Export limit exceeded: 355207 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (6722 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-5363 | 2 Joomla, Webmaster-tips | 2 Joomla, Panoramic Picture Viewer | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in admin.panoramic.php in the Panoramic Picture Viewer (com_panoramic) mambot (plugin) 1.0 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-5388 | 1 Webdesktop | 1 Webdesktop | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in WebDesktop 0.1 allow remote attackers to execute arbitrary PHP code via a URL in the (1) app parameter to apps/apps.php and the (2) wsk parameter to wsk/wsk.php. | ||||
| CVE-2009-0625 | 1 Cisco | 3 Ace 4710, Application Control Engine Module, Catalyst | 2026-04-23 | N/A |
| Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.2) and Cisco ACE 4710 Application Control Engine Appliance before A1(8.0) allows remote attackers to cause a denial of service (device reload) via a crafted SNMPv3 packet. | ||||
| CVE-2007-5410 | 2 Joomla, Webmaster-tips | 2 Joomla, Flash Rss Reader | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in admin.wmtrssreader.php in the webmaster-tips.net Flash RSS Reader (com_wmtrssreader) 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter. | ||||
| CVE-2008-4645 | 1 Phpwebgallery | 1 Phpwebgallery | 2026-04-23 | N/A |
| plugins/event_tracer/event_list.php in PhpWebGallery 1.7.2 and earlier allows remote authenticated administrators to execute arbitrary PHP code via PHP sequences in the sort parameter, which is processed by create_function. | ||||
| CVE-2007-2084 | 1 Mobilepublisherphp | 1 Mobilepublisherphp | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in MobilePublisherphp 1.1.2 allows remote attackers to execute arbitrary PHP code via a URL in the auth_method parameter to (1) index.php, (2) list.php, (3) postreview.php, (4) reindex.php, (5) sections.php, (6) templates.php, (7) userinfo.php, (8) users.php, and (9) view.php in admin/. NOTE: this issue has been disputed by a reliable third party, who states that $auth_method is defined before use | ||||
| CVE-2007-5453 | 1 Php-stats | 1 Php-stats | 2026-04-23 | N/A |
| Multiple eval injection vulnerabilities in Php-Stats 0.1.9.2 allow remote authenticated administrators to execute arbitrary code by writing PHP sequences to the php-stats-options record in the _options table, which is used in an eval function call by (1) admin.php, (2) click.php, (3) download.php, and unspecified other files, as demonstrated by modifying _options through a backup restore action in admin.php. | ||||
| CVE-2007-5457 | 2 Joomla, Michael Dempfle | 2 Joomla, Joomla Flash Uploader | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Michael Dempfle Joomla Flash Uploader (com_jfu or com_joomla_flash_uploader) 2.5.1 component for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) install.joomla_flash_uploader.php and (2) uninstall.joomla_flash_uploader.php. | ||||
| CVE-2008-6287 | 1 Getmiro | 1 Broadcast Machine | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Broadcast Machine 0.1 allow remote attackers to execute arbitrary PHP code via a URL in the baseDir parameter to (1) MySQLController.php, (2) SQLController.php, (3) SetupController.php, (4) VideoController.php, and (5) ViewController.php in controllers/. | ||||
| CVE-2007-6088 | 1 Phpbbviet | 1 Phpbbviet | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in includes/functions_mod_user.php in phpBBViet 02.03.07 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | ||||
| CVE-2007-6105 | 1 Talkback | 1 Talkback | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in TalkBack 2.2.7 allow remote attackers to execute arbitrary PHP code via a URL in the (1) language_file parameter to (a) comments-display-tpl.php and (b) addons/separate-comments-mod/my-comments-display-tpl.php and the (2) config[comments_form_tpl] parameter to comments-display-tpl.php. | ||||
| CVE-2007-6177 | 1 Php Con | 1 Php Con | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in Exchange/include.php in PHP_CON 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the webappcfg[APPPATH] parameter. | ||||
| CVE-2007-6191 | 1 Pmapper | 1 P.mapper | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Armin Burger p.mapper 3.2.0 beta3 allow remote attackers to execute arbitrary PHP code via a URL in the _SESSION[PM_INCPHP] parameter to (1) incphp/globals.php or (2) plugins/export/mc_table.php. NOTE: it could be argued that this vulnerability is caused by a problem in PHP and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in p.mapper. | ||||
| CVE-2007-2070 | 1 Turnkey Web Tools | 1 Sunshop Shopping Cart | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Turnkey Web Tools SunShop Shopping Cart before 3.5.1 allow remote attackers to execute arbitrary PHP code via a URL in the abs_path parameter to (1) index.php or (2) checkout.php. | ||||
| CVE-2008-0423 | 1 Lama | 1 Lama Software | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Lama Software allow remote attackers to execute arbitrary PHP code via a URL in the MY_CONF[classRoot] parameter to (1) inc.steps.access_error.php, (2) inc.steps.check_login.php, or (3) inc.steps.init_system.php in admin/functions/. | ||||
| CVE-2008-0110 | 1 Microsoft | 1 Office | 2026-04-23 | N/A |
| Unspecified vulnerability in Microsoft Outlook in Office 2000 SP3, XP SP3, 2003 SP2 and Sp3, and Office System allows user-assisted remote attackers to execute arbitrary code via a crafted mailto URI. | ||||
| CVE-2008-0111 | 1 Microsoft | 4 Excel, Excel Viewer, Office and 1 more | 2026-04-23 | N/A |
| Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2007, Viewer 2003, Compatibility Pack, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted data validation records, aka "Excel Data Validation Record Vulnerability." | ||||
| CVE-2008-0114 | 1 Microsoft | 3 Excel, Excel Viewer, Office | 2026-04-23 | N/A |
| Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office for Mac 2004 allows user-assisted remote attackers to execute arbitrary code via crafted Style records that trigger memory corruption. | ||||
| CVE-2008-5288 | 1 Scripts4you | 1 Faq Manager | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in include/header.php in Werner Hilversum FAQ Manager 1.2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the config_path parameter. | ||||
| CVE-2008-0118 | 1 Microsoft | 1 Office | 2026-04-23 | N/A |
| Unspecified vulnerability in Microsoft Office 2000 SP3, XP SP3, 2003 SP2, Excel Viewer 2003 up to SP3, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption from an "allocation error," aka "Microsoft Office Memory Corruption Vulnerability." | ||||