2007-2094 1 Anthologia 1 Anthologia 2026-04-23 N/A
PHP remote file inclusion vulnerability in index.php in Anthologia 0.5.2 allows remote attackers to execute arbitrary PHP code via a URL in the ads_file parameter.
CVE-2007-2090 1 Tumusika Evolution 1 Tumusika Evolution 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in TuMusika Evolution 1.6 allows remote attackers to inject arbitrary web script or HTML via the msg parameter.
CVE-2007-2885 1 Microsoft 1 Visual Database Tools Database Designer 2026-04-23 N/A
The NotSafe function in the MSVDTDatabaseDesigner7 ActiveX control in VDT70.DLL in Microsoft Visual Database Tools (MSVDT) Database Designer 7.0 allows remote attackers to cause a denial of service (Internet Explorer 6 crash) via a long argument.
CVE-2007-2102 1 My Little Homepage 1 My Little Weblog 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in weblog.php in my little weblog allows remote attackers to inject arbitrary web script or HTML via the id parameter, a different vector than CVE-2006-6087.
CVE-2007-2125 1 Oracle 1 Collaboration Suite 2026-04-23 N/A
Unspecified vulnerability in Collaborative Workspace in Oracle Collaboration Suite 10.1.2 has unknown impact and attack vectors, aka OCS01.
CVE-2007-2128 1 Oracle 1 E-business Suite 2026-04-23 N/A
Unspecified vulnerability in the Sales Online component for Oracle E-Business Suite 11.5.10 has unknown impact and remote authenticated attack vectors, aka APPS08.
CVE-2007-2129 1 Oracle 1 Enterprise Manager 2026-04-23 N/A
Unspecified vulnerability in the Agent component in Oracle Enterprise Manager 9.2.0.8 has unknown impact and remote attack vectors, aka EM01.
CVE-2007-2134 1 Oracle 1 Enterpriseone 2026-04-23 N/A
Unspecified vulnerability in the HTML Server in Oracle JD Edwards EnterpriseOne SP23_Q1 and 8.96.I1 has unknown impact and local attack vectors, aka JDE01.
CVE-2007-2136 1 Bmc 1 Patrol Perform Agent 2026-04-23 N/A
Stack-based buffer overflow in bgs_sdservice.exe in BMC Patrol PerformAgent allows remote attackers to execute arbitrary code by connecting to TCP port 10128 and sending certain XDR data, which is not properly parsed.
CVE-2007-2146 1 Minigal 1 Minigal 2026-04-23 N/A
The imagecomments function in classes.php in MiniGal b13 allow remote attackers to inject arbitrary PHP code into a file in the thumbs/ directory via the (1) name or (2) email parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-2150 1 Bluearc 1 Titan 2026-04-23 N/A
BlueArc-FTPD in BlueArc Titan 2x00 devices with firmware 4.2.944b allows remote attackers to redirect traffic to other sites (aka FTP bounce) via the PORT command, a variant of CVE-1999-0017.
CVE-2007-2153 1 Atmail 1 Atmail Webmail 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in atmail.php in @Mail 5.0 allows remote attackers to inject arbitrary web script or HTML via the username parameter.
CVE-2007-2183 1 Php-ring 1 Webring System 2026-04-23 N/A
SQL injection vulnerability in index.php in PHP-Ring Webring System (aka uPHP_ring_website) 0.9 allows remote attackers to execute arbitrary SQL commands via the ring parameter.
CVE-2006-6506 1 Mozilla 1 Firefox 2026-04-23 N/A
The "Feed Preview" feature in Mozilla Firefox 2.0 before 2.0.0.1 sends the URL of the feed when requesting favicon.ico icons, which results in a privacy leak that might allow feed viewing services to determine browsing habits.
CVE-2007-3926 1 Ipswitch 1 Imail Server 2026-04-23 N/A
Ipswitch IMail Server 2006 before 2006.21 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors involving an "overwritten destructor."
CVE-2006-6507 1 Mozilla 1 Firefox 2026-04-23 N/A
Mozilla Firefox 2.0 before 2.0.0.1 allows remote attackers to bypass Cross-Site Scripting (XSS) protection via vectors related to a Function.prototype regression error.
CVE-2006-6517 1 Kdpics 1 Kdpics 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in KDPics 1.16 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) categories parameter to (a) index.php3 or (b) galeries.inc.php3.
CVE-2007-3927 1 Ipswitch 2 Imail Server, Ipswitch Collaboration Suite 2026-04-23 N/A
Multiple buffer overflows in Ipswitch IMail Server 2006 before 2006.21 (1) allow remote attackers to execute arbitrary code via unspecified vectors in Imailsec and (2) allow attackers to have an unknown impact via an unspecified vector related to "subscribe."
CVE-2007-3930 2 Microsoft, Wiki 2 Internet Explorer, Dokuwiki 2026-04-23 N/A
Interpretation conflict between Microsoft Internet Explorer and DocuWiki before 2007-06-26b allows remote attackers to inject arbitrary JavaScript and conduct cross-site scripting (XSS) attacks when spellchecking UTF-8 encoded messages via the spell_utf8test function in lib/exe/spellcheck.php, which triggers HTML document identification and script execution by Internet Explorer even though the Content-Type header is text/plain.