Max CVSS | 10.0 | Min CVSS | 3.5 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2007-4965 | 5.8 |
Multiple integer overflows in the imageop module in Python 2.5.1 and earlier allow context-dependent attackers to cause a denial of service (application crash) and possibly obtain sensitive information (memory contents) via crafted arguments to (1) t
|
02-08-2023 - 18:52 | 18-09-2007 - 22:17 | |
CVE-2007-2834 | 9.3 |
Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which
|
07-02-2022 - 17:16 | 18-09-2007 - 21:17 | |
CVE-2007-3010 | 10.0 |
masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server R7.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the user parameter during a ping action.
|
16-10-2018 - 16:46 | 18-09-2007 - 21:17 | |
CVE-2007-0324 | 7.5 |
Multiple buffer overflows in the LizardTech DjVu Browser Plug-in before 6.1.1 allow remote attackers to execute arbitrary code via unspecified vectors.
|
16-10-2018 - 16:32 | 15-02-2007 - 23:28 | |
CVE-2007-4977 | 3.5 |
Cross-site scripting (XSS) vulnerability in mode.php in Coppermine Photo Gallery (CPG) 1.4.12 and earlier allows remote attackers to inject arbitrary web script or HTML via the referer parameter.
|
15-10-2018 - 21:39 | 19-09-2007 - 18:17 | |
CVE-2007-4976 | 6.5 |
Directory traversal vulnerability in viewlog.php in Coppermine Photo Gallery (CPG) 1.4.12 and earlier allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the log parameter.
|
15-10-2018 - 21:39 | 19-09-2007 - 18:17 | |
CVE-2007-4975 | 4.3 |
Cross-site scripting (XSS) vulnerability in hilfe.php in b1gMail 6.3.1 allows remote attackers to inject arbitrary web script or HTML via the chapter parameter.
|
15-10-2018 - 21:39 | 19-09-2007 - 18:17 | |
CVE-2007-4916 | 10.0 |
Heap-based buffer overflow in the FileFind::FindFile method in (1) MFC42.dll, (2) MFC42u.dll, (3) MFC71.dll, and (4) MFC71u.dll in Microsoft Foundation Class (MFC) Library 8.0, as used by the ListFiles method in hpqutil.dll 2.0.0.138 in Hewlett-Packa
|
15-10-2018 - 21:38 | 17-09-2007 - 17:17 | |
CVE-2015-3391 | 5.0 |
The Path Breadcrumbs module before 7.x-3.2 for Drupal allows remote attackers to bypass intended access restrictions and obtain sensitive node titles by reading a 403 Not Found page.
|
07-04-2018 - 01:29 | 21-04-2015 - 18:59 | |
CVE-2017-10273 | 3.7 |
Vulnerability in the Oracle JDeveloper component of Oracle Fusion Middleware (subcomponent: Deployment). Supported versions that are affected are 11.1.1.7.0, 11.1.1.7.1, 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0 and 12.2.1.2.0. Difficult to exploit vulnerab
|
25-01-2018 - 13:52 | 18-01-2018 - 02:29 | |
CVE-2007-4954 | 6.8 |
PHP remote file inclusion vulnerability in admin.joom12pic.php in the joom12Pic (com_joom12pic) 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter.
|
29-09-2017 - 01:29 | 18-09-2007 - 20:17 | |
CVE-2007-4933 | 7.5 |
Direct static code injection vulnerability in includes/admin/sub/conf_appearence.php in Shop-Script FREE 2.0 and earlier allows remote attackers to inject arbitrary PHP code into cfg/appearence.inc.php via a save_appearence action in admin.php, as de
|
29-09-2017 - 01:29 | 18-09-2007 - 18:17 | |
CVE-2007-4952 | 7.5 |
SQL injection vulnerability in article.php in OmniStar Article Manager allows remote attackers to execute arbitrary SQL commands via the page_id parameter in a favorite op action, a different vector than CVE-2006-5917.
|
29-09-2017 - 01:29 | 18-09-2007 - 20:17 | |
CVE-2007-4932 | 7.5 |
admin.php in Shop-Script FREE 2.0 and earlier sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to access the admin panel.
|
29-09-2017 - 01:29 | 18-09-2007 - 18:17 | |
CVE-2008-6325 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in Softbiz Classifieds Script allow remote attackers to inject arbitrary web script or HTML via the (1) radio parameter to showcategory.php, (2) msg parameter to advertisers/signinform.php, (3) radi
|
17-08-2017 - 01:29 | 27-02-2009 - 11:30 | |
CVE-2006-0575 | 5.0 |
convert-fcrontab in Fcron 2.9.5 and 3.0.0 allows remote attackers to create or overwrite arbitrary files via ".." sequences and a symlink attack on the temporary file that is used during conversion.
|
20-07-2017 - 01:29 | 07-02-2006 - 20:02 | |
CVE-2001-0419 | 7.5 |
Buffer overflow in shared library ndwfn4.so for iPlanet Web Server (iWS) 4.1, when used as a web listener for Oracle application server 4.0.8.2, allows remote attackers to execute arbitrary commands via a long HTTP request that is passed to the appli
|
18-10-2016 - 02:11 | 02-07-2001 - 04:00 |