Max CVSS | 10.0 | Min CVSS | 5.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2007-0383 | 5.0 |
WDaemon 9.5.4 allows remote attackers to access the /WorldClient.dll URI on TCP port 3000, which has unknown impact. NOTE: The researcher reports that the vendor response was "this is not a security bug.
|
11-04-2024 - 00:41 | 19-01-2007 - 23:28 | |
CVE-2007-0373 | 6.8 |
Multiple SQL injection vulnerabilities in Joomla! 1.5.0 Beta allow remote attackers to execute arbitrary SQL commands via (1) the searchword parameter in certain files; the where parameter in (2) plugins/search/content.php or (3) plugins/search/webli
|
16-10-2018 - 16:32 | 19-01-2007 - 23:28 | |
CVE-2007-0372 | 7.5 |
Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 7.9 allow remote attackers to execute arbitrary SQL commands via (1) the active parameter in admin/modules/modules.php; the (2) ad_class, (3) imageurl, (4) clickurl, (5) ad_code, or (
|
16-10-2018 - 16:32 | 19-01-2007 - 23:28 | |
CVE-2007-0377 | 7.5 |
Multiple SQL injection vulnerabilities in Xoops 2.0.16 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in kernel/group.php in core, (2) the lid parameter in class/table_broken.php in the Weblinks module, and other un
|
16-10-2018 - 16:32 | 19-01-2007 - 23:28 | |
CVE-2007-0375 | 5.0 |
Joomla! 1.5.0 Beta allows remote attackers to obtain sensitive information via a direct request for (1) plugins/user/example.php; (2) gmail.php, (3) example.php, or (4) ldap.php in plugins/authentication/; (5) modules/mod_mainmenu/menu.php; or other
|
16-10-2018 - 16:32 | 19-01-2007 - 23:28 | |
CVE-2007-0382 | 7.5 |
Multiple SQL injection vulnerabilities in letterman.class.php in the Letterman 1.2.3 (com_letterman) component for Joomla! before 1.0.12 allow remote attackers to execute arbitrary SQL commands via the id parameter, related to the (1) lm_sendMail, (2
|
16-10-2018 - 16:32 | 19-01-2007 - 23:28 | |
CVE-2007-0374 | 7.5 |
SQL injection vulnerability in (1) Joomla! 1.0.11 and 1.5 Beta, and (2) Mambo 4.6.1, allows remote attackers to execute arbitrary SQL commands via the id parameter when cancelling content editing.
|
16-10-2018 - 16:32 | 19-01-2007 - 23:28 | |
CVE-2007-0376 | 6.8 |
Cross-site scripting (XSS) vulnerability in Virtuemart 1.0.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
16-10-2018 - 16:32 | 19-01-2007 - 23:28 | |
CVE-2007-0387 | 7.5 |
SQL injection vulnerability in models/category.php in the Weblinks component for Joomla! SVN 20070118 (com_weblinks) allows remote attackers to execute arbitrary SQL commands via the catid parameter.
|
16-10-2018 - 16:32 | 19-01-2007 - 23:28 | |
CVE-2006-6945 | 7.5 |
SQL injection vulnerability in Virtuemart 1.0.7 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, probably related to (1) Itemid, (2) product_id, and category_id parameters as handled in virtuemart_parser.php.
|
16-10-2018 - 16:29 | 19-01-2007 - 23:28 | |
CVE-2007-0381 | 7.5 |
Multiple SQL injection vulnerabilities in ATutor 1.5.3.2 allow remote attackers to execute arbitrary SQL commands via unspecified parameters. NOTE: CVE analysis suggests that the vendor fixed these issues.
|
13-11-2008 - 06:31 | 19-01-2007 - 23:28 | |
CVE-2007-0385 | 7.8 |
The faq section in PostNuke 0.764 allows remote attackers to obtain sensitive information (the full path) via "unvalidated output" in FAQ/index.php, possibly involving an undefined id_cat variable.
|
13-11-2008 - 06:31 | 19-01-2007 - 23:28 | |
CVE-2007-0386 | 10.0 |
Unspecified vulnerability in the rating section in PostNuke 0.764 has unknown impact and attack vectors, related to "an interesting bug."
|
13-11-2008 - 06:31 | 19-01-2007 - 23:28 | |
CVE-2007-0384 | 5.1 |
Cross-site scripting (XSS) vulnerability in preview in the reviews section in PostNuke 0.764 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
13-11-2008 - 06:31 | 19-01-2007 - 23:28 | |
CVE-2007-0378 | 7.5 |
Multiple SQL injection vulnerabilities in DocMan 1.3 RC2 allow attackers to execute arbitrary SQL commands via unspecified vectors.
|
13-11-2008 - 06:31 | 19-01-2007 - 23:28 | |
CVE-2007-0380 | 5.0 |
DocMan 1.3 RC2 allows remote attackers to obtain sensitive information (the full path) via unspecified vectors.
|
13-11-2008 - 06:31 | 19-01-2007 - 23:28 | |
CVE-2007-0379 | 6.8 |
Cross-site scripting (XSS) vulnerability in DocMan 1.3 RC2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
13-11-2008 - 06:31 | 19-01-2007 - 23:28 |