Total
3326 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-0300 | 1 Mapbender | 1 Mapbender | 2023-12-10 | 6.8 MEDIUM | N/A |
| mapFiler.php in Mapbender 2.4 to 2.4.4 allows remote attackers to execute arbitrary PHP code via PHP code sequences in the factor parameter, which are not properly handled when accessing a filename that contains those sequences. | |||||
| CVE-2007-6542 | 1 Agares Media | 1 Arcadem | 2023-12-10 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in admin/frontpage_right.php in Arcadem LE 2.04 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the loadadminpage parameter. | |||||
| CVE-2007-2428 | 1 Ahhp-portal | 1 Ahhp-portal | 2023-12-10 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in page.php in Ahhp-Portal allow remote attackers to execute arbitrary PHP code via a URL in the (1) fp or (2) sc parameter. | |||||
| CVE-2007-5456 | 1 Microsoft | 1 Internet Explorer | 2023-12-10 | 7.5 HIGH | N/A |
| Microsoft Internet Explorer 7 and earlier allows remote attackers to bypass the "File Download - Security Warning" dialog box and download arbitrary .exe files by placing a '?' (question mark) followed by a non-.exe filename after the .exe filename, as demonstrated by (1) .txt, (2) .cda, (3) .log, (4) .dif, (5) .sol, (6) .htt, (7) .itpc, (8) .itms, (9) .dvr-ms, (10) .dib, (11) .asf, (12) .tif, and unspecified other extensions, a different issue than CVE-2004-1331. NOTE: this issue might not cross privilege boundaries, although it does bypass an intended protection mechanism. | |||||
| CVE-2008-1043 | 1 Linux Web Shop | 1 Php User Base | 2023-12-10 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in templates/default/header.inc.php in Linux Web Shop (LWS) php User Base 1.3 BETA allows remote attackers to execute arbitrary PHP code via a URL in the menu parameter. | |||||
| CVE-2008-0302 | 1 Debian | 1 Apt-listchanges | 2023-12-10 | 7.2 HIGH | N/A |
| Untrusted search path vulnerability in apt-listchanges.py in apt-listchanges before 2.82 allows local users to execute arbitrary code via a malicious apt-listchanges program in the current working directory. | |||||
| CVE-2007-5733 | 1 Japanese Php Gallery Hosting | 1 Japanese Php Gallery Hosting | 2023-12-10 | 7.5 HIGH | N/A |
| Unrestricted file upload vulnerability in upload/upload.php in Japanese PHP Gallery Hosting, when Open directory mode is enabled, allows remote attackers to upload and execute arbitrary PHP code via a ServerPath parameter specifying a filename with a double extension. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-0076 | 1 Microsoft | 2 Ie, Internet Explorer | 2023-12-10 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Microsoft Internet Explorer 5.01, 6 SP1 and SP2, and 7 allows remote attackers to execute arbitrary code via crafted HTML layout combinations, aka "HTML Rendering Memory Corruption Vulnerability." | |||||
| CVE-2007-5593 | 2 Drupal, Fedoraproject | 2 Drupal, Fedora | 2023-12-10 | 6.8 MEDIUM | N/A |
| install.php in Drupal 5.x before 5.3, when the configured database server is not reachable, allows remote attackers to execute arbitrary code via vectors that cause settings.php to be modified. | |||||
| CVE-2007-6229 | 1 Rayzz | 1 Rayzz Script | 2023-12-10 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in common/classes/class_HeaderHandler.lib.php in Rayzz Script 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the CFG[site][project_path] parameter. | |||||
| CVE-2007-0065 | 1 Microsoft | 6 Office, Visual Basic, Windows 2000 and 3 more | 2023-12-10 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in Object Linking and Embedding (OLE) Automation in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, Office 2004 for Mac, and Visual basic 6.0 SP6 allows remote attackers to execute arbitrary code via a crafted script request. | |||||
| CVE-2007-6632 | 1 Xml2owl | 1 Xml2owl | 2023-12-10 | 6.8 MEDIUM | N/A |
