Total
277587 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-0339 | 1 Scriptme | 1 Sme Filemailer | 2024-11-21 | N/A |
| SQL injection vulnerability in index.php (aka the login form) in Scriptme SMe FileMailer 1.21 allows remote attackers to execute arbitrary SQL commands via the Password field (ps parameter). NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-0338 | 1 Bolintech | 1 Dreamftp Server | 2024-11-21 | N/A |
| Heap-based buffer overflow in Dream FTP Server allows remote attackers to execute arbitrary code via a USER command with a large number of format string specifiers, which triggers the overflow during processing of the Server Log. | ||||
| CVE-2007-0337 | 1 Kgb | 1 Kgb | 2024-11-21 | N/A |
| Directory traversal vulnerability in sesskglogadmin.php in KGB 1.9 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the skinnn parameter, as demonstrated by invoking kg.php with a postek parameter containing PHP code, which is injected into a file in the kg directory, and then included by sesskglogadmin.php. | ||||
| CVE-2007-0336 | 1 Rixstep | 1 Undercover | 2024-11-21 | N/A |
| Undercover.app/Contents/Resources/uc in Rixstep Undercover allows local users to overwrite arbitrary files, probably related to a race condition. | ||||
| CVE-2007-0335 | 1 Jax Scripts | 1 Jax Petition Book | 2024-11-21 | N/A |
| Multiple directory traversal vulnerabilities in Jax Petition Book 1.0.3.06 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the languagepack parameter to (1) jax_petitionbook.php or (2) smileys.php. | ||||
| CVE-2007-0334 | 1 Ingate | 1 Firewall And Siparator | 2024-11-21 | N/A |
| Unspecified vulnerability in the SIP module in InGate Firewall and SIParator before 4.5.1 allows remote attackers to conduct replay attacks on the authentication mechanism via unknown vectors. | ||||
| CVE-2007-0333 | 1 Agnitum | 1 Outpost Firewall | 2024-11-21 | N/A |
| Agnitum Outpost Firewall PRO 4.0 allows local users to bypass access restrictions and insert Trojan horse drivers into the product's installation directory by creating links using FileLinkInformation requests with the ZwSetInformationFile function, as demonstrated by modifying SandBox.sys. | ||||
| CVE-2007-0332 | 1 Xentraz | 1 Liens Dynamiques | 2024-11-21 | N/A |
| (1) admin/adminlien.php3 and (2) admin/modif.php3 in liens_dynamiques 2.1 do not require authentication, which allows remote attackers to perform unauthorized administrative actions using a direct request. | ||||
| CVE-2007-0331 | 1 Xentraz | 1 Liens Dynamiques | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in liens.php3 in liens_dynamiques 2.1 allows remote attackers to inject arbitrary web script or HTML by using the ajouter=1 query string and the add menu. | ||||
| CVE-2007-0330 | 1 Ipswitch | 1 Ws Ftp Pro | 2024-11-21 | N/A |
| Buffer overflow in wsbho2k0.dll, as used by wsftpurl.exe, in Ipswitch WS_FTP 2007 Professional allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long ftp:// URL in an HTML document, and possibly other vectors. | ||||
| CVE-2007-0329 | 1 Joonas Viljanen | 1 Jv2 Folder Gallery | 2024-11-21 | N/A |
| download.php in Joonas Viljanen JV2 Folder Gallery allows remote attackers to read sensitive files via a relative pathname in the file parameter, as demonstrated by config/gallerysetup.php. NOTE: this issue might be resultant from a directory traversal vulnerability. | ||||
| CVE-2007-0328 | 1 Macrovision | 2 Flexnet Connect, Update Service | 2024-11-21 | N/A |
| The DWUpdateService ActiveX control in the agent (agent.exe) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allows remote attackers to execute arbitrary commands via (1) the Execute method, and obtain the exit status using (2) the GetExitCode method. | ||||
| CVE-2007-0326 | 1 Photochannel | 1 Pni Digital Media Upload Plugin Activex Control | 2024-11-21 | N/A |
| Multiple stack-based buffer overflows in the PhotoChannel Networks PNI Digital Media Photo Upload Plugin ActiveX control before 2.0.0.10, as used by multiple retailers, allow remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2007-0325 | 1 Trend Micro | 2 Client-server-messaging Security, Officescan Corporate Edition | 2024-11-21 | N/A |
| Multiple buffer overflows in the Trend Micro OfficeScan Web-Deployment SetupINICtrl ActiveX control in OfficeScanSetupINI.dll, as used in OfficeScan 7.0 before Build 1344, OfficeScan 7.3 before Build 1241, and Client / Server / Messaging Security 3.0 before Build 1197, allow remote attackers to execute arbitrary code via a crafted HTML document. | ||||
| CVE-2007-0324 | 1 Lizardtech | 1 Djvu Browser Plug-in | 2024-11-21 | N/A |
| Multiple buffer overflows in the LizardTech DjVu Browser Plug-in before 6.1.1 allow remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2007-0323 | 1 Rim | 1 Teamon Import Object Activex Control | 2024-11-21 | N/A |
| Buffer overflow in the SetLanguage function in Research In Motion (RIM) TeamOn Import Object ActiveX control (TOImport.dll) allows remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2007-0322 | 1 Intuit | 1 Quickbooks | 2024-11-21 | N/A |
| Multiple stack-based buffer overflows in the Intuit QuickBooks Online Edition ActiveX control before 10 allow remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2007-0321 | 1 Macrovision | 1 Flexnet Connect | 2024-11-21 | N/A |
| Buffer overflow in the Update Service Agent ActiveX Control in isusweb.dll for Macrovision FLEXnet Connect (formerly InstallShield Update Service) allows remote attackers to execute arbitrary code via the Download method. | ||||
| CVE-2007-0320 | 1 Macrovision | 1 Installfromtheweb | 2024-11-21 | N/A |
| Multiple buffer overflows in (a) an ActiveX control (iftw.dll) and (b) Netscape plug-in (npiftw32.dll) for Macrovision (formerly InstallShield) InstallFromTheWeb allow remote attackers to execute arbitrary code via crafted HTML documents. | ||||
| CVE-2007-0319 | 1 Motive Incorporated | 2 Self Service Manager, Service Activation Manager | 2024-11-21 | N/A |
| Multiple stack-based buffer overflows in the Motive ActiveEmailTest.EmailData (ActiveUtils EmailData) ActiveX control in ActiveUtils.dll in Motive Service Activation Manager 5.1 and Self Service Manager 5.1 and earlier allow remote attackers to execute arbitrary code via unspecified vectors. | ||||