Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2007-1050 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in index.php in AbleDesign MyCalendar allow remote attackers to inject arbitrary web script or HTML via (1) the go parameter, (2) the keyword parameter in the search menu (go=search), or (3) the use
|
16-10-2018 - 16:36 | 21-02-2007 - 23:28 | |
CVE-2007-0927 | 7.5 |
Heap-based buffer overflow in uTorrent 1.6 allows remote attackers to execute arbitrary code via a torrent file with a crafted announce header.
|
16-10-2018 - 16:35 | 14-02-2007 - 11:28 | |
CVE-2007-0928 | 5.0 |
Virtual Calendar stores sensitive information under the web root with insufficient access control, which allows remote attackers to download an encoded password via a direct request for pwd.txt.
|
16-10-2018 - 16:35 | 14-02-2007 - 11:28 | |
CVE-2007-0932 | 7.5 |
The (1) Aruba Mobility Controllers 200, 600, 2400, and 6000 and (2) Alcatel-Lucent OmniAccess Wireless 43xx and 6000 do not properly implement authentication and privilege assignment for the guest account, which allows remote attackers to access admi
|
16-10-2018 - 16:35 | 14-02-2007 - 11:28 | |
CVE-2007-0931 | 7.5 |
Heap-based buffer overflow in the management interfaces in (1) Aruba Mobility Controllers 200, 800, 2400, and 6000 and (2) Alcatel-Lucent OmniAccess Wireless 43xx and 6000 allows remote attackers to cause a denial of service (process crash) and possi
|
16-10-2018 - 16:35 | 14-02-2007 - 11:28 | |
CVE-2007-0871 | 7.5 |
Unrestricted file upload vulnerability in eXtremePow eXtreme File Hosting allows remote attackers to upload arbitrary PHP code via a filename with a double extension such as (1) .rar.php or (2) .zip.php.
|
16-10-2018 - 16:34 | 12-02-2007 - 19:28 | |
CVE-2007-0651 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Professional before 2.37 allow remote attackers to inject arbitrary Javascript script via (1) e-mail messages and (2) the ID parameter to (a) right.asp, (b) Forms/MAI/list.asp, and (c)
|
16-10-2018 - 16:33 | 15-02-2007 - 23:28 | |
CVE-2007-0949 | 10.0 |
Stack-based buffer overflow in iTinySoft Studio Total Video Player 1.03, and possibly earlier, allows remote attackers to execute arbitrary code via a M3U playlist file that contains a long file name. NOTE: it was later reported that 1.20 and 1.30 ar
|
11-10-2017 - 01:31 | 15-02-2007 - 02:28 | |
CVE-2007-0952 | 6.8 |
Multiple cross-site scripting (XSS) vulnerabilities in Scriptsez.net Virtual Calendar allow remote attackers to inject arbitrary web script or HTML via the (1) t and (2) yr parameters, and the (3) sho parameter when the m parameter is outside the int
|
29-07-2017 - 01:30 | 15-02-2007 - 02:28 | |
CVE-2007-0915 | 10.0 |
Distributed SLS daemon (SLSd) on HP-UX B.11.11 allows remote attackers to overwrite arbitrary files and gain privileges via a crafted RPC request. See HP's advisory.
|
29-07-2017 - 01:30 | 14-02-2007 - 02:28 | |
CVE-2004-0073 | 7.5 |
PHP remote file inclusion vulnerability in (1) config.php and (2) config_page.php for EasyDynamicPages 2.0 allows remote attackers to execute arbitrary PHP code by modifying the edp_relative_path parameter to reference a URL on a remote web server th
|
11-07-2017 - 01:29 | 17-02-2004 - 05:00 |