Search Results (346665 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-6031 1 Van Dyke Technologies 1 Vshell 2026-04-23 N/A
Unspecified vulnerability in VanDyke VShell 3.0.1 allows remote attackers to cause a denial of service via unspecified vectors. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine.
CVE-2007-1958 1 Tinymux 1 Tinymux 2026-04-23 N/A
Buffer overflow in TinyMUX before 2.4 allows attackers to cause a denial of service via unspecified vectors related to "too many substring matches in a regexp $-command." NOTE: some of these details are obtained from third party information.
CVE-2008-1501 2 Ircu, Quakenet 2 Ircu, Snircd 2026-04-23 N/A
The send_user_mode function in s_user.c in (1) Undernet ircu 2.10.12.12 and earlier, (2) snircd 1.3.4 and earlier, and unspecified other ircu derivatives allows remote attackers to cause a denial of service (daemon crash) via a malformed MODE command.
CVE-2007-2125 1 Oracle 1 Collaboration Suite 2026-04-23 N/A
Unspecified vulnerability in Collaborative Workspace in Oracle Collaboration Suite 10.1.2 has unknown impact and attack vectors, aka OCS01.
CVE-2007-6032 1 Aleris 1 Web Publishing Server 2026-04-23 N/A
SQL injection vulnerability in calendar/page.asp in Aleris Web Publishing Server 3.0 allows remote attackers to execute arbitrary SQL commands via the mode parameter.
CVE-2008-1534 1 Powerscripts 1 Powerphpboard 2026-04-23 N/A
Multiple directory traversal vulnerabilities in PowerPHPBoard 1.00b allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) settings[footer] parameter to footer.inc.php and the (2) settings[header] parameter to header.inc.php.
CVE-2008-1559 2 Bernard Gilly, Joomla 2 Com Alphacontent, Joomla\! 2026-04-23 N/A
SQL injection vulnerability in the Bernard Gilly AlphaContent (com_alphacontent) 2.5.8 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php.
CVE-2008-1609 1 Jaf Cms 1 Jaf Cms 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in just another flat file (JAF) CMS 4.0 RC2 allow remote attackers to execute arbitrary PHP code via a URL in the (1) website parameter to (a) forum.php, (b) headlines.php, and (c) main.php in forum/, and (2) main_dir parameter to forum/forum.php. NOTE: other main_dir vectors are already covered by CVE-2006-7127.
CVE-2008-1640 1 Jgs-xa 1 Jgs Treffen 2026-04-23 N/A
SQL injection vulnerability in jgs_treffen.php in the JGS-XA JGS-Treffen 2.0.2 and earlier addon for Woltlab Burning Board (wBB) allows remote attackers to execute arbitrary SQL commands via the view_id parameter in an ansicht action.
CVE-2008-1696 1 Dazphp 1 Dazphpnews 2026-04-23 N/A
Directory traversal vulnerability in makepost.php in DaZPHPNews 0.1-1, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the prefixdir parameter.
CVE-2008-1730 1 Arwscripts 1 Gallery Script Lite 2026-04-23 N/A
Directory traversal vulnerability in download.html in ARWScripts Gallery Script Lite (aka gallery-script-lite or Free Photo Gallery Site Script), as of 20080411, allows remote attackers to read arbitrary local files via directory traversal sequences in the path parameter.
CVE-2008-1732 1 Predictionfootball 1 Predictionfootball 2026-04-23 N/A
SQL injection vulnerability in showpredictionsformatch.php in Prediction Football 1.x allows remote attackers to execute arbitrary SQL commands via the matchid parameter in a dupa action.
CVE-2008-1750 1 Livecart 1 Livecart 2026-04-23 N/A
SQL injection vulnerability in Integry Systems LiveCart 1.1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter to the /category URI.
CVE-2008-1763 1 Blogator Script 1 Blogator Script 2026-04-23 N/A
SQL injection vulnerability in _blogadata/include/sond_result.php in Blogator-script 0.95 allows remote attackers to execute arbitrary SQL commands via the id_art parameter.
CVE-2008-1772 1 Iscripts 1 Socialware 2026-04-23 N/A
iScripts SocialWare stores passwords in cleartext in a database, which allows context-dependent attackers to obtain sensitive information.
CVE-2008-1776 1 Phpblock 1 Phpblock 2026-04-23 N/A
PHP remote file inclusion vulnerability in modules/basicfog/basicfogfactory.class.php in PhpBlock A8.4 allows remote attackers to execute arbitrary PHP code via a URL in the PATH_TO_CODE parameter.
CVE-2008-1785 1 Prozilla 1 Top 100 2026-04-23 N/A
delete.php in Prozilla Top 100 1.2 allows remote authenticated users to delete statistics and accounts of arbitrary users via a modified s parameter.
CVE-2008-1847 1 Coronamatrix 1 Phpaddressbook 2026-04-23 N/A
SQL injection vulnerability in view.php in CoronaMatrix phpAddressBook 2.11 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-2182 1 Maran 1 Php Forum 2026-04-23 N/A
Unrestricted file upload vulnerability in forum_write.php in Maran PHP Forum allows remote attackers to upload and execute arbitrary PHP files via a trailing %00 in a filename in the page parameter.
CVE-2008-1861 1 Exbb 1 Exbb Italia 2026-04-23 N/A
Directory traversal vulnerability in modules/threadstop/threadstop.php in ExBB Italia 0.22 and earlier, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the exbb[default_lang] parameter.