Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-1057 | 1 Nortel | 4 Alteon 2424 Application Switch, Net Direct Client, Ssl Vpn Module 1000 and 1 more | 2017-10-10 | 6.9 MEDIUM | N/A |
| The Net Direct client for Linux before 6.0.5 in Nortel Application Switch 2424, VPN 3050 and 3070, and SSL VPN Module 1000 extracts and executes files with insecure permissions, which allows local users to exploit a race condition to replace a world-writable file in /tmp/NetClient and cause another user to execute arbitrary code when attempting to execute this client, as demonstrated by replacing /tmp/NetClient/client. | |||||
| CVE-2006-7194 | 1 Republique Francaise | 1 Agora | 2017-10-10 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in modules/Mysqlfinder/MysqlfinderAdmin.php in Agora 1.4 RC1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the _SESSION[PATH_COMPOSANT] parameter. | |||||
| CVE-2007-1425 | 1 Triexa | 1 Sonicmailer Pro | 2017-10-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Triexa SonicMailer Pro 3.2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the list parameter in an archive action. | |||||
| CVE-2007-1438 | 1 X-ice | 1 News System | 2017-10-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in devami.asp in X-Ice News System 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2006-7071 | 1 Invision Power Services | 1 Invision Power Board | 2017-10-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in classes/class_session.php in Invision Power Board (IPB) 2.1 up to 2.1.6 allows remote attackers to execute arbitrary SQL commands via the CLIENT_IP parameter. | |||||
| CVE-2007-1074 | 1 Dji | 1 Newsbin Pro | 2017-10-10 | 9.3 HIGH | N/A |
| Multiple buffer overflows in NewsBin Pro 5.33 and NewsBin Pro 4.x allow user-assisted remote attackers to execute arbitrary code via a long (1) DataPath or (2) DownloadPath attributed in a (a) NBI file, or (3) a long group field in a (b) NZB file. | |||||
| CVE-2007-1075 | 1 Turbosoft | 1 Turboftp | 2017-10-10 | 7.8 HIGH | N/A |
| TurboFTP 5.30 Build 572 allows remote servers to cause a denial of service (CPU consumption) via a response with a large number of newline characters. | |||||
| CVE-2007-1079 | 1 Rhinosoft | 1 Ftp Voyager | 2017-10-10 | 7.8 HIGH | N/A |
| Stack-based buffer overflow in Rhino Software, Inc. FTP Voyager 14.0.0.3 and earlier allows remote servers to cause a denial of service (crash) via a long response to a CWD command, which triggers the overflow when the user aborts the command. | |||||
| CVE-2007-0199 | 1 Cisco | 1 Ios | 2017-10-10 | 5.0 MEDIUM | N/A |
| The Data-link Switching (DLSw) feature in Cisco IOS 11.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via "an invalid value in a DLSw message... during the capabilities exchange." | |||||
| CVE-2006-7185 | 1 Cmsmelborp | 1 Cmsmelborp | 2017-10-10 | 9.3 HIGH | N/A |
| PHP remote file inclusion vulnerability in includes/user_standard.php in CMSmelborp Beta allows remote attackers to execute arbitrary PHP code via a URL in the relative_root parameter. | |||||
| CVE-2007-1299 | 1 Mani Stats Reader | 1 Mani Stats Reader | 2017-10-10 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in index.php in Mani Stats Reader 1.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the ipath parameter. | |||||
| CVE-2006-7183 | 1 Photography-on-the-net | 1 Exhibit Engine 2 | 2017-10-10 | 10.0 HIGH | N/A |
| PHP remote file inclusion vulnerability in styles.php in Exhibit Engine (EE) 1.22 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the toroot parameter. | |||||
| CVE-2006-7176 | 2 Redhat, Sendmail | 2 Enterprise Linux, Sendmail | 2017-10-10 | 4.3 MEDIUM | N/A |
| The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and earlier does not reject the "localhost.localdomain" domain name for e-mail messages that come from external hosts, which might allow remote attackers to spoof messages. | |||||
| CVE-2007-1282 | 2 Mozilla, Redhat | 4 Seamonkey, Thunderbird, Enterprise Linux and 1 more | 2017-10-10 | 9.3 HIGH | N/A |
| Integer overflow in Mozilla Thunderbird before 1.5.0.10 and SeaMonkey before 1.0.8 allows remote attackers to trigger a buffer overflow and possibly execute arbitrary code via a text/enhanced or text/richtext e-mail message with an extremely long line. | |||||
| CVE-2007-1224 | 1 Grok Developments | 1 Netproxy | 2017-10-10 | 5.0 MEDIUM | N/A |
| Grok Developments NetProxy 4.03 allows remote attackers to bypass URL filtering via a request that omits "http://" from the URL and specifies the destination port (:80). | |||||
| CVE-2007-1080 | 1 Turbosoft | 1 Turboftp | 2017-10-10 | 7.8 HIGH | N/A |
| Multiple heap-based buffer overflows in TurboFTP 5.30 Build 572 allow remote servers to cause a denial of service via (1) long filename in a response to a LIST command, and (2) a long response to a CWD command. | |||||
| CVE-2007-1410 | 1 Gaziyapboz | 1 Game Portal | 2017-10-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in kategori.asp in GaziYapBoz Game Portal allows remote attackers to execute arbitrary SQL commands via the kategori parameter. | |||||
| CVE-2007-1104 | 1 Php Mip | 1 Php Mip | 2017-10-10 | 4.3 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in top.php in PHP Module Implementation (PHP-MIP) 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the laypath parameter. | |||||
| CVE-2007-1105 | 1 Extreme Phpbb | 1 Extreme Phpbb | 2017-10-10 | 5.0 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in functions.php in Extreme phpBB (aka phpBB Extreme) 3.0.1 allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | |||||
| CVE-2007-1219 | 1 Admin Phorum | 1 Admin Phorum | 2017-10-10 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in actions/del.php in Admin Phorum 3.3.1a allows remote attackers to execute arbitrary PHP code via a URL in the include_path parameter. | |||||