| Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2004-1852 | 5.0 |
DameWare Mini Remote Control 3.x before 3.74 and 4.x before 4.2 transmits the Blowfish encryption key in plaintext, which allows remote attackers to gain sensitive information.
|
25-01-2024 - 20:57 | 23-03-2004 - 05:00 | |
| CVE-2007-5576 | 6.8 |
BEA Tuxedo 8.0 before RP392 and 8.1 before RP293, and WebLogic Enterprise 5.1 before RP174, echo the password in cleartext, which allows physically proximate attackers to obtain sensitive information via the (1) cnsbind, (2) cnsunbind, or (3) cnsls c
|
30-10-2018 - 16:25 | 18-10-2007 - 21:17 | |
| CVE-2007-4873 | 5.0 |
SimpNews 2.41.03 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download arbitrary .inc files via a direct request, as demonstrated by admin/includes/dbtables.inc.
|
15-10-2018 - 21:38 | 27-09-2007 - 19:17 | |
| CVE-2007-1790 | 6.8 |
Multiple PHP remote file inclusion vulnerabilities in Kaqoo Auction Software Free Edition allow remote attackers to execute arbitrary PHP code via a URL in the install_root parameter to (1) support.inc.php, (2) function.inc.php, (3) rdal_object.inc.p
|
11-10-2017 - 01:31 | 31-03-2007 - 10:19 | |
| CVE-2004-1851 | 7.5 |
Dameware Mini Remote Control 4.1.0.0 uses insufficiently random data to create the encryption key, which makes it easier for remote attackers to obtain sensitive information via brute force guessing.
|
11-07-2017 - 01:31 | 24-03-2004 - 05:00 |