| Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2007-1302 | 6.8 |
SQL injection vulnerability in guestbook.php in LI-Guestbook 1.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the country parameter. NOTE: it was later reported that 1.2 is also affected.
|
14-02-2024 - 01:17 | 07-03-2007 - 00:19 | |
| CVE-2007-1305 | 6.8 |
Multiple cross-site scripting (XSS) vulnerabilities in add2.php in Sava's Guestbook 23.11.2006 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) country, (3) email, and (4) website parameters.
|
14-02-2024 - 01:17 | 07-03-2007 - 00:19 | |
| CVE-2007-1304 | 6.8 |
Multiple SQL injection vulnerabilities in add2.php in Sava's Guestbook 23.11.2006, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) name, (2) country, (3) email, (4) website, and (5) message para
|
14-02-2024 - 01:17 | 07-03-2007 - 00:19 | |
| CVE-2007-0994 | 6.8 |
A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI
|
09-10-2019 - 22:52 | 06-03-2007 - 00:19 | |
| CVE-2007-0712 | 9.3 |
Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MIDI file.
|
30-10-2018 - 16:25 | 05-03-2007 - 22:19 | |
| CVE-2007-0711 | 9.3 |
Integer overflow in Apple QuickTime before 7.1.5, when installed on Windows operating systems, allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted 3GP video file.
|
30-10-2018 - 16:25 | 05-03-2007 - 22:19 | |
| CVE-2007-0714 | 9.3 |
Integer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QuickTime movie with a User Data Atom (UDTA) with an Atom size field with a
|
30-10-2018 - 16:25 | 05-03-2007 - 22:19 | |
| CVE-2007-1332 | 9.3 |
Multiple cross-site request forgery (CSRF) vulnerabilities in TKS Banking Solutions ePortfolio 1.0 Java allow remote attackers to perform unspecified restricted actions in the context of certain accounts by bypassing the client-side protection scheme
|
16-10-2018 - 16:37 | 07-03-2007 - 21:19 | |
| CVE-2007-1331 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in TKS Banking Solutions ePortfolio 1.0 Java allow remote attackers to inject arbitrary web script or HTML via unspecified vectors that bypass the client-side protection scheme, one of which may be
|
16-10-2018 - 16:37 | 07-03-2007 - 21:19 | |
| CVE-2007-0718 | 5.8 |
Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a QTIF file with a Video Sample Description containing a Color table ID of 0
|
16-10-2018 - 16:33 | 05-03-2007 - 22:19 | |
| CVE-2007-0713 | 5.8 |
Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QuickTime movie file.
|
16-10-2018 - 16:33 | 05-03-2007 - 22:19 | |
| CVE-2016-3322 | 7.6 |
Microsoft Internet Explorer 11 and Edge allow remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3289.
|
12-10-2018 - 22:12 | 09-08-2016 - 21:59 | |
| CVE-2017-8191 | 4.3 |
FusionSphere OpenStack V100R006C00SPC102(NFV)has a week cryptographic algorithm vulnerability. Attackers may exploit the vulnerability to crack the cipher text and cause information leak on the transmission links.
|
29-12-2017 - 02:29 | 22-11-2017 - 19:29 | |
| CVE-2007-1339 | 7.5 |
SQL injection vulnerability in index.php in Links Management Application 1.0 allows remote attackers to execute arbitrary SQL commands via the lcnt parameter.
|
19-10-2017 - 01:30 | 08-03-2007 - 22:19 | |
| CVE-2001-0252 | 5.0 |
iPlanet (formerly Netscape) Enterprise Server 4.1 allows remote attackers to cause a denial of service via a long HTTP GET request that contains many "/../" (dot dot) sequences.
|
10-10-2017 - 01:29 | 02-06-2001 - 04:00 | |
| CVE-2007-0715 | 5.8 |
Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PICT file.
|
29-07-2017 - 01:30 | 05-03-2007 - 22:19 | |
| CVE-2007-0717 | 5.8 |
Integer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QTIF file.
|
29-07-2017 - 01:30 | 05-03-2007 - 22:19 | |
| CVE-2007-0716 | 5.8 |
Stack-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QTIF file.
|
29-07-2017 - 01:30 | 05-03-2007 - 22:19 | |
| CVE-2007-1307 | 10.0 |
Unspecified vulnerability in Lenovo Intel PRO/1000 LAN adapter before Build 135400, as used on IBM Lenovo ThinkPad systems, has unknown impact and attack vectors.
|
08-03-2011 - 02:51 | 07-03-2007 - 00:19 | |
| CVE-2007-0574 | 7.5 |
SQL injection vulnerability in rss/show_webfeed.php in SpoonLabs Vivvo Article Management CMS (aka phpWordPress) 3.40 allows remote attackers to execute arbitrary SQL commands via the wcHeadlines parameter, a different vector than CVE-2006-4715. NOT
|
13-11-2008 - 06:32 | 30-01-2007 - 17:28 |