Total
277570 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-5993 | 1 Vtls | 1 Vtls.web.gateway | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in Visionary Technology in Library Solutions (VTLS) vtls.web.gateway before 48.1.1 allows remote attackers to inject arbitrary web script or HTML via the searchtype parameter. | ||||
| CVE-2007-5992 | 1 Datecomm | 1 Social Networking Script | 2024-11-21 | N/A |
| SQL injection vulnerability in index.php in datecomm Social Networking Script (aka Myspace Clone Script) allows remote attackers to execute arbitrary SQL commands via the seid parameter in a viewcat s action on the forums page. | ||||
| CVE-2007-5991 | 1 Exo | 1 Exophpdesk | 2024-11-21 | N/A |
| SQL injection vulnerability in index.php in ExoPHPdesk allows remote attackers to execute arbitrary SQL commands via the user parameter in a profile fn action. | ||||
| CVE-2007-5990 | 1 Exo | 1 Exophpdesk | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in ExoPHPdesk allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in a user profile, possibly the (1) name and (2) website parameters to register.php. | ||||
| CVE-2007-5989 | 1 Skype Technologies | 1 Skype | 2024-11-21 | N/A |
| Unspecified vulnerability in the skype4com URI handler in Skype before 3.6 GOLD allows remote attackers to execute arbitrary code via "short string values" that result in heap corruption. | ||||
| CVE-2007-5988 | 1 Bti-tracker | 1 Bti-tracker | 2024-11-21 | N/A |
| blocks/shoutbox_block.php in BtiTracker 1.4.4 does not verify user accounts, which allows remote attackers to post shoutbox entries as arbitrary users via a modified nick field. | ||||
| CVE-2007-5987 | 1 Bti-tracker | 1 Bti-tracker | 2024-11-21 | N/A |
| details.php in BtiTracker before 1.4.5, when torrent viewing is disabled for guests, allows remote attackers to bypass protection mechanisms via a direct request, as demonstrated by (1) reading the details of an arbitrary torrent and (2) modifying a torrent owned by a guest. | ||||
| CVE-2007-5986 | 1 Btiteam | 1 Btitracker | 2024-11-21 | N/A |
| SQL injection vulnerability in include/functions.php in BtiTracker before 1.4.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2007-5985 | 1 Bti-tracker | 1 Bti-tracker | 2024-11-21 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in BtiTracker before 1.4.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to (1) account.php, (2) moresmiles.php, or (3) recover.php; or (4) the "to" parameter to usercp.php. | ||||
| CVE-2007-5984 | 1 Justin Hagstrom | 1 Autoindex Php Script | 2024-11-21 | N/A |
| classes/Url.php in Justin Hagstrom AutoIndex PHP Script before 2.2.4 allows remote attackers to cause a denial of service (CPU and memory consumption) via a %00 sequence in the dir parameter to index.php, which triggers an erroneous "recursive calculation." | ||||
| CVE-2007-5983 | 1 Justin Hagstrom | 1 Autoindex Php Script | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Justin Hagstrom AutoIndex PHP Script before 2.2.3 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO (PHP_SELF). | ||||
| CVE-2007-5982 | 1 X7 Group | 1 X7 Chat | 2024-11-21 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in X7 Chat 2.0.4, 2.0.5, and possibly other versions allow remote attackers to inject arbitrary web script or HTML via the (1) room parameter to sources/frame.php, the (2) theme_c parameter to help/index.php, or the (3) INSTALL_X7CHATVERSION parameter to upgradev1.php. | ||||
| CVE-2007-5981 | 1 Lantronix | 1 Scs3200 | 2024-11-21 | N/A |
| Lantronix SCS3200 does not properly handle public-key requests, which allows remote attackers to cause a denial of service (unresponsive device) via unspecified keyscan requests. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-5980 | 1 Eggblog | 1 Eggblog | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in home/rss.php in eggblog before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO (PHP_SELF). | ||||
| CVE-2007-5979 | 1 F5 | 1 Firepass 4100 | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in download_plugin.php3 in F5 Firepass 4100 SSL VPN 5.4 through 5.5.2 and 6.0 through 6.0.1 allows remote attackers to inject arbitrary web script or HTML via the backurl parameter. | ||||
| CVE-2007-5978 | 1 Xoops | 1 Mylinks Module | 2024-11-21 | N/A |
| SQL injection vulnerability in brokenlink.php in the mylinks module for XOOPS allows remote attackers to execute arbitrary SQL commands via the lid parameter. | ||||
| CVE-2007-5977 | 1 Phpmyadmin | 1 Phpmyadmin | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to inject arbitrary web script or HTML via a hex-encoded IMG element in the db parameter in a POST request, a different vulnerability than CVE-2006-6942. | ||||
| CVE-2007-5976 | 1 Phpmyadmin | 1 Phpmyadmin | 2024-11-21 | N/A |
| SQL injection vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to execute arbitrary SQL commands via the db parameter. | ||||
| CVE-2007-5975 | 1 Torrentstrike | 1 Torrentstrike | 2024-11-21 | N/A |
| SQL injection vulnerability in index.php in TBSource, as used in (1) TBDev and (2) TorrentStrike 0.4, allows remote authenticated users to execute arbitrary SQL commands via the choice parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-5974 | 1 Jportal | 1 Jportal Web Portal | 2024-11-21 | N/A |
| SQL injection vulnerability in mailer.php in JPortal 2 allows remote attackers to execute arbitrary SQL commands via the to parameter. | ||||