Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (6135 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-7130 | 1 Jinzora | 1 Jinzora | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in backend/primitives/cache/media.php in Jinzora 2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the include_path parameter, a different vector than CVE-2006-6770. | ||||
| CVE-2008-3769 | 1 Openfreeway | 1 Freeway | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in admin/create_order_new.php in Freeway 1.4.1.171, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the include_page parameter. | ||||
| CVE-2009-0456 | 1 Sourdough | 1 Sourdough | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in examples/example_clientside_javascript.php in patForms, as used in Sourdough 0.3.5, allows remote attackers to execute arbitrary PHP code via a URL in the neededFiles[patForms] parameter. | ||||
| CVE-2009-0901 | 1 Microsoft | 3 Visual C\+\+, Visual Studio, Visual Studio .net | 2025-04-09 | N/A |
| The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantClear calls on an uninitialized VARIANT, which allows remote attackers to execute arbitrary code via a malformed stream to an ATL (1) component or (2) control, related to ATL headers and error handling, aka "ATL Uninitialized Object Vulnerability." | ||||
| CVE-2006-7106 | 1 Powerphlogger | 1 Powerphlogger | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in config.inc.php3 in Power Phlogger 2.0.9 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rel_path parameter. | ||||
| CVE-2009-1919 | 1 Microsoft | 6 Internet Explorer, Windows 2000, Windows Server 2003 and 3 more | 2025-04-09 | N/A |
| Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2; and Internet Explorer 7 and 8 for Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 do not properly handle attempts to access deleted objects in memory, which allows remote attackers to execute arbitrary code via an HTML document containing embedded style sheets that modify unspecified rule properties that cause the behavior element to be "improperly processed," aka "Uninitialized Memory Corruption Vulnerability." | ||||
| CVE-2009-4024 | 1 Pear | 1 Pear | 2025-04-09 | N/A |
| Argument injection vulnerability in the ping function in Ping.php in the Net_Ping package before 2.4.5 for PEAR allows remote attackers to execute arbitrary shell commands via the host parameter. NOTE: this has also been reported as a shell metacharacter problem. | ||||
| CVE-2008-3919 | 1 Justsystems | 1 Ichitaro | 2025-04-09 | N/A |
| Unspecified vulnerability in multiple JustSystems Ichitaro products allows remote attackers to execute arbitrary code via a crafted JTD document, as exploited in the wild in August 2008. | ||||
| CVE-2006-7105 | 1 Smarty | 1 Smarty | 2025-04-09 | 9.8 Critical |
| PHP remote file inclusion vulnerability in libs/Smarty.class.php in Smarty 2.6.9 allows remote attackers to execute arbitrary PHP code via a URL in the filename parameter. NOTE: in the original disclosure, filename is used in a function definition, so this report is probably incorrect | ||||
| CVE-2006-7090 | 1 Phpbb Security | 1 Phpbb Security | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in phpbb_security.php in phpBB Security 1.0.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the php_root_path parameter. | ||||
| CVE-2006-6732 | 1 Cwm-design | 1 Cwmvote | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in archive.php in cwmVote 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the abs parameter. | ||||
| CVE-2008-3922 | 1 Telartis Bv | 1 Awstats Totals | 2025-04-09 | N/A |
| awstatstotals.php in AWStats Totals 1.0 through 1.14 allows remote attackers to execute arbitrary code via PHP sequences in the sort parameter, which is used by the multisort function when dynamically creating an anonymous PHP function. | ||||
| CVE-2006-6720 | 1 Azucar Cms | 1 Azucar Cms | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in admin/index_sitios.php in Azucar CMS 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the _VIEW parameter. | ||||
| CVE-2006-6689 | 1 Paristemi | 1 Paristemi | 2025-04-09 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Paristemi 0.8.3 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the SERVER_DIRECTORY parameter to unspecified scripts, a different vector than CVE-2006-6739. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-3956 | 1 Microsoft | 1 Organization Chart | 2025-04-09 | N/A |
| orgchart.exe in Microsoft Organization Chart 2.00 allows user-assisted attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted .opx file. | ||||
| CVE-2009-3865 | 2 Redhat, Sun | 4 Network Satellite, Rhel Extras, Jdk and 1 more | 2025-04-09 | N/A |
| The launch method in the Deployment Toolkit plugin in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 6 before Update 17 allows remote attackers to execute arbitrary commands via a crafted web page, aka Bug Id 6869752. | ||||
| CVE-2009-3817 | 2 Joomla, Ordasoft | 2 Joomla\!, Com Booklibrary | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in doc/releasenote.php in the BookLibrary (com_booklibrary) component 1.0 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter, a different vector than CVE-2009-2637. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-6212 | 1 Webwiz | 1 Site News | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in centre.php in Site News (site_news) 2.00, and possibly earlier, allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-5822 | 1 Scribe | 1 Scribe | 2025-04-09 | N/A |
| Direct static code injection vulnerability in forum.php in Ben Ng Scribe 0.2 and earlier allows remote attackers to inject arbitrary PHP code into a certain file in regged/ via the username parameter in a Register action, possibly related to the register function in forumfunctions.php. | ||||
| CVE-2008-4305 | 1 Php-collab | 1 Php-collab | 2025-04-09 | N/A |
| Static code injection vulnerability in installation/setup.php in phpCollab 2.5 rc3 and earlier allows remote authenticated administrators to inject arbitrary PHP code into include/settings.php via the URI. | ||||