Total
29947 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-0560 | 1 Asp Edge | 1 Asp Edge | 2026-04-23 | N/A |
| SQL injection vulnerability in user.asp in ASP EDGE 1.2b and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter. | ||||
| CVE-2006-5650 | 1 Aol | 1 Icq | 2026-04-23 | N/A |
| The ICQPhone.SipxPhoneManager ActiveX control in America Online ICQ 5.1 allows remote attackers to download and execute arbitrary code via the DownloadAgent function, as demonstrated using an ICQ avatar. | ||||
| CVE-2006-5643 | 1 Foresite Cms | 1 Foresite Cms | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in search_de.html in foresite CMS allows remote attackers to inject arbitrary web script or HTML via the query parameter. | ||||
| CVE-2006-5642 | 1 Nmnlogger | 1 Nmnlogger | 2026-04-23 | N/A |
| Unspecified vulnerability in NmnLogger 1.0.0 and earlier has unknown impact and attack vectors related to configuration of mesasge drivers. | ||||
| CVE-2007-0361 | 1 Comscripts | 1 Phpmyphorum | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in mep/frame.php in PHPMyphorum 1.5a allows remote attackers to execute arbitrary PHP code via a URL in the chem parameter. | ||||
| CVE-2006-5538 | 1 D-link | 1 Dsl-g624t | 2026-04-23 | N/A |
| D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allows remote attackers to list contents of the cgi-bin directory via unspecified vectors, probably a direct request. | ||||
| CVE-2007-0366 | 1 Maxum Development Corporation | 1 Rumpus Ftp Server | 2026-04-23 | N/A |
| Untrusted search path vulnerability in Rumpus 5.1 and earlier allows local users to gain privileges via a modified PATH that points to a malicious ipfw program. | ||||
| CVE-2006-5545 | 1 Symantec | 1 Mail Security | 2026-04-23 | N/A |
| Premium Antispam in Symantec Mail Security for Domino Server 5.1.x before 5.1.2.28 does not filter certain SMTP address formats, which allows remote attackers to use the product as a spam relay. | ||||
| CVE-2007-0369 | 1 Phpbp | 1 Phpbp | 2026-04-23 | N/A |
| SQL injection vulnerability in phpBP RC3 (2.204) and earlier allows remote attackers to execute arbitrary SQL commands via the comment forum. | ||||
| CVE-2006-5548 | 1 Otscms | 1 Otscms | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in OTSCMS/OTSCMS.php in Open Tibia Server Content Management System (OTSCMS) 2.0.0 through 2.1.3 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[config][directories][classes] parameter. | ||||
| CVE-2007-0372 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 7.9 allow remote attackers to execute arbitrary SQL commands via (1) the active parameter in admin/modules/modules.php; the (2) ad_class, (3) imageurl, (4) clickurl, (5) ad_code, or (6) position parameter in modules/Advertising/admin/index.php; or unspecified vectors in the (7) advertising, (8) weblinks, or (9) reviews section. | ||||
| CVE-2007-0380 | 1 Docman | 1 Docman | 2026-04-23 | N/A |
| DocMan 1.3 RC2 allows remote attackers to obtain sensitive information (the full path) via unspecified vectors. | ||||
| CVE-2007-0382 | 1 Letterman | 1 Letterman | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in letterman.class.php in the Letterman 1.2.3 (com_letterman) component for Joomla! before 1.0.12 allow remote attackers to execute arbitrary SQL commands via the id parameter, related to the (1) lm_sendMail, (2) saveNewsletter, and (3) cancelNewsletter functions. | ||||
| CVE-2007-0385 | 1 Postnuke Software Foundation | 1 Postnuke | 2026-04-23 | N/A |
| The faq section in PostNuke 0.764 allows remote attackers to obtain sensitive information (the full path) via "unvalidated output" in FAQ/index.php, possibly involving an undefined id_cat variable. | ||||
| CVE-2007-0386 | 1 Postnuke Software Foundation | 1 Postnuke | 2026-04-23 | N/A |
| Unspecified vulnerability in the rating section in PostNuke 0.764 has unknown impact and attack vectors, related to "an interesting bug." | ||||
| CVE-2006-5557 | 1 Hp | 1 Hp-ux | 2026-04-23 | N/A |
| Stack-based buffer overflow in the (1) swpackage and (2) swmodify commands in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via a long -S argument. NOTE: this might be a duplicate of CVE-2006-2574, but the details relating to CVE-2006-2574 are too vague to be certain. | ||||
| CVE-2007-0390 | 1 Sabros.us | 1 Sabros.us | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in sabros.us 1.7 allows remote attackers to inject arbitrary web script or HTML via the tag parameter. | ||||
| CVE-2006-5561 | 1 Discuz | 1 Discuz Gbk | 2026-04-23 | N/A |
| SQL injection vulnerability in admincp.php in Discuz! GBK 5.0.0 allows remote attackers to execute arbitrary SQL commands via the cdb_auth cookie. | ||||
| CVE-2007-0391 | 1 Bitdefender | 1 Bitdefender Client | 2026-04-23 | N/A |
| Format string vulnerability in the log creation functionality of BitDefender Client Professional Plus 8.02 allows attackers to execute arbitrary code via certain scan job settings. | ||||
| CVE-2006-5565 | 1 Maxdev | 1 Md-pro | 2026-04-23 | N/A |
| CRLF injection vulnerability in MAXdev MD-Pro 1.0.76 allows remote attackers to inject arbitrary HTTP headers via a CRLF sequence in the (1) name, (2) file, (3) module, and (4) func parameters in (a) index.php; and the (5) file parameter in (b) modules.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||