Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-2209 | 2 Accusoft, Corel | 2 Imagegear, Paint Shop Pro | 2017-10-10 | 6.8 MEDIUM | N/A |
| Buffer overflow in igcore15d.dll 15.1.2.0 and 15.2.0.0 for AccuSoft ImageGear, as used in Corel Paint Shop Pro Photo 11.20 and possibly other products, allows user-assisted remote attackers to execute arbitrary code via a crafted .CLP file. NOTE: some details were obtained from third party sources. | |||||
| CVE-2007-2346 | 1 Php-generics | 1 Php-generics | 2017-10-10 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in PHP-Generics 1.0 beta allow remote attackers to execute arbitrary PHP code via a URL in the _APP_RELATIVE_PATH parameter to (1) include.php, (2) dbcommon/include.php, and (3) exception/include.php. | |||||
| CVE-2007-2044 | 1 Antonis Ventouris | 1 Weather Module | 2017-10-10 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in mod_weather.php in the Antonis Ventouris Weather module for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the absolute_path parameter. | |||||
| CVE-2007-2345 | 1 Codewand | 1 Phpbrowse | 2017-10-10 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in include/include_stream.inc.php in CodeWand phpBrowse allows remote attackers to execute arbitrary PHP code via a URL in the include_path parameter. | |||||
| CVE-2007-2342 | 1 Creascripts | 1 Creadirectory | 2017-10-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in error.asp in CreaScripts CreaDirectory 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2006-6083. | |||||
| CVE-2007-2049 | 1 Mambo | 1 Mambo Calendar | 2017-10-10 | 6.8 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in the Calendar Module (com_calendar) 1.5.5 for Mambo allow remote attackers to execute arbitrary PHP code via a URL in the absolute_path parameter to (1) com_calendar.php or (2) mod_calendar.php. | |||||
| CVE-2007-2050 | 1 Ricargbook | 1 Ricargbook | 2017-10-10 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in header.php in RicarGBooK 1.2.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) a lang cookie or (2) the language parameter. | |||||
| CVE-2007-2341 | 1 Phpbandmanager | 1 Phpbandmanager | 2017-10-10 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in suite/index.php in phpBandManager 0.8 allows remote attackers to execute arbitrary PHP code via a URL in the pg parameter. | |||||
| CVE-2007-2067 | 1 Webslider | 1 Webslider | 2017-10-10 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Marco Antonio Islas Cruz Web Slider (WebSlider) 0.6 allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) index.php, (2) modules/pdf.php, (3) plugins/highlight.php, or (4) include/modules.php. | |||||
| CVE-2007-2068 | 1 Storefront For Gallery | 1 Storefront Gallery | 2017-10-10 | 6.8 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in the StoreFront mods for Gallery allow remote attackers to execute arbitrary PHP code via a URL in the GALLERY_BASEDIR parameter to (1) mods/business_functions.php or (2) mods/ui_functions.php. | |||||
| CVE-2007-2069 | 1 Openmairie | 1 Openmairie | 2017-10-10 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in scr/soustab.php in openMairie 1.11 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the dsn[phptype] parameter. | |||||
| CVE-2007-2271 | 1 Rajneel Lal Totaram | 1 Usp Foss Distribution | 2017-10-10 | 9.4 HIGH | N/A |
| Directory traversal vulnerability in Rajneel Lal TotaRam USP FOSS Distribution 1.01 allows remote attackers to read arbitrary files via a .. (dot dot) in the dnld parameter. | |||||
| CVE-2007-2079 | 1 Xampp | 1 Apache Distribution | 2017-10-10 | 9.3 HIGH | N/A |
| The ADONewConnection Connect function in adodb.php in XAMPP 1.6.0a and earlier for Windows uses untrusted input for the database server hostname, which allows remote attackers to trigger a library buffer overflow and execute arbitrary code via a long host parameter, or have other unspecified impact. NOTE: it could be argued that this is an issue in mssql_connect (CVE-2007-1411.1) in PHP, or an issue in the ADOdb Library, and the proper fix should be in one of these products; if so, then this should not be treated as a vulnerability in XAMPP. | |||||
| CVE-2007-2080 | 1 Xampp | 1 Apache Distribution | 2017-10-10 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in XAMPP 1.6.0a for Windows allow remote attackers to execute arbitrary SQL commands via unspecified vectors in certain test scripts. | |||||
| CVE-2007-3270 | 1 Phpmyinventory | 1 Phpmyinventory | 2017-10-10 | 10.0 HIGH | N/A |
| PHP remote file inclusion vulnerability in Includes/global.inc.php in phpMyInventory 2.8 allows remote attackers to execute arbitrary PHP code via a URL in the strIncludePrefix parameter. | |||||
| CVE-2007-3271 | 1 Yourfreescreamer | 1 Yourfreescreamer | 2017-10-10 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in templates/2blue/bodyTemplate.php in YourFreeScreamer 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the serverPath parameter. | |||||
| CVE-2007-2211 | 1 Mybulletinboard | 1 Mybulletinboard | 2017-10-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in calendar.php in MyBB (aka MyBulletinBoard) 1.2.5 and earlier allows remote attackers to execute arbitrary SQL commands via the day parameter in a dayview action. | |||||
| CVE-2007-3312 | 1 Efstratios Geroulis | 1 Jasmine Cms | 2017-10-10 | 9.0 HIGH | N/A |
| Directory traversal vulnerability in admin/plugin_manager.php in Jasmine CMS 1.0 allows remote authenticated administrators to include and execute arbitrary local files a .. (dot dot) in the u parameter. NOTE: a separate vulnerability could be leveraged to make this issue exploitable by remote unauthenticated attackers. | |||||
| CVE-2007-3272 | 1 Minibb | 1 Minibb | 2017-10-10 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in index.php in MiniBB 2.0.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the language parameter in a register action. | |||||
| CVE-2007-2094 | 1 Anthologia | 1 Anthologia | 2017-10-10 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in index.php in Anthologia 0.5.2 allows remote attackers to execute arbitrary PHP code via a URL in the ads_file parameter. | |||||