| showCode.php in xml2owl 0.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the path parameter. | |||||
| CVE-2006-6086 | 1 E-ark | 1 E-ark | 2023-12-10 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in src/ark_inc.php in e-Ark 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the cfg_pear_path parameter. | |||||
| CVE-2007-2185 | 1 Supasite | 1 Supasite | 2023-12-10 | 6.8 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Supasite 1.23b allow remote attackers to execute arbitrary PHP code via a URL in the supa[db_path] parameter to (1) common_functions.php, (2) admin_auth_cookies.php, (3) admin_mods.php, (4) admin_news.php, (5) admin_topics.php, (6) admin_users.php, (7) admin_utilities.php, (8) site_comment.php, or (9) site_news.php; or the supa[include_path] parameter to (10) admin_settings.php or (11) backend_site.php. | |||||
| CVE-2007-1790 | 1 Kaqoo | 1 Kaqoo Auction Software | 2023-12-10 | 6.8 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Kaqoo Auction Software Free Edition allow remote attackers to execute arbitrary PHP code via a URL in the install_root parameter to (1) support.inc.php, (2) function.inc.php, (3) rdal_object.inc.php, (4) rdal_editor.inc.php. (5) login.inc.php, (6) request.inc.php, and (7) categories.inc.php in include/core/; (8) save.inc.php, (9) preview.inc.php, (10) edit_item.inc.php, (11) new_item.inc.php, and (12) item_info.inc.php in include/display/item/; (13) search.inc.php, (14) item_edit.inc.php, (15) register_succsess.inc.php, (16) context_menu.inc.php, (17) item_repost.inc.php, (18) balance.inc.php, (19) featured.inc.php, (20) user.inc.php, (21) buynow.inc.php, (22) install_complete.inc.php, (23) fees_info.inc.php, (24) user_feedback.inc.php, (25) admin_balance.inc.php, (26) activate.inc.php, (27) user_info.inc.php, (28) member.inc.php, (29) add_bid.inc.php, (30) items_filter.inc.php, (31) my_info.inc.php, (32) register.inc.php, (33) leave_feedback.inc.php, and (34) user_auctions.inc.php in include/display/; and (35) design/form.inc.php, (36) processor.inc.php, (37) interfaces.inc.php (38) left_menu.inc.php, (39) login.inc.php, and (40) categories.inc.php in include/. | |||||
| CVE-2007-4720 | 1 Hitachi | 1 Jp1 Cm2 Network Node Manager | 2023-12-10 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the Shared Trace Service in Hitachi JP1/Cm2/Network Node Manager (NNM) 07-10 through 07-10-05, and NNM Starter Edition Enterprise and 250 08-00 through 08-10, allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2007-4815 | 1 Markus Iser | 1 Ed Engine | 2023-12-10 | 6.8 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in WebED in Markus Iser ED Engine 0.8999 alpha allow remote attackers to execute arbitrary PHP code via a URL in the Codebase parameter to (1) channeledit.php, (2) post.php, (3) view.php, or (4) viewitem.php in source/mod/rss/. | |||||
| CVE-2006-7046 | 1 Clan Manager Pro | 1 Clan Manager Pro | 2023-12-10 | 9.3 HIGH | N/A |
| PHP remote file inclusion vulnerability in cmpro.intern/login.inc.php for Clan Manager Pro (CMPRO) 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-0078 | 1 Microsoft | 3 Activex, Ie, Internet Explorer | 2023-12-10 | 9.3 HIGH | N/A |
| Unspecified vulnerability in an ActiveX control (dxtmsft.dll) in Microsoft Internet Explorer 5.01, 6 SP1 and SP2, and 7 allows remote attackers to execute arbitrary code via a crafted image, aka "Argument Handling Memory Corruption Vulnerability." | |||||
| CVE-2007-2816 | 1 Ol Bookmarks | 1 Ol Bookmarks | 2023-12-10 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in ol'bookmarks 0.7.4 allow remote attackers to execute arbitrary PHP code via a URL in the root parameter to (1) test1.php, (2) blackorange.php, (3) default.php, (4) frames1.php, (5) frames1_top.php, (7) test2.php, (8) test3.php, (9) test4.php, (10) test5.php, (11) test6.php, (12) frames1_left.php, and (13) frames1_center.php in themes/. | |||||