Filtered by NVD-CWE-Other
Total 29947 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2007-4511 1 Sun 1 Java System Application Server 2026-04-23 N/A
The Sun Admin Console in Sun Application Server 9.0_0.1 does not apply certain configuration changes persistently, which causes the (1) SSL and (2) SSL_MutualAuth ORB listener services to enable all protocols and ciphers after the services are restarted, possibly allowing remote attackers to bypass intended policy.
CVE-2007-3174 1 W2b 1 Online Banking 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in auth.w2b in W2B Online Banking allows remote attackers to inject arbitrary web script or HTML via the adtype parameter, a different vector than CVE-2006-1980.
CVE-2007-3176 1 Ingate 2 Ingate Firewall, Ingate Siparator 2026-04-23 N/A
Unspecified vulnerability in Ingate Firewall and SIParator before 4.5.2 allows remote authenticated users without full privileges to download a Support Report.
CVE-2007-3179 1 Particle Blogger 1 Particle Blogger 2026-04-23 N/A
Multiple SQL injection vulnerabilities in archives.php in Particle Blogger 1.2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the month parameter and other unspecified vectors.
CVE-2007-4521 1 Asterisk 1 Asterisk 2026-04-23 N/A
Asterisk Open Source 1.4.5 through 1.4.11, when configured to use an IMAP voicemail storage backend, allows remote attackers to cause a denial of service via an e-mail with an "invalid/corrupted" MIME body, which triggers a crash when the recipient listens to voicemail.
CVE-2007-3188 1 Geometrix Download Portal 1 Geometrix Download Portal 2026-04-23 N/A
SQL injection vulnerability in down_indir.asp in Fullaspsite GeometriX Download Portal allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-3189 1 Jffnms 1 Just For Fun Network Management System 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in auth.php in Just For Fun Network Management System (JFFNMS) 0.8.3 allows remote attackers to inject arbitrary web script or HTML via the user parameter.
CVE-2006-6930 1 Ga Soft 1 Rapid Classified 2026-04-23 N/A
SQL injection vulnerability in viewad.asp in Rapid Classified 3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-2720 1 Group-office 1 Group-office Groupware 2026-04-23 N/A
Group-Office before 2.16-13 does not properly validate user IDs, which allows remote attackers to obtain sensitive information via certain requests for (1) message.php and (2) messages.php in modules/email/. NOTE: some of these details are obtained from third party information.
CVE-2007-2724 1 Fotolog 1 Fotolog 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in all_photos.html in fotolog allows remote attackers to inject arbitrary web script or HTML via the user parameter.
CVE-2007-3202 1 Bruce Corkhill 1 Web Wiz Rich Text Editor 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the rich text editor in Webwiz allows remote attackers to inject arbitrary web script or HTML via URL-encoded HTML composed of a frameset in which a frame has a SRC attribute pointing to a JavaScript document.
CVE-2007-3203 1 Software602 1 602pro Lan Suite 2026-04-23 N/A
Stack-based buffer overflow in smtpdll.dll in the SMTP service in 602Pro LAN SUITE 2003 2003.0.03.0828 allows remote attackers to execute arbitrary code via an e-mail message with a long address. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-3204 1 Jffnms 1 Just For Fun Network Management System 2026-04-23 N/A
SQL injection vulnerability in auth.php in Just For Fun Network Management System (JFFNMS) 0.8.4-pre2 allows remote attackers to execute arbitrary SQL commands via the pass parameter. NOTE: this issue reportedly exists because of an initial incomplete fix for CVE-2007-3190. The provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-3146 1 Zen Help Desk Software 1 Zen Help Desk 2026-04-23 N/A
Zen Help Desk 2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing a password via a direct request for ZenHelpDesk.mdb.
CVE-2007-3207 1 Novell 1 Client 2026-04-23 N/A
Buffer overflow in the NFS mount daemon (XNFS.NLM) in Novell NetWare 6.5 SP6, and probably earlier, allows remote attackers to cause a denial of service (abend) via a long path in a mount request.
CVE-2007-3209 1 Nongnu 1 Mail Notification 2026-04-23 N/A
Mail Notification 4.0, when WITH_SSL is set to 0 at compile time, uses unencrypted connections for accounts configured with SSL/TLS, which allows remote attackers to obtain sensitive information by sniffing the network.
CVE-2007-2982 1 Bt 1 Business Connect Webhelper Activex Control 2026-04-23 N/A
Multiple buffer overflows in the British Telecommunications Business Connect webhelper ActiveX control before 1.0.0.7 in btbconnectwebcontrol.dll allow remote attackers to execute arbitrary code via unspecified vectors.
CVE-2007-2989 1 Sun 1 Solaris 2026-04-23 N/A
The libike library in Sun Solaris 9 before 20070529 contains a logic error related to a certain pointer, which allows remote attackers to cause a denial of service (in.iked daemon crash) by sending certain UDP packets with a source port different from 500. NOTE: this issue might overlap CVE-2006-2298.
CVE-2007-2990 1 Sun 1 Solaris 2026-04-23 N/A
Unspecified vulnerability in inetd in Sun Solaris 10 before 20070529 allows local users to cause a denial of service (daemon termination) via unspecified manipulations of the /var/run/.inetd.uds Unix domain socket file.
CVE-2007-4405 1 Universal Ircd 1 Ircu 2026-04-23 N/A
ircu 2.10.12.02 through 2.10.12.04 allows remote attackers to cause a denial of service (memory and bandwidth consumption) by creating a large number of unused channels (zannels).