Filtered by NVD-CWE-Other
Total 29947 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2007-4082 1 Alstrasoft 1 Article Manager Pro 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in contact_author.php AlstraSoft Article Manager Pro allows remote attackers to inject arbitrary web script or HTML via the userid parameter.
CVE-2007-4083 1 Alstrasoft 1 Askme Pro 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft AskMe Pro allow remote attackers to inject arbitrary web script or HTML via (1) the cat_id parameter to search.php or the (2) typ parameter to register.php.
CVE-2007-4084 1 Alstrasoft 1 Affiliate Network Pro 2026-04-23 N/A
Multiple SQL injection vulnerabilities in AlstraSoft Affiliate Network Pro allow remote attackers to execute arbitrary SQL commands via (1) the pgmid parameter in an uploadProducts action to merchants/index.php and possibly (2) the rowid parameter to merchants/temp.php.
CVE-2007-4100 1 Mldonkey 1 Mldonkey 2026-04-23 N/A
MLDonkey before 2.9.0 does not load certain code from $MLDONKEY/web_infos/ before the network modules become active, which allows remote attackers to bypass the IP blocklist.
CVE-2007-4136 1 Redhat 2 Conga, Rhel Cluster 2026-04-23 N/A
The ricci daemon in Red Hat Conga 0.10.0 allows remote attackers to cause a denial of service (loss of new connections) by repeatedly sending data or attempting connections.
CVE-2007-4145 1 Bluesky 1 Blueskychat 2026-04-23 N/A
Heap-based buffer overflow in the BlueSkychat (BlueSkyCat) ActiveX control (V2.V2Ctrl.1) in v2.ocx 8.1.2.0 and earlier allows remote attackers to execute arbitrary code via a long string in the second argument to the ConnecttoServer method.
CVE-2007-4152 1 Visionsoft 1 Audit 2026-04-23 N/A
The Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0 allows remote attackers to conduct replay attacks by capturing and resending data from the DETAILS and PROCESS sections of a session that schedules an audit.
CVE-2007-2158 1 Kooijman-design 1 Jgallery 2026-04-23 N/A
PHP remote file inclusion vulnerability in index.php in jGallery 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the G_JGALL[inc_path] parameter.
CVE-2007-2160 1 Drupal 1 Database Administration Module 2026-04-23 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in the Database Administration (dba) module 4.6.x-*, and before 4.7.x-1.2 in the 4.7.x-1.* series, for Drupal allow remote attackers to perform unauthorized actions as an arbitrary user, a related issue to CVE-2006-5476.
CVE-2007-4205 2 Bluecat Networks, Linux-ha 2 Adonis, Heartbeat 2026-04-23 N/A
XHA (Linux-HA) on the BlueCat Networks Adonis DNS/DHCP Appliance 5.0.2.8 allows remote attackers to cause a denial of service (heartbeat control process crash) via a UDP packet to port 694. NOTE: this may be the same as CVE-2006-3121.
CVE-2007-4208 1 Morgan Ids 1 Next Gen Portfolio Manager 2026-04-23 N/A
SQL injection vulnerability in default.asp in Next Gen Portfolio Manager allows remote attackers to execute arbitrary SQL commands via the (1) Users_Email or (2) Users_Password parameter in an ExecuteTheLogin action.
CVE-2007-4371 1 Hotscripts 1 Neuron Blog 2026-04-23 N/A
Unrestricted file upload vulnerability in admin/pages/blog-add.php in Neuron Blog 1.1 allows remote attackers to upload and execute arbitrary PHP files in uploads/.
CVE-2007-2163 1 Apple 1 Safari 2026-04-23 N/A
Apple Safari allows remote attackers to cause a denial of service (browser crash) via JavaScript that matches a regular expression against a long string, as demonstrated using /(.)*/.
CVE-2006-5512 1 Zwahlen Informatik 1 Online Shop 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in article.htm in Zwahlen Online Shop allows remote attackers to inject arbitrary web script or HTML via the cat parameter.
CVE-2007-4305 5 Netbsd, Openbsd, Sysjail and 2 more 5 Netbsd, Openbsd, Sysjail and 2 more 2026-04-23 N/A
Multiple race conditions in the (1) Sudo monitor mode and (2) Sysjail policies in Systrace on NetBSD and OpenBSD allow local users to defeat system call interposition, and consequently bypass access control policy and auditing.
CVE-2007-6511 1 Websense 1 Enterpise 2026-04-23 N/A
Websense Enterprise 6.3.1 allows remote attackers to bypass content filtering by visiting http URLs with a (1) RealPlayer G2, (2) MSMSGS, or (3) StoneHttpAgent User-Agent header, which results in a Non-HTTP categorization.
CVE-2007-2166 1 Opensurveypilot 1 Opensurveypilot 2026-04-23 N/A
PHP remote file inclusion vulnerability in administration/user/lib/group.inc.php in OpenSurveyPilot (osp) 1.2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cfgPathToProjectAdmin parameter.
CVE-2007-4378 1 Rndlabs 1 Babo Violent 2026-04-23 N/A
Multiple format string vulnerabilities in Babo Violent 2 2.08.00 and earlier allow remote attackers to execute arbitrary code via format string specifiers in (1) a message or (2) certain data associated with an admin login.
CVE-2007-4388 1 2wire 2 1701hg Router, 2071 Router 2026-04-23 N/A
2wire 1701HG and 2071 Gateway routers, with 5.29.51 and possibly 3.17.5 software, have a blank password by default.
CVE-2007-4398 1 Irssi 1 Irssi 2026-04-23 N/A
Multiple CRLF injection vulnerabilities in the (1) now-playing.rb and (2) xmms.pl 1.1 scripts for WeeChat allow user-assisted remote attackers to execute arbitrary IRC commands via CRLF sequences in the name of the song in a .mp3 file.