Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-0810 | 1 Geeklog | 1 Geeklog | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in MVCnPHP/BaseView.php in GeekLog 2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the glConf[path_libraries] parameter. NOTE: this might be a vulnerability in MVCnPHP rather than a vulnerability in GeekLog. | |||||
| CVE-2007-0809 | 1 Ptirhiikmods | 1 Mod-ch | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in includes/class_template.php in Categories hierarchy (aka CH or mod-CH) 2.1.2 in ptirhiikmods allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | |||||
| CVE-2007-0797 | 1 Bluevirus-design | 1 Sma-db | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in theme/settings.php in bluevirus-design SMA-DB 0.3.9 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the pfad_z parameter. | |||||
| CVE-2007-1428 | 1 Php Labs | 1 Jobsitepro | 2017-10-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search.php in PHP Labs JobSitePro 1.0 allows remote attackers to execute arbitrary SQL commands via the salary parameter. | |||||
| CVE-2007-0785 | 1 Flipsource | 1 Flip | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in previewtheme.php in Flipsource Flip 2.01-final 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the inc_path parameter. | |||||
| CVE-2007-0687 | 1 Michelle | 1 L2j Dropcalc | 2017-10-18 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in i-search.php in Michelle's L2J Dropcalc 4 and earlier allows remote authenticated users to execute arbitrary SQL commands via the itemid parameter. | |||||
| CVE-2007-0686 | 1 Intel | 1 2200bg Proset Wireless | 2017-10-18 | 7.1 HIGH | N/A |
| The Intel 2200BG 802.11 Wireless Mini-PCI driver 9.0.3.9 (w29n51.sys) allows remote attackers to cause a denial of service (system crash) via crafted disassociation packets, which triggers memory corruption of "internal kernel structures," a different vulnerability than CVE-2006-6651. NOTE: this issue might overlap CVE-2006-3992. | |||||
| CVE-2007-0682 | 1 Jv2 | 1 Folder Gallery | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in theme/include_mode/template.php in JV2 Folder Gallery 3.0.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the galleryfilesdir parameter. | |||||
| CVE-2007-1612 | 1 Katalog Plyt Audio | 1 Katalog Plyt Audio | 2017-10-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Katalog Plyt Audio 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the kolumna parameter. | |||||
| CVE-2007-0502 | 1 Webspell | 1 Webspell | 2017-10-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in gallery.php in webSPELL 4.01.02 allows remote attackers to execute arbitrary SQL commands via the picID parameter, a different vector than CVE-2007-0492. | |||||
| CVE-2007-1613 | 1 Mpm Chat | 1 Mpm Chat | 2017-10-18 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in view.php in MPM Chat 2.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the logi parameter. | |||||
| CVE-2007-0681 | 1 Extcalendar | 1 Extcalendar | 2017-10-18 | 7.5 HIGH | N/A |
| profile.php in ExtCalendar 2 and earlier allows remote attackers to change the passwords of arbitrary users without providing the original password, and possibly perform other unauthorized actions, via modified values to register.php. | |||||
| CVE-2007-1615 | 1 Scriptmagix | 1 Scriptmagix Jokes | 2017-10-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in ScriptMagix Jokes 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter. | |||||
| CVE-2007-1616 | 1 Scriptmagix | 1 Scriptmagix Lyrics | 2017-10-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in ScriptMagix Lyrics 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the recid parameter. | |||||
| CVE-2007-1617 | 1 Scriptmagix | 1 Scriptmagix Recipes | 2017-10-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in ScriptMagix Recipes 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter. | |||||
| CVE-2007-0504 | 1 Vote Pro | 1 Vote Pro | 2017-10-18 | 10.0 HIGH | N/A |
| Eval injection vulnerability in poll_frame.php in Vote! Pro 4.0, and possibly other scripts, allows remote attackers to execute arbitrary code via the poll_id parameter, which is supplied to an eval function call, a different vulnerability type than CVE-2005-4632. | |||||
| CVE-2007-0508 | 1 Bbclone | 1 Bbclone | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in lib/selectlang.php in BBClone 0.31 allows remote attackers to execute arbitrary PHP code via a URL in the BBC_LANGUAGE_PATH parameter. | |||||
| CVE-2007-1726 | 1 Icebb | 1 Icebb | 2017-10-18 | 6.5 MEDIUM | N/A |
| Unrestricted file upload vulnerability in index.php in IceBB 1.0-rc5 allows remote authenticated users to upload arbitrary files via the avatar function, which can later be accessed in uploads/. | |||||
| CVE-2007-1725 | 1 Icebb | 1 Icebb | 2017-10-18 | 9.3 HIGH | N/A |
| SQL injection vulnerability in index.php in IceBB 1.0-rc5 allows remote authenticated users to execute arbitrary SQL commands via the filename of an uploaded file to the avatar function, as demonstrated by setting admin privileges. | |||||
| CVE-2007-0680 | 1 Phpbb Tweaked | 1 Phpbb Tweaked | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in includes/functions.php in Phpbb Tweaked 3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | |||||