Export limit exceeded: 367106 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-0053 | 1 Asp Siteware | 1 Autodealer | 2026-04-23 | N/A |
| SQL injection vulnerability in detail.asp in ASP SiteWare autoDealer 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the iPro parameter. | ||||
| CVE-2007-0046 | 2 Adobe, Redhat | 2 Acrobat Reader, Rhel Extras | 2026-04-23 | N/A |
| Double free vulnerability in the Adobe Acrobat Reader Plugin before 8.0.0, as used in Mozilla Firefox 1.5.0.7, allows remote attackers to execute arbitrary code by causing an error via a javascript: URI call to document.write in the (1) FDF, (2) XML, or (3) XFDF AJAX request parameters. | ||||
| CVE-2007-0047 | 1 Adobe | 1 Acrobat Reader | 2026-04-23 | N/A |
| CRLF injection vulnerability in Adobe Acrobat Reader Plugin before 8.0.0, when used with the Microsoft.XMLHTTP ActiveX object in Internet Explorer, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the javascript: URI in the (1) FDF, (2) XML, or (3) XFDF AJAX request parameters. | ||||
| CVE-2007-0049 | 1 Geckovich | 2 Tasktracker, Tasktracker Pro | 2026-04-23 | N/A |
| Geckovich TaskTracker Pro 1.5 and earlier allows remote attackers to add administrative or other accounts via an Add action with a modified GroupID in a direct request to Customize.asp. | ||||
| CVE-2007-0050 | 1 Openpinboard | 1 Openpinboard | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in index.php in OpenPinboard 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the language parameter. NOTE: this issue has been disputed by the developer and a third party, since the variable is set before use. CVE analysis suggests that there is a small time window of risk before the installation is complete | ||||
| CVE-2007-0048 | 1 Adobe | 3 Acrobat, Acrobat 3d, Acrobat Reader | 2026-04-23 | N/A |
| Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, when used with Internet Explorer, Google Chrome, or Opera, allows remote attackers to cause a denial of service (memory consumption) via a long sequence of # (hash) characters appended to a PDF URL, related to a "cross-site scripting issue." | ||||
| CVE-2007-0054 | 1 Belchior Foundry | 1 Vcard Pro | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in gbrowse.php in Belchior Foundry vCard PRO allows remote attackers to inject arbitrary web script or HTML via the sortby parameter. | ||||
| CVE-2007-0055 | 1 Fersch | 1 Formbankserver | 2026-04-23 | N/A |
| Directory traversal vulnerability in formbankcgi.exe/AbfrageForm in Formbankserver 1.9 allows remote attackers to read arbitrary files via directory traversal sequences in the Name parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-0056 | 1 Ashopsoftware | 2 Ashop Administration Panel, Ashop Deluxe | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in AShop Deluxe 4.5 and AShop Administration Panel allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter to (a) ashop/catalogue.php and (b) ashop/basket.php, the (2) exp parameter to ashop/catalogue.php, the (3) searchstring parameter to (c) ashop/search.php, the (4) checkout and (5) action parameters to (d) ashop/shipping.php, the cat parameter to (f) cart-path/admin/editcatalogue.php, and the (7) resultpage parameter to (g) cart-path/admin/salesadmin.php. | ||||
| CVE-2007-0059 | 1 Apple | 1 Quicktime | 2026-04-23 | N/A |
| Cross-zone scripting vulnerability in Apple Quicktime 3 to 7.1.3 allows remote user-assisted attackers to execute arbitrary code and list filesystem contents via a QuickTime movie (.MOV) with an HREF Track (HREFTrack) that contains an automatic action tag with a local URI, which is executed in a local zone during preview, as exploited by a MySpace worm. | ||||
| CVE-2007-0060 | 2 Broadcom, Ca | 24 Advantage Data Transport, Brightstor Portal, Brightstor San Manager and 21 more | 2026-04-23 | N/A |
| Stack-based buffer overflow in the Message Queuing Server (Cam.exe) in CA (formerly Computer Associates) Message Queuing (CAM / CAFT) software before 1.11 Build 54_4 on Windows and NetWare, as used in CA Advantage Data Transport, eTrust Admin, certain BrightStor products, certain CleverPath products, and certain Unicenter products, allows remote attackers to execute arbitrary code via a crafted message to TCP port 3104. | ||||
| CVE-2007-0066 | 1 Microsoft | 6 Home Server, Small Business Server, Windows 2000 and 3 more | 2026-04-23 | N/A |
| The kernel in Microsoft Windows 2000 SP4, XP SP2, and Server 2003, when ICMP Router Discovery Protocol (RDP) is enabled, allows remote attackers to cause a denial of service via fragmented router advertisement ICMP packets that trigger an out-of-bounds read, aka "Windows Kernel TCP/IP/ICMP Vulnerability." | ||||
| CVE-2007-0068 | 1 Ibm | 1 Lotus Domino | 2026-04-23 | N/A |
| IBM Lotus Domino 7.0.x before 7.0.3 does not revalidate the signature on a signed scheduled agent after the agent is modified, which allows remote authenticated users to gain privileges via a modified agent in a server database. | ||||
| CVE-2007-0069 | 1 Microsoft | 3 Windows 2003 Server, Windows Vista, Windows Xp | 2026-04-23 | N/A |
| Unspecified vulnerability in the kernel in Microsoft Windows XP SP2, Server 2003, and Vista allows remote attackers to cause a denial of service (CPU consumption) and possibly execute arbitrary code via crafted (1) IGMPv3 and (2) MLDv2 packets that trigger memory corruption, aka "Windows Kernel TCP/IP/IGMPv3 and MLDv2 Vulnerability." | ||||
| CVE-2007-0075 | 1 Aspbb | 1 Aspbb | 2026-04-23 | N/A |
| AspBB stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing user passwords via a direct request for db/aspbb.mdb. | ||||
| CVE-2007-0076 | 1 2enetworx | 1 Openforum | 2026-04-23 | N/A |
| Openforum stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing user passwords via a direct request for openforum.mdb. | ||||
| CVE-2007-0077 | 1 Lblog | 1 Lblog | 2026-04-23 | N/A |
| lblog stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for a certain file in admin/db/newFolder/. | ||||
| CVE-2007-0078 | 1 Battleblog | 1 Battleblog | 2026-04-23 | N/A |
| BattleBlog stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for database/blankmaster.mdb. | ||||
| CVE-2007-0079 | 1 Rblog | 1 Rblog | 2026-04-23 | N/A |
| rblog stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for (1) data/admin.mdb or (2) data/rblog.mdb. | ||||
| CVE-2007-0081 | 1 Sunbelt | 1 Sunbelt Kerio Personal Firewall | 2026-04-23 | N/A |
| Sunbelt Kerio Personal Firewall (SKPF) 4.3.268 and 4.3.246, and possibly other versions allows local users to provide a Trojan horse iphlpapi.dll to SKPF by placing it in the installation directory. | ||||