Max CVSS | 7.5 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2016-0380 | 2.1 |
IBM Sterling Connect:Direct for Unix 4.1.0 before 4.1.0.4 iFix073 and 4.2.0 before 4.2.0.4 iFix003 uses default file permissions of 0664, which allows local users to obtain sensitive information via standard filesystem operations.
|
25-06-2020 - 19:42 | 08-08-2016 - 01:59 | |
CVE-2007-1956 | 7.5 |
SQL injection vulnerability in ubbthreads.php in Groupee UBB.threads 6.1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the C parameter.
|
16-10-2018 - 16:41 | 11-04-2007 - 01:19 | |
CVE-2007-1927 | 4.3 |
Cross-site scripting (XSS) vulnerability in signup.asp in CmailServer WebMail 5.3.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the POP3Mail parameter.
|
16-10-2018 - 16:41 | 10-04-2007 - 23:19 | |
CVE-2007-1206 | 7.2 |
The Virtual DOS Machine (VDM) in the Windows Kernel in Microsoft Windows NT 4.0; 2000 SP4; XP SP2; Server 2003, 2003 SP1, and 2003 SP2; and Windows Vista before June 2006; uses insecure permissions (PAGE_READWRITE) for a physical memory view, which a
|
16-10-2018 - 16:37 | 10-04-2007 - 21:19 | |
CVE-2007-0677 | 7.5 |
PHP remote file inclusion vulnerability in fw/class.Quick_Config_Browser.php in Cadre PHP Framework 20020724 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[config][framework_path] parameter.
|
16-10-2018 - 16:33 | 03-02-2007 - 01:28 | |
CVE-2007-1934 | 6.8 |
Directory traversal vulnerability in member.php in the eBoard 1.0.7 module for PHP-Nuke allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the GLOBALS[name] parameter.
|
11-10-2017 - 01:32 | 10-04-2007 - 23:19 | |
CVE-2008-6263 | 7.5 |
SQL injection vulnerability in lib/user/t_user.php in SaturnCMS allows remote attackers to execute arbitrary SQL commands via the username parameter to the _userLoggedIn function. NOTE: some of these details are obtained from third party information
|
29-09-2017 - 01:33 | 24-02-2009 - 18:30 | |
CVE-2015-1044 | 3.3 |
vmware-authd (aka the Authorization process) in VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, and VMware ESXi 5.0 through 5.5 allows attackers to cause a host OS denial of service via unspecified vectors.
|
08-09-2017 - 01:29 | 29-01-2015 - 18:59 | |
CVE-2012-1617 | 6.4 |
Directory traversal vulnerability in combine.php in OSClass before 2.3.6 allows remote attackers to read and write arbitrary files via a .. (dot dot) in the type parameter. NOTE: this vulnerability can be leveraged to upload arbitrary files.
|
29-08-2017 - 01:31 | 26-09-2012 - 00:55 | |
CVE-2007-1991 | 4.3 |
Cross-site scripting (XSS) vulnerability in mail/signup.asp in CmailServer WebMail 5.4.3, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the Comment parameter, a different vector than CVE-2007-1927.
|
29-07-2017 - 01:31 | 12-04-2007 - 10:19 | |
CVE-2007-2012 | 5.8 |
Multiple directory traversal vulnerabilities in MimarSinan CompreXX 4.1 allow remote attackers to create files in arbitrary directories via a .. (dot dot) in a (1) .rar, (2) .jar or (3) .zip archive.
|
29-07-2017 - 01:31 | 12-04-2007 - 19:19 | |
CVE-2007-1905 | 4.3 |
Cross-site scripting (XSS) vulnerability in auth.php in Pineapple Technologies QuizShock 1.6.1 and earlier allows remote attackers to inject arbitrary web script or HTML via encoded special characters in the forward_to parameter, as demonstrated usin
|
29-07-2017 - 01:31 | 10-04-2007 - 23:19 | |
CVE-2005-0225 | 2.1 |
firehol.sh in FireHOL before 1.224 creates temporary files with predictable file names, which could allow local users to overwrite arbitrary files via a symlink attack.
|
11-07-2017 - 01:32 | 02-05-2005 - 04:00 | |
CVE-2001-0200 | 5.0 |
HSWeb 2.0 HTTP server allows remote attackers to obtain the physical path of the server via a request to the /cgi/ directory, which will list the path if directory browsing is enabled.
|
05-09-2008 - 20:23 | 03-05-2001 - 04:00 |