Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-7169 | 1 Ultimate Php Board | 1 Ultimate Php Board | 2017-10-10 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in includes/header_simple.php in Ultimate PHP Board (UPB) 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the _CONFIG[skin_dir] parameter. | |||||
| CVE-2006-7069 | 1 Socketwiz | 1 Bookmarks | 2017-10-10 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in smarty_config.php in Socketwiz Bookmarks 2.0 and earlier allows remote attackers to execute arbitrary PHP code via the root_dir parameter. | |||||
| CVE-2006-7068 | 1 Cliserv | 1 Web Community | 2017-10-10 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in CliServ Web Community 0.65 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cl_headers parameter to (1) menu.php3 and (2) login.php3. | |||||
| CVE-2007-1340 | 1 Weltennetz | 1 News-letterman | 2017-10-10 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in eintrag.php in Weltennetz News-Letterman 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the sqllog parameter. | |||||
| CVE-2006-7152 | 1 Asp-nuke | 1 Asp-nuke | 2017-10-10 | 8.5 HIGH | N/A |
| default.asp in ASP-Nuke Community 1.5 and earlier allows remote attackers to gain privileges by setting certain pseudo cookie values. | |||||
| CVE-2006-7136 | 1 Phppc | 1 Php Poll Creator | 2017-10-10 | 10.0 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in PHP Poll Creator (phpPC) 1.04 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the relativer_pfad parameter to (1) poll.php, (2) poll_kommentar.php, and (3) poll_sm.php, different vectors and version than CVE-2005-1755. | |||||
| CVE-2006-7063 | 1 Tinyphpforum | 1 Tinyphpforum | 2017-10-10 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in profile.php in TinyPHPforum 3.6 and earlier allows remote attackers to include and execute arbitrary files via ".." sequences in the uname parameter. | |||||
| CVE-2007-1696 | 1 Active Web Softwares | 1 Active Newsletter | 2017-10-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ViewNewspapers.asp in Active Newsletter 4.3 and earlier allows remote attackers to execute arbitrary SQL commands via the NewsPaperID parameter. | |||||
| CVE-2007-1697 | 1 Philex | 1 Philex | 2017-10-10 | 10.0 HIGH | N/A |
| PHP remote file inclusion vulnerability in header.inc.php in Philex 0.2.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the CssFile parameter. | |||||
| CVE-2007-1698 | 1 Philex | 1 Philex | 2017-10-10 | 5.0 MEDIUM | N/A |
| download.php in Philex 0.2.3 and earlier allows remote attackers to read arbitrary files and source code, and obtain sensitive information via the file parameter. | |||||
| CVE-2007-1699 | 2 Joomla, Mambo | 2 Swmenu Component, Swmenu Component | 2017-10-10 | 10.0 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in the SWmenu (com_swmenupro and com_swmenufree) 4.0 component for Mambo and Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to ImageManager/Classes/ImageManager.php under the (1) components/ or (2) administrator/components/ directory trees. | |||||
| CVE-2007-1648 | 1 Dev0.de | 1 0irc | 2017-10-10 | 7.8 HIGH | N/A |
| 0irc 1345 build 20060823 allows remote attackers to cause a denial of service (application crash) by operating an IRC server that sends a long string to a client, which triggers a NULL pointer dereference. | |||||
| CVE-2007-1647 | 1 Moodle | 1 Moodle | 2017-10-10 | 7.8 HIGH | N/A |
| Moodle 1.5.2 and earlier stores sensitive information under the web root with insufficient access control, and provides directory listings, which allows remote attackers to obtain user names, password hashes, and other sensitive information via a direct request for session (sess_*) files in moodledata/sessions/. | |||||
| CVE-2007-1702 | 1 Mambo | 1 Flatmenu | 2017-10-10 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in mod_flatmenu.php in the Flatmenu 1.07 and earlier Mambo module allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | |||||
| CVE-2007-1703 | 1 Joomla | 1 Rwcards Component | 2017-10-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the RWCards (com_rwcards) 2.4.3 and earlier component for Joomla! allows remote attackers to execute arbitrary SQL commands via the category_id parameter. | |||||
| CVE-2007-1704 | 1 Joomla | 1 Car Manager | 2017-10-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Car Manager (com_resman) 1.1 and earlier component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2007-1705 | 1 Active Trade | 1 Active Trade | 2017-10-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in Active Trade 2 allows remote attackers to execute arbitrary SQL commands via the catid parameter. | |||||
| CVE-2007-1706 | 1 Ewebquiz | 1 Ewebquiz | 2017-10-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in eWebQuiz.asp in eWebQuiz 8 allows remote attackers to execute arbitrary SQL commands via the QuizID parameter. | |||||
| CVE-2007-1707 | 1 Net-side.net | 1 Net Side Content Management System | 2017-10-10 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in index.php in Net Side Content Management System (Net-Side.net CMS) allows remote attackers to execute arbitrary PHP code via a URL in the cms parameter. | |||||
| CVE-2007-1708 | 1 Ttcms | 1 Ttforum | 2017-10-10 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in lib/db/ez_sql.php in ttCMS 4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the lib_path parameter. | |||||