| Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2007-1125 | 4.3 |
Cross-site scripting (XSS) vulnerability in gallery.php in XeroXer Simple one-file gallery allows remote attackers to inject arbitrary web script or HTML via the f parameter.
|
16-10-2018 - 16:36 | 27-02-2007 - 02:28 | |
| CVE-2007-1110 | 5.0 |
Directory traversal vulnerability in data/showcode.php in ActiveCalendar 1.2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter.
|
16-10-2018 - 16:36 | 26-02-2007 - 17:28 | |
| CVE-2007-1100 | 7.8 |
Directory traversal vulnerability in download.php in Ahmet Sacan Pickle before 20070301 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
|
16-10-2018 - 16:36 | 26-02-2007 - 17:28 | |
| CVE-2007-1124 | 5.0 |
Directory traversal vulnerability in gallery.php in XeroXer Simple one-file gallery allows remote attackers to read arbitrary files via a .. (dot dot) in the f parameter.
|
16-10-2018 - 16:36 | 27-02-2007 - 02:28 | |
| CVE-2007-1115 | 4.3 |
The child frames in Opera 9 before 9.20 inherit the default charset from the parent window when a charset is not specified in an HTTP Content-Type header or META tag, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as dem
|
16-10-2018 - 16:36 | 26-02-2007 - 23:28 | |
| CVE-2007-1101 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in Photostand 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) message ("comment") or (2) name field, or the (3) q parameter in a search action in index.php.
|
16-10-2018 - 16:36 | 26-02-2007 - 17:28 | |
| CVE-2007-1111 | 6.8 |
Multiple cross-site scripting (XSS) vulnerabilities in ActiveCalendar 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the css parameter to (1) flatevents.php, (2) js.php, (3) mysqlevents.php, (4) m_2.php, (5) m_3.php, (6) m_4.
|
16-10-2018 - 16:36 | 26-02-2007 - 17:28 | |
| CVE-2007-1107 | 7.5 |
SQL injection vulnerability in thumbnails.php in Coppermine Photo Gallery (CPG) 1.3.x allows remote authenticated users to execute arbitrary SQL commands via a cpg131_fav cookie. NOTE: it was later reported that 1.4.10, 1.4.14, and other 1.4.x versi
|
16-10-2018 - 16:36 | 26-02-2007 - 17:28 | |
| CVE-2007-1114 | 4.3 |
The child frames in Microsoft Internet Explorer 7 inherit the default charset from the parent window when a charset is not specified in an HTTP Content-Type header or META tag, which allows remote attackers to conduct cross-site scripting (XSS) attac
|
16-10-2018 - 16:36 | 26-02-2007 - 23:28 | |
| CVE-2001-0188 | 5.0 |
GoodTech FTP server 3.0.1.2.1.0 and earlier allows remote attackers to cause a denial of service via a flood of connections to the server, which causes it to crash.
|
19-12-2017 - 02:29 | 26-03-2001 - 05:00 | |
| CVE-2007-1105 | 5.0 |
PHP remote file inclusion vulnerability in functions.php in Extreme phpBB (aka phpBB Extreme) 3.0.1 allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
|
11-10-2017 - 01:31 | 26-02-2007 - 17:28 | |
| CVE-2012-2105 | 7.5 |
Multiple SQL injection vulnerabilities in login.php in Timesheet Next Gen 1.5.2 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameters.
|
29-08-2017 - 01:31 | 19-09-2012 - 19:55 | |
| CVE-2016-1429 | 7.8 |
Directory traversal vulnerability in the web interface on Cisco RV180 and RV180W devices allows remote attackers to read arbitrary files via a crafted HTTP request, aka Bug ID CSCuz43023.
|
16-08-2017 - 01:29 | 08-08-2016 - 00:59 | |
| CVE-2007-1117 | 10.0 |
Unspecified vulnerability in Publisher 2007 in Microsoft Office 2007 allows remote attackers to execute arbitrary code via unspecified vectors, related to a "file format vulnerability." NOTE: this information is based upon a vague pre-advisory with n
|
15-11-2008 - 06:43 | 27-02-2007 - 02:28 |