| Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2007-0353 | 6.8 |
Cross-site scripting (XSS) vulnerability in (1) index.php and (2) login.php in myBloggie 2.1.5 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO string.
|
16-10-2018 - 16:32 | 19-01-2007 - 01:28 | |
| CVE-2007-0477 | 6.8 |
Cross-site scripting (XSS) vulnerability in Openads 2.0.x before 2.0.10, 2.3 before 2.3.31 (aka Max Media Manager before 0.3.31-alpha-pr2), and phpAdsNew/phpPgAds before 2.0.9-pr1 allows remote attackers to inject arbitrary web script or HTML via (1)
|
16-10-2018 - 16:32 | 25-01-2007 - 00:28 | |
| CVE-2007-0268 | 6.5 |
Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.5 have unknown impact and attack vectors related to (1) the Advanced Queuing component and sys.dbms_aqsys.dbms_aq privileges (DB01), (2) Advanced Replication and sys
|
16-10-2018 - 16:32 | 17-01-2007 - 02:28 | |
| CVE-2007-0226 | 7.5 |
SQL injection vulnerability in wbsearch.aspx in uniForum 4 and earlier allows remote attackers to execute arbitrary SQL commands via the "by User" field (aka the TXbyuser parameter).
|
16-10-2018 - 16:31 | 13-01-2007 - 02:28 | |
| CVE-2007-0276 | 6.8 |
Multiple unspecified vulnerabilities in Oracle Database 8.1.7.4 and 9.0.1.5 have unknown impact and attack vectors related to (1) Advanced Security Option and oklist or okdstry (DB10), (2) Oracle Net Services (DB13), and (3) Recovery Manager and okli
|
29-07-2017 - 01:30 | 17-01-2007 - 02:28 | |
| CVE-2007-0278 | 6.8 |
Multiple unspecified vulnerabilities in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.5 have unknown impact and attack vectors related to (1) NLS Runtime and lmsgen (DB12), and (2) Oracle Text and ctxkbtc (DB14).
|
29-07-2017 - 01:30 | 17-01-2007 - 02:28 | |
| CVE-2007-0407 | 6.8 |
Cross-site scripting (XSS) vulnerability in Operation/User.pm in Plain Black WebGUI before 7.3.5 (beta) allows remote attackers to inject arbitrary web script or HTML via the username parameter during anonymous registration, a different vector than C
|
29-07-2017 - 01:30 | 23-01-2007 - 00:28 | |
| CVE-2007-0362 | 6.8 |
Cross-site scripting (XSS) vulnerability in the RSS feed component in FreshReader before 1.0.07010600 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to tag attributes.
|
29-07-2017 - 01:30 | 19-01-2007 - 01:28 | |
| CVE-2003-1181 | 5.0 |
Advanced Poll 2.0.2 allows remote attackers to obtain sensitive information via an HTTP request to info.php, which invokes the phpinfo() function.
|
11-07-2017 - 01:29 | 25-10-2003 - 04:00 | |
| CVE-2007-1182 | 6.4 |
WebAPP before 0.9.9.5 allows remote Guest users to edit a Guest profile, which has unknown impact.
|
08-03-2011 - 02:51 | 02-03-2007 - 21:18 | |
| CVE-2006-6489 | 5.0 |
The SISCO OSI stack, as used in SISCO MMS-EASE, ICCP Toolkit for MMS-EASE, AX-S4 MMS and AX-S4 ICCP, and possibly other control system applications, allows remote attackers to cause a denial of service (application termination and restart) via malfor
|
08-03-2011 - 02:46 | 18-01-2007 - 02:28 |