Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-3957 | 1 Nipun Jain | 1 Xserver | 2017-09-28 | 5.0 MEDIUM | N/A |
| Buffer overflow in Nipun Jain xserver 0.1 alpha allows remote attackers to cause a denial of service via a POST request with a long URI. | |||||
| CVE-2007-3984 | 1 Zenturi | 1 Zenturi Programchecker | 2017-09-28 | 7.5 HIGH | N/A |
| Buffer overflow in a certain ActiveX control in the NixonMyPrograms class in sasatl.dll 1.5.0.531 in Zenturi ProgramChecker allows remote attackers to execute arbitrary code via a long argument to the Scan method. NOTE: this is probably a different issue than CVE-2007-2987. | |||||
| CVE-2007-3976 | 1 Bwired | 1 Bwired | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in bwired allows remote attackers to execute arbitrary SQL commands via the newsID parameter. | |||||
| CVE-2007-3979 | 1 Netart Media | 1 Blog System | 2017-09-28 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in BlogSite Professional (aka Blog System) 1.x allows remote attackers to execute arbitrary SQL commands via the news_id parameter. | |||||
| CVE-2007-3980 | 1 Rcms Pro | 1 Rgamescript Pro | 2017-09-28 | 10.0 HIGH | N/A |
| PHP remote file inclusion vulnerability in page.php in RCMS Pro RGameScript Pro allows remote attackers to execute arbitrary PHP code via a URL in the id parameter. | |||||
| CVE-2007-3981 | 1 Wsn Links | 1 Wsn Links | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in WSN Links Basic Edition allows remote attackers to execute arbitrary SQL commands via the catid parameter in a displaycat action. | |||||
| CVE-2007-3982 | 1 Datadynamics | 1 Activereports | 2017-09-28 | 5.0 MEDIUM | N/A |
| Absolute path traversal vulnerability in the Data Dynamics ActiveReport (ActiveReports) ActiveX control in actrpt2.dll 2.5 and earlier allows remote attackers to create or overwrite arbitrary files via a full pathname in the first argument to the SaveLayout method. | |||||
| CVE-2007-4007 | 1 Article Directory | 1 Article Directory | 2017-09-28 | 9.3 HIGH | N/A |
| PHP remote file inclusion vulnerability in index.php in Article Directory (Article Site Directory) allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. | |||||
| CVE-2007-4010 | 1 Php | 1 Php | 2017-09-28 | 6.8 MEDIUM | N/A |
| The win32std extension in PHP 5.2.3 does not follow safe_mode and disable_functions restrictions, which allows remote attackers to execute arbitrary commands via the win_shell_execute function. | |||||
| CVE-2007-4032 | 1 Crystal Reality Llc | 1 Crystalplayer Pro | 2017-09-28 | 6.8 MEDIUM | N/A |
| Buffer overflow in CrystalPlayer Pro 1.98 allows user-assisted remote attackers to execute arbitrary code via a long string in a .mls Playlist file. | |||||
| CVE-2007-4046 | 1 Joomla | 1 Pony Gallery | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Pony Gallery (com_ponygallery) 1.5 and earlier component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter. | |||||
| CVE-2007-4053 | 1 Linpha | 1 Linpha | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in include/img_view.class.php in LinPHA 1.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the order parameter to new_images.php. | |||||
| CVE-2007-4054 | 1 Php123 | 1 Top Sites | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in category.php in PHP123 Top Sites allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2007-4055 | 1 8pixel.net | 1 Simple Blog | 2017-09-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in comments_get.asp in SimpleBlog 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: this may be related to CVE-2006-4300. | |||||
| CVE-2007-4057 | 1 Neocrome | 1 Seditio | 2017-09-28 | 6.5 MEDIUM | N/A |
| Unrestricted file upload vulnerability in pfs.php in Neocrome Seditio 121 and earlier allows remote authenticated users to upload arbitrary PHP code via a filename ending with (1) .php.gif, (2) .php.jpg, or (3) .php.png. | |||||
| CVE-2007-4059 | 1 Vmware | 1 Workstation | 2017-09-28 | 5.8 MEDIUM | N/A |
| Absolute path traversal vulnerability in a certain ActiveX control in IntraProcessLogging.dll 5.5.3.42958 in EMC VMware allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SetLogFileName method. | |||||
| CVE-2007-4060 | 1 Frank Yaul | 1 Corehttp | 2017-09-28 | 9.0 HIGH | N/A |
| Multiple buffer overflows in the HttpSprockMake function in http.c in Frank Yaul corehttp 0.5.3alpha allow remote attackers to execute arbitrary code via a long string in the (1) method name or (2) URI in an HTTP request. | |||||
| CVE-2007-4061 | 1 Nessus | 1 Vulnerability Scanner | 2017-09-28 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in a certain ActiveX control in Nessus Vulnerability Scanner 3.0.6 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the argument to the saveNessusRC method, which writes text specified by the addsetConfig method, possibly related to the SCANCTRL.ScanCtrlCtrl.1 ActiveX control in scan.dll. NOTE: this can be leveraged for code execution by writing to a Startup folder. | |||||
| CVE-2007-4065 | 1 Xiph.org | 1 Libvorbis | 2017-09-28 | 4.3 MEDIUM | N/A |
| lib/vorbisfile.c in libvorbisfile in Xiph.Org libvorbis before 1.2.0 allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted OGG file, aka trac Changeset 13217. | |||||
| CVE-2007-4067 | 1 Clever Components | 1 Internet Activex Suite | 2017-09-28 | 9.3 HIGH | N/A |
| Absolute path traversal vulnerability in the clInetSuiteX6.clWebDav ActiveX control in CLINETSUITEX6.OCX in Clever Internet ActiveX Suite 6.2 allows remote attackers to create or overwrite arbitrary files via a full pathname in the second argument to the GetToFile method. NOTE: some of these details are obtained from third party information. | |||||