Vulnerabilities (CVE)

Filtered by NVD-CWE-Other
Total 29523 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-2122 1 Oracle 1 Application Server 2025-04-09 10.0 HIGH N/A
Unspecified vulnerability in the Wireless component in Oracle Application Server 9.0.4.3 has unknown impact and attack vectors, aka AS03.
CVE-2007-1839 1 Codebb 1 Codebb 2025-04-09 7.5 HIGH N/A
Multiple PHP remote file inclusion vulnerabilities in CodeBB 1.1b3 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter to (1) pass_code.php or (2) lang_select.
CVE-2007-4078 1 Alstrasoft 1 Text Ads Enterprise 2025-04-09 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft Text Ads Enterprise allow remote attackers to inject arbitrary web script or HTML via the (1) r parameter to (a) forgot_uid.php, the (2) query or (3) sk parameter to (b) search_results.php, or (4) the pageId parameter to (c) website_page.php.
CVE-2006-6369 1 Invision Power Services 1 Invision Community Blog 2025-04-09 7.5 HIGH N/A
SQL injection vulnerability in lib/entry_reply_entry.php in Invision Community Blog Mod 1.2.4 allows remote attackers to execute arbitrary SQL commands via the eid parameter, when accessed through the "Preview message" functionality.
CVE-2007-2490 1 Livedata 3 Iccp Server, Maintenance Server, Protocol Server 2025-04-09 7.8 HIGH N/A
Unspecified vulnerability in LiveData Server before 5.00.62 allows remote attackers to cause a denial of service (exit) via crafted Connection-Oriented Transport Protocol (COTP) packets.
CVE-2006-6020 1 Blog Torrent 1 Blog Torrent Preview 2025-04-09 6.8 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in announce.php in Blog Torrent Preview 0.92 allows remote attackers to inject arbitrary web script or HTML via the left parameter.
CVE-2007-2476 1 Novell 1 Securelogin 2025-04-09 10.0 HIGH N/A
Unspecified vulnerability in Novell SecureLogin (NSL) 6 SP1 before 6.0.106 has unknown impact and remote attack vectors, related to Active Directory (AD) password changes.
CVE-2007-1662 1 Pcre 1 Pcre 2025-04-09 5.0 MEDIUM N/A
Perl-Compatible Regular Expression (PCRE) library before 7.3 reads past the end of the string when searching for unmatched brackets and parentheses, which allows context-dependent attackers to cause a denial of service (crash), possibly involving forward references.
CVE-2007-2289 1 Alexscriptengine 1 Download-engine 2025-04-09 7.5 HIGH N/A
PHP remote file inclusion vulnerability in admin/includes/spaw/dialogs/insert_link.php in download engine (Download-Engine) 1.4.1 allows remote authenticated users to execute arbitrary PHP code via a URL in the spaw_root parameter, a different vector than CVE-2007-2255. NOTE: this may be an issue in SPAW.
CVE-2006-5850 1 Essen 1 Essentia Web Server 2025-04-09 7.5 HIGH N/A
Stack-based buffer overflow in Essentia Web Server 2.15 for Windows allows remote attackers to execute arbitrary code via a long URI, as demonstrated by a GET or HEAD request. NOTE: some of these details are obtained from third party information.
CVE-2007-1713 1 B21soft 1 Basp21 2025-04-09 6.4 MEDIUM N/A
CRLF injection vulnerability in BSMTP.DLL in B21Soft BASP21 2003.0211, and BASP21 Pro 1.0.702.27 and earlier, allows remote attackers to inject arbitrary headers into e-mail messages via CRLF sequences in Subject lines.
CVE-2007-3207 1 Novell 1 Client 2025-04-09 7.1 HIGH N/A
Buffer overflow in the NFS mount daemon (XNFS.NLM) in Novell NetWare 6.5 SP6, and probably earlier, allows remote attackers to cause a denial of service (abend) via a long path in a mount request.
CVE-2007-2750 1 Simpnews 1 Simpnews 2025-04-09 7.5 HIGH N/A
SQL injection vulnerability in print.php in SimpNews 2.40.01 and earlier allows remote attackers to execute arbitrary SQL commands via the newsnr parameter.
CVE-2006-6988 1 Flashpeak 1 Slim Browser 2025-04-09 7.8 HIGH N/A
Cross-domain vulnerability in Slim Browser 4.07 build 100 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker's originating site that specifies a Location HTTP header that references the target site, which then makes that content available through the outerHTML attribute of the object, a similar vulnerability to CVE-2006-3280.
CVE-2007-1422 1 Duyuru Scripti 1 Duyuru Scripti 2025-04-09 7.5 HIGH N/A
SQL injection vulnerability in goster.asp in fystyq Duyuru Scripti allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2007-0688.
CVE-2006-6128 1 Linux 1 Linux Kernel 2025-04-09 2.1 LOW N/A
The ReiserFS functionality in Linux kernel 2.6.18, and possibly other versions, allows local users to cause a denial of service via a malformed ReiserFS file system that triggers memory corruption when a sync is performed.
CVE-2007-3939 1 Spoonlabs 1 Vivvo Article Management Cms 2025-04-09 6.8 MEDIUM N/A
SQL injection vulnerability in index.php in SpoonLabs Vivvo Article Management CMS (aka phpWordPress) CMS 3.4 and earlier allows remote attackers to execute arbitrary SQL commands via the category parameter.
CVE-2006-4394 1 Apple 1 Mac Os X 2025-04-09 7.5 HIGH N/A
A logic error in LoginWindow in Apple Mac OS X 10.4 through 10.4.7, allows network accounts without GUIds to bypass service access controls and log into the system using loginwindow via unknown vectors.
CVE-2007-3014 1 Activeweb 1 Contentserver 2025-04-09 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in activeWeb contentserver before 5.6.2964 allow remote attackers to inject arbitrary web script or HTML via the msg parameter to (1) errors/rights.asp or (2) errors/transaction.asp, or (3) the name of a MIME type (mimetype).
CVE-2007-1193 1 Orangehrm 1 Orangehrm 2025-04-09 9.3 HIGH N/A
Multiple unspecified vulnerabilities in the Login page in OrangeHRM before 20070212 have unknown impact and attack vectors.