Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-3772 | 1 Psnews | 1 Psnews | 2017-09-28 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in news/show.php in PsNews 1.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the newspath parameter. | |||||
| CVE-2007-3790 | 1 Php | 1 Php | 2017-09-28 | 5.8 MEDIUM | N/A |
| The com_print_typeinfo function in the bz2 extension in PHP 5.2.3 allows context-dependent attackers to cause a denial of service via a long argument. | |||||
| CVE-2007-3808 | 1 Php Arena | 1 Pafiledb | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in includes/search.php in paFileDB 3.6 allows remote attackers to execute arbitrary SQL commands via the categories[] parameter in a search action to index.php, a different vector than CVE-2005-2000. | |||||
| CVE-2007-3809 | 1 Prozilla | 1 Prozilla Directory Script | 2017-09-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Prozilla Directory Script allow remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action to directory.php, and other unspecified vectors. | |||||
| CVE-2007-3810 | 1 It747 | 1 Realtor 747 | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Realtor 747 allows remote attackers to execute arbitrary SQL commands via the categoryid parameter. | |||||
| CVE-2007-3811 | 1 Esyndicat | 1 Esyndicat Directory | 2017-09-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in eSyndiCat allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to news.php or (2) the name parameter to page.php. | |||||
| CVE-2007-3812 | 1 Cmscout | 1 Cmscout | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in forums.php in CMScout 1.23 and earlier allows remote attackers to execute arbitrary SQL commands via the f parameter in a forums action to index.php. | |||||
| CVE-2007-3813 | 1 Mkportal | 1 Noboard Module | 2017-09-28 | 4.3 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in include/user.php in the NoBoard BETA module for MKPortal allows remote attackers to execute arbitrary PHP code via a URL in the MK_PATH parameter. | |||||
| CVE-2007-3840 | 1 Sitetrafficstats | 1 Sitetrafficstats | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in referralUrl.php in Traffic Stats allows remote attackers to execute arbitrary SQL commands via the offset parameter. | |||||
| CVE-2007-3843 | 1 Linux | 1 Linux Kernel | 2017-09-28 | 4.3 MEDIUM | N/A |
| The Linux kernel before 2.6.23-rc1 checks the wrong global variable for the CIFS sec mount option, which might allow remote attackers to spoof CIFS network traffic that the client configured for security signatures, as demonstrated by lack of signing despite sec=ntlmv2i in a SetupAndX request. | |||||
| CVE-2007-3881 | 1 Pictures Rating | 1 Pictures Rating | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Pictures Rating (Picture Rating) allows remote attackers to execute arbitrary SQL commands via the msgid parameter. | |||||
| CVE-2007-3882 | 1 Popscript.com | 1 Expert Advisor | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Expert Advisor allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2007-3883 | 1 Datadynamics | 1 Activebar | 2017-09-28 | 5.1 MEDIUM | N/A |
| The Data Dynamics ActiveBar ActiveX control (actbar3.ocx) 3.2 and earlier allows remote attackers to create or overwrite files via a full pathname in (1) the second argument to the Save method, or the first argument to the (2) SaveLayoutChanges or (3) SaveMenuUsageData method. | |||||
| CVE-2007-3920 | 3 Compiz, Gnome, Ubuntu | 3 Compiz, Screensaver, Ubuntu Linux | 2017-09-28 | 6.2 MEDIUM | N/A |
| GNOME screensaver 2.20 in Ubuntu 7.10, when used with Compiz, does not properly reserve input focus, which allows attackers with physical access to take control of the session after entering an Alt-Tab sequence, a related issue to CVE-2007-3069. | |||||
| CVE-2007-3932 | 1 Joomla | 1 Expose | 2017-09-28 | 7.5 HIGH | N/A |
| uploadimg.php in the Expose RC35 and earlier (com_expose) component for Joomla! sends an error message but does not exit when it detects an attempt to upload a non-JPEG file, which allows remote attackers to upload and execute arbitrary PHP code in the img/ folder. | |||||
| CVE-2007-3934 | 1 Bbs | 1 E-market | 2017-09-28 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in postscript/postscript.php in BBS E-Market allows remote attackers to execute arbitrary PHP code via a URL in the p_mode parameter. | |||||
| CVE-2007-3955 | 1 Linkedin | 1 Toolbar | 2017-09-28 | 6.8 MEDIUM | N/A |
| Buffer overflow in the IEToolbar.IEContextMenu.1 ActiveX control in LinkedInIEToolbar.dll in the LinkedIn Toolbar 3.0.2.1098 allows remote attackers to execute arbitrary code via a long second argument (varBrowser argument) to the search method. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2007-3956 | 2 Microsoft, Teamspeak | 2 All Windows, Web Server | 2017-09-28 | 7.8 HIGH | N/A |
| TeamSpeak WebServer 2.0 for Windows does not validate parameter value lengths and does not expire TCP sessions, which allows remote attackers to cause a denial of service (CPU and memory consumption) via long username and password parameters in a request to login.tscmd on TCP port 14534. | |||||
| CVE-2007-3935 | 1 Phpbb | 1 Supanav | 2017-09-28 | 9.3 HIGH | N/A |
| PHP remote file inclusion vulnerability in link_main.php in the SupaNav 1.0.0 module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | |||||
| CVE-2007-3939 | 1 Spoonlabs | 1 Vivvo Article Management Cms | 2017-09-28 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in SpoonLabs Vivvo Article Management CMS (aka phpWordPress) CMS 3.4 and earlier allows remote attackers to execute arbitrary SQL commands via the category parameter. | |||||