Search Results (120448 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-3349 2 Ibm, Netapp 3 N Series Storage Server, Data Ontap, Fas900 2026-04-23 N/A
Multiple unspecified vulnerabilities in NetApp Data ONTAP, as used on NetApp and IBM eServer platforms, allow remote attackers to execute arbitrary commands, cause a denial of service (system crash), or obtain sensitive information, probably related to insufficient access control for HTTP requests. NOTE: this may overlap CVE-2008-3160.
CVE-2008-2990 2 Joomla, Mambo 3 Com Facileforms, Joomla, Com Facileforms 2026-04-23 N/A
PHP remote file inclusion vulnerability in facileforms.frame.php in the FacileForms (com_facileforms) component 1.4.4 for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the ff_compath parameter.
CVE-2008-1119 1 Centreon 1 Centreon 2026-04-23 N/A
Directory traversal vulnerability in include/doc/get_image.php in Centreon 1.4.2.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the img parameter.
CVE-2007-6080 1 Bcoos 1 Bcoos 2026-04-23 N/A
SQL injection vulnerability in modules/banners/click.php in the banners module for bcoos 1.0.10 allows remote attackers to execute arbitrary SQL commands via the bid parameter. NOTE: it was later reported that 1.0.13 is also affected.
CVE-2007-5400 3 Real, Realnetworks, Redhat 3 Realplayer, Realplayer, Rhel Extras 2026-04-23 N/A
Heap-based buffer overflow in the Shockwave Flash (SWF) frame handling in RealNetworks RealPlayer 10.5 Build 6.0.12.1483 might allow remote attackers to execute arbitrary code via a crafted SWF file.
CVE-2007-0713 1 Apple 1 Quicktime 2026-04-23 N/A
Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QuickTime movie file.
CVE-2007-0226 1 Uniforum 1 Uniforum 2026-04-23 N/A
SQL injection vulnerability in wbsearch.aspx in uniForum 4 and earlier allows remote attackers to execute arbitrary SQL commands via the "by User" field (aka the TXbyuser parameter).
CVE-2006-7111 1 Futomis Cgi Cafe 1 Kmail Cgi 2026-04-23 N/A
Unspecified vulnerability in Futomi's CGI Cafe KMail CGI 1.0.3 and earlier allows remote attackers to bypass authentication and obtain unauthorized email access via unspecified vectors.
CVE-2006-5928 1 Phpjobscheduler 1 Phpjobscheduler 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in Phpjobscheduler 3.0 allow remote attackers to execute arbitrary PHP code via a URL in the installed_config_file parameter to (1) add-modify.php, (2) delete.php, (3) modify.php, and (4) phpjobscheduler.php.
CVE-2009-1736 1 Joomla 2 Com Gsticketsystem, Joomla\! 2026-04-23 N/A
SQL injection vulnerability in the GridSupport (GS) Ticket System (com_gsticketsystem) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a viewCategory action to index.php.
CVE-2009-1741 1 Dutchmonkey 1 Dm Filemanager 2026-04-23 N/A
Multiple SQL injection vulnerabilities in login.php in DM FileManager 3.9.2, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields.
CVE-2008-5522 2 Avg, Microsoft 2 Antivirus, Internet Explorer 2026-04-23 N/A
AVG Anti-Virus 8.0.0.161, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit.
CVE-2008-4117 1 Sun 1 Management Center 2026-04-23 N/A
Unspecified vulnerability in a web page in the PRM module in Sun Management Center (SunMC) 3.6.1 and 4.0 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
CVE-2009-4453 1 Softcab 1 Sound Converter Activex 2026-04-23 N/A
Insecure method vulnerability in SoftCab Sound Converter ActiveX control (sndConverter.ocx) 1.2 allows remote attackers to create or overwrite arbitrary files via the SaveFormat method. NOTE: some of these details are obtained from third party information.
CVE-2008-4119 2 Broadcom, Ca 2 Service Desk, Cmdb 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in CA Service Desk 11.2 and CMDB 11.0 through 11.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving "multiple web forms."
CVE-2008-4138 1 Technote 1 Technote 2026-04-23 N/A
PHP remote file inclusion vulnerability in skin_shop/standard/3_plugin_twindow/twindow_notice.php in TECHNOTE 7 allows remote attackers to execute arbitrary PHP code via a URL in the shop_this_skin_path parameter.
CVE-2008-4140 1 Opensolution 1 Quick.cart 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in admin.php in Quick.Cart 3.1 allows remote attackers to inject arbitrary web script or HTML via the query string.
CVE-2008-4168 1 Pro2col 1 Stingray Fts 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in verify_login.jsp in Pro2col Stingray FTS allows remote attackers to inject arbitrary web script or HTML via the form_username parameter (aka user name field).
CVE-2010-0342 1 Typo3 2 Job Reports, Typo3 2026-04-23 N/A
SQL injection vulnerability in the Reports for Job (job_reports) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-0346 1 Typo3 2 Mimi Tipfriends, Typo3 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the Tip many friends (mimi_tipfriends) extension 0.0.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.