| Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-1145 | 6.5 |
Format string vulnerability in the safe_cprintf function in acebot_cmds.c in Alien Arena 2006 Gold Edition 5.00 allows remote attackers (possibly authenticated) to execute arbitrary code via unspecified vectors when the server sends crafted messages
|
18-10-2018 - 16:30 | 10-03-2006 - 11:02 | |
| CVE-2007-3426 | 4.3 |
Cross-site scripting (XSS) vulnerability in index.php in phpTrafficA 1.4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the lang parameter.
|
16-10-2018 - 16:49 | 27-06-2007 - 00:30 | |
| CVE-2007-3427 | 7.5 |
SQL injection vulnerability in index.php in phpTrafficA 1.4.2 and earlier allows remote attackers to execute arbitrary SQL commands via the pageid parameter in a stats action.
|
16-10-2018 - 16:49 | 27-06-2007 - 00:30 | |
| CVE-2007-3425 | 5.0 |
Directory traversal vulnerability in index.php in phpTrafficA 1.4.2 and earlier allows remote attackers to include arbitrary local files via the lang parameter, a different vector and version than CVE-2007-1076.2.
|
16-10-2018 - 16:49 | 27-06-2007 - 00:30 | |
| CVE-2007-3647 | 10.0 |
The isloggedin function in Php/login.inc.php in phpTrafficA 1.4.3 and earlier allows remote attackers to bypass authentication and obtain administrative access by setting the username cookie to "traffic." NOTE: some of these details are obtained from
|
15-10-2018 - 21:29 | 10-07-2007 - 17:30 | |
| CVE-2007-3360 | 9.3 |
hook.c in BitchX 1.1-final allows remote IRC servers to execute arbitrary commands by sending a client certain data containing NICK and EXEC strings, which exceeds the bounds of a hash table, and injects an EXEC hook function that receives and execut
|
11-10-2017 - 01:32 | 22-06-2007 - 18:30 | |
| CVE-2007-1556 | 7.5 |
SQL injection vulnerability in kommentare.php in Creative Files 1.2 allows remote attackers to execute arbitrary SQL commands via the dlid parameter.
|
11-10-2017 - 01:31 | 21-03-2007 - 01:19 | |
| CVE-2007-4210 | 7.5 |
Multiple SQL injection vulnerabilities in module.php in LANAI (la-nai) CMS 1.2.14 allow remote attackers to execute arbitrary SQL commands via (1) the mid parameter in an faqviewgroup action in the FAQ Modules, (2) the cid parameter in the EZSHOPINGC
|
29-07-2017 - 01:32 | 08-08-2007 - 02:17 | |
| CVE-2004-0047 | 4.6 |
Multiple programs in trr19 1.0 do not properly drop privileges before executing a system command, which could allow local users to gain privileges.
|
11-07-2017 - 01:29 | 03-03-2004 - 05:00 | |
| CVE-2009-1008 | 4.4 |
Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML, a different vulnerability than CVE-2009-1010.
|
22-11-2016 - 16:13 | 15-04-2009 - 10:30 | |
| CVE-2007-3299 | 4.3 |
Cross-site scripting (XSS) vulnerability in AWFFull before 3.7.4, when AllSearchStr (aka the All Search Terms report) is enabled, allows remote attackers to inject arbitrary web script or HTML via a search string.
|
08-03-2011 - 02:56 | 20-06-2007 - 22:30 | |
| CVE-2007-3130 | 6.8 |
Multiple PHP remote file inclusion vulnerabilities in the OpenWiki (formerly JD-Wiki) component (com_jd-wiki) 1.0.2, and possibly earlier, for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path param
|
15-11-2008 - 06:51 | 08-06-2007 - 16:30 |