Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-2761 | 1 Magiciso | 1 Magiciso | 2018-10-16 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in MagicISO 5.4 build 239 and earlier allows remote attackers to execute arbitrary code via a long filename in a .cue file. | |||||
| CVE-2007-2757 | 1 Dean J Robinson | 1 Redoable | 2018-10-16 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Redoable 1.2 allow remote attackers to inject arbitrary web script or HTML via the s parameter to (1) wp-content/themes/redoable/searchloop.php or (2) wp-content/themes/redoable/header.php. | |||||
| CVE-2007-2772 | 1 Ca | 1 Brightstor Arcserve Backup | 2018-10-16 | 7.8 HIGH | N/A |
| (1) caloggerd.exe (camt70.dll) and (2) mediasvr.exe (catirpc.dll and rwxdr.dll) in CA BrightStor Backup 11.5.2.0 SP2 allow remote attackers to cause a denial of service (NULL dereference and application crash) via a crafted RPC packet. | |||||
| CVE-2007-2734 | 1 3com | 8 3crtpx505-73, 3crx506-96, Tippingpoint 200 and 5 more | 2018-10-16 | 7.5 HIGH | N/A |
| The 3Com TippingPoint IPS do not properly handle certain full-width and half-width Unicode character encodings in an HTTP POST request, which might allow remote attackers to evade detection of HTTP traffic. | |||||
| CVE-2007-2861 | 1 Saxon | 1 Saxon | 2018-10-16 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Simple Accessible XHTML Online News (SAXON) 4.6 allow remote attackers to execute arbitrary PHP code via a URL in the template parameter to (1) news.php, (2) preview.php, or (3) archive-display.php. | |||||
| CVE-2007-2860 | 1 Boastmachine | 1 Boastmachine | 2018-10-16 | 6.5 MEDIUM | N/A |
| user.php in BoastMachine 3.0 platinum allows remote authenticated users to gain privileges via a modified id parameter, as demonstrated by an edit_post action. | |||||
| CVE-2007-2733 | 1 Jetbox | 1 Jetbox Cms | 2018-10-16 | 6.0 MEDIUM | N/A |
| Unrestricted file upload vulnerability in Jetbox CMS allows remote authenticated users with author privileges to upload arbitrary scripts via unspecified vectors, which can be accessed in webfiles/. NOTE: this issue might be a duplicate of CVE-2004-1448. | |||||
| CVE-2007-2724 | 1 Fotolog | 1 Fotolog | 2018-10-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in all_photos.html in fotolog allows remote attackers to inject arbitrary web script or HTML via the user parameter. | |||||
| CVE-2007-2723 | 1 Media Player Classic | 1 Media Player Classic | 2018-10-16 | 7.1 HIGH | N/A |
| Media Player Classic 6.4.9.0 allows user-assisted remote attackers to cause a denial of service (web browser crash) via an "empty" .MPA file, which triggers a divide-by-zero error. | |||||
| CVE-2007-2859 | 1 Simpgb | 1 Simpgb | 2018-10-16 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in SimpGB 1.46.0 allow remote attackers to execute arbitrary PHP code via a URL in the path_simpgb parameter to (1) guestbook.php, (2) search.php, (3) mailer.php, (4) avatars.php, (5) ccode.php, (6) comments.php, (7) emoticons.php, (8) gbdownload.php, and possibly other PHP scripts. | |||||
| CVE-2007-2713 | 1 Ifusionservices | 1 Ifdate | 2018-10-16 | 10.0 HIGH | N/A |
| ifdate 2.x sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to obtain administrative access via a direct request for the admin/ URI. | |||||
| CVE-2007-2729 | 1 Comodo | 2 Comodo Firewall Pro, Comodo Personal Firewall | 2018-10-16 | 7.2 HIGH | N/A |
| Comodo Firewall Pro 2.4.18.184 and Comodo Personal Firewall 2.3.6.81, and probably older Comodo Firewall versions, do not properly test for equivalence of process identifiers for certain Microsoft Windows API functions in the NT kernel 5.0 and greater, which allows local users to call these functions, and bypass firewall rules or gain privileges, via a modified identifier that is one, two, or three greater than the canonical identifier. | |||||
| CVE-2007-2858 | 1 Phpbb | 1 Ip-tracking | 2018-10-16 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in the IP-Search functionality in the IP-Tracking Mod for phpBB 2.0.x allows remote authenticated administrators to execute arbitrary SQL commands via the Search Query field. | |||||
| CVE-2007-2857 | 1 Zakkis Technology Corporation | 1 Php Excel Parser | 2018-10-16 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in sample/xls2mysql in ABC Excel Parser Pro 4.0 allows remote attackers to execute arbitrary PHP code via a URL in the parser_path parameter. | |||||
| CVE-2007-2852 | 1 Eset Software | 1 Nod32 Antivirus | 2018-10-16 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in ESET NOD32 Antivirus before 2.70.37.0 allow remote attackers to execute arbitrary code during (1) delete/disinfect or (2) rename operations via a crafted directory name. | |||||
| CVE-2007-2812 | 1 Hlstats | 1 Hlstats | 2018-10-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in hlstats.php in HLstats 1.35, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO or (2) the action parameter. | |||||
| CVE-2007-2800 | 1 Eticket | 1 Eticket | 2018-10-16 | 5.0 MEDIUM | N/A |
| index.php in eTicket 1.5.5.1 and earlier allows remote attackers to obtain sensitive information via the (1) name[], (2) email[], (3) phone[], or (4) subject[] parameters, which reveals the installation path in the resulting error messages. | |||||
| CVE-2007-2790 | 1 Vp-asp | 1 Vp-asp Shopping Cart | 2018-10-16 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in shopcontent.asp in VP-ASP Shopping Cart 6.50, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the type parameter. | |||||
| CVE-2007-2731 | 1 Jetbox | 1 Jetbox Cms | 2018-10-16 | 4.0 MEDIUM | N/A |
| CRLF injection vulnerability in formmail.php in Jetbox CMS 2.1 might allow remote attackers to inject arbitrary e-mail headers via LF (%0A) sequences in the subject parameter, a related issue to CVE-2007-1898. | |||||
| CVE-2007-2730 | 3 Checkpoint, Comodo, Microsoft | 6 Zonealarm, Comodo Firewall Pro, Comodo Personal Firewall and 3 more | 2018-10-16 | 7.2 HIGH | N/A |
| Check Point ZoneAlarm Pro before 6.5.737.000 does not properly test for equivalence of process identifiers for certain Microsoft Windows API functions in the NT kernel 5.0 and greater, which allows local users to call these functions, and bypass firewall rules or gain privileges, via a modified identifier that is one, two, or three greater than the canonical identifier. | |||||