Filtered by NVD-CWE-Other
Total 29947 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2007-2011 1 Deskpro 1 Deskpro 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in login.php in DeskPro 2.0.1 allows remote attackers to inject arbitrary web script or HTML via the username parameter.
CVE-2007-2061 1 Afterlogic 1 Mailbee Webmail 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in check_login.asp in AfterLogic MailBee WebMail Pro 3.4 allows remote attackers to inject arbitrary web script or HTML via the username parameter.
CVE-2007-4178 1 Amg Soft 1 Webdirector 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in WebDirector 2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the deslocal parameter.
CVE-2007-2183 1 Php-ring 1 Webring System 2026-04-23 N/A
SQL injection vulnerability in index.php in PHP-Ring Webring System (aka uPHP_ring_website) 0.9 allows remote attackers to execute arbitrary SQL commands via the ring parameter.
CVE-2007-2208 1 Extreme Phpbb 1 Extreme Phpbb 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in Extreme PHPBB2 3.0 Pre Final allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter to (1) functions.php or (2) functions_portal.php in includes/.
CVE-2007-2064 1 Actionpoll 1 Actionpoll 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in Robert Ladstaetter ActionPoll 1.1.0, and possibly 1.1.1, allow remote attackers to execute arbitrary PHP code via a URL in (1) the CONFIG_POLLDB parameter to actionpoll.php or (2) the CONFIG_DB parameter to db/DataReaderWriter.php, different vectors than CVE-2001-1297.
CVE-2007-2074 1 Scramdisk 4 Linux 1 Scramdisk 4 Linux 2026-04-23 N/A
Certain programs in containers in ScramDisk 4 Linux before 1.0-1 execute with SUID permissions, which allows local users to gain privileges via mounted containers.
CVE-2007-2287 1 Comus 1 Comus 2026-04-23 N/A
PHP remote file inclusion vulnerability in accept.php in comus 2.0 Final allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter.
CVE-2007-2079 1 Xampp 1 Apache Distribution 2026-04-23 N/A
The ADONewConnection Connect function in adodb.php in XAMPP 1.6.0a and earlier for Windows uses untrusted input for the database server hostname, which allows remote attackers to trigger a library buffer overflow and execute arbitrary code via a long host parameter, or have other unspecified impact. NOTE: it could be argued that this is an issue in mssql_connect (CVE-2007-1411.1) in PHP, or an issue in the ADOdb Library, and the proper fix should be in one of these products; if so, then this should not be treated as a vulnerability in XAMPP.
CVE-2007-2399 1 Apple 3 Iphone Os, Mac Os X, Mac Os X Server 2026-04-23 N/A
WebKit in Apple Mac OS X 10.3.9, 10.4.9 and later, and iPhone before 1.0.1 performs an "invalid type conversion", which allows remote attackers to execute arbitrary code via unspecified frame sets that trigger memory corruption.
CVE-2007-2403 1 Apple 3 Cfnetwork, Mac Os X, Mac Os X Server 2026-04-23 N/A
CFNetwork on Apple Mac OS X 10.3.9 and 10.4.10 does not properly validate ftp: URIs, which allows remote attackers to trigger the transmission of arbitrary FTP commands to arbitrary FTP servers.
CVE-2007-2410 1 Apple 3 Mac Os X, Mac Os X Server, Webcore 2026-04-23 N/A
WebCore on Apple Mac OS X 10.3.9 and 10.4.10 retains properties of certain global objects when a new URL is visited in the same window, which allows remote attackers to conduct cross-site scripting (XSS) attacks.
CVE-2007-2464 1 Cisco 2 Adaptive Security Appliance Software, Pix 2026-04-23 N/A
Race condition in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)19, when using "clientless SSL VPNs," allows remote attackers to cause a denial of service (device reload) via "non-standard SSL sessions."
CVE-2007-2839 1 Debian 1 Gfax 2026-04-23 N/A
gfax 0.4.2 and probably other versions creates temporary files insecurely, which allows local users to execute arbitrary commands via unknown vectors.
CVE-2007-2480 1 Linux 1 Linux Kernel 2026-04-23 N/A
The _udp_lib_get_port function in net/ipv4/udp.c in Linux kernel 2.6.21 and earlier does not prevent a bind to a port with a local address when there is already a bind to that port with a wildcard local address, which might allow local users to intercept local traffic for daemons or other applications.
CVE-2007-2513 1 Novell 1 Groupwise 2026-04-23 N/A
Novell GroupWise 7 before SP2 20070524, and GroupWise 6 before 6.5 post-SP6 20070522, allows remote attackers to obtain credentials via a man-in-the-middle attack.
CVE-2007-2536 1 Picozip 1 Picozip 2026-04-23 N/A
PicoZip allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.
CVE-2007-2648 1 Clever Components 1 Clever Database Comparer 2026-04-23 N/A
Stack-based buffer overflow in the Clever Database Comparer 2.2 ActiveX control (comparerax.ocx) allows remote attackers to execute arbitrary code via a long argument to the ConnectToDatabase function.
CVE-2007-2682 2 Adobe, Apple 2 Creative Suite, Mac Os X 2026-04-23 N/A
The installer for Adobe Version Cue CS3 Server on Apple Mac OS X, as used in Adobe Creative Suite 3 (CS3), does not re-enable the personal firewall after completing the product installation, which allows remote attackers to bypass intended firewall rules.
CVE-2007-2685 1 Jetbox 1 Jetbox Cms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in index.php in Jetbox CMS 2.1 allow remote attackers to execute arbitrary SQL commands via the (1) view or (2) login parameter.