| Max CVSS | 10.0 | Min CVSS | 3.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2007-1345 | 4.1 |
Unspecified vulnerability in cube.exe in the GINA component for CA (Computer Associates) eTrust Admin 8.1.0 through 8.1.2 allows attackers with physical interactive or Remote Desktop access to bypass authentication and gain privileges via the passwor
|
09-04-2021 - 13:51 | 10-03-2007 - 19:19 | |
| CVE-2008-4480 | 10.0 |
Heap-based buffer overflow in dhost.exe in Novell eDirectory 8.x before 8.8.3, and 8.7.3 before 8.7.3.10 ftf1, allows remote attackers to execute arbitrary code via a crafted Netware Core Protocol opcode 0x24 message that triggers a calculation error
|
02-11-2018 - 13:07 | 14-10-2008 - 22:36 | |
| CVE-2007-5400 | 9.3 |
Heap-based buffer overflow in the Shockwave Flash (SWF) frame handling in RealNetworks RealPlayer 10.5 Build 6.0.12.1483 might allow remote attackers to execute arbitrary code via a crafted SWF file.
|
30-10-2018 - 16:25 | 28-07-2008 - 17:41 | |
| CVE-2006-0530 | 5.0 |
Computer Associates (CA) Message Queuing (CAM / CAFT) before 1.07 Build 220_16 and 1.11 Build 29_20, as used in multiple CA products, allows remote attackers to cause a denial of service via spoofed CAM control messages.
|
19-10-2018 - 15:45 | 02-02-2006 - 20:06 | |
| CVE-2006-4209 | 7.5 |
PHP remote file inclusion vulnerability in install3.php in WEBInsta Mailing List Manager 1.3e allows remote attackers to execute arbitrary PHP code via a URL in the cabsolute_path parameter.
|
17-10-2018 - 21:34 | 17-08-2006 - 21:04 | |
| CVE-2007-6173 | 4.3 |
Cross-site scripting (XSS) vulnerability in c/portal/login in Liferay Enterprise Portal 4.3.1 allows remote attackers to inject arbitrary web script or HTML via the emailAddress parameter in a Send New Password action, a different vector than CVE-200
|
15-10-2018 - 21:50 | 30-11-2007 - 00:46 | |
| CVE-2008-3347 | 7.5 |
SQL injection vulnerability in staticpages/easycalendar/index.php in MyioSoft EasyDynamicPages 3.0 trial edition (tr) allows remote attackers to execute arbitrary SQL commands via the read parameter.
|
11-10-2018 - 20:48 | 28-07-2008 - 16:41 | |
| CVE-2008-3348 | 4.3 |
Cross-site scripting (XSS) vulnerability in staticpages/easycalendar/index.php in MyioSoft EasyDynamicPages 3.0 trial edition (tr) allows remote attackers to inject arbitrary web script or HTML via the year parameter.
|
11-10-2018 - 20:48 | 28-07-2008 - 16:41 | |
| CVE-2008-3315 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.8.10 allow remote attackers to inject arbitrary web script or HTML via the (1) query string to (a) announcements/messages.php; (b) lostPassword.php and (c) profile.php in auth/; (d) c
|
11-10-2018 - 20:47 | 25-07-2008 - 16:41 | |
| CVE-2008-3311 | 7.5 |
PHP remote file inclusion vulnerability in config.php in Adam Scheinberg Flip 3.0 allows remote attackers to execute arbitrary PHP code via a URL in the incpath parameter.
|
11-10-2018 - 20:47 | 25-07-2008 - 16:41 | |
| CVE-2008-3314 | 5.0 |
ZDaemon 1.08.07 and earlier allows remote attackers to cause a denial of service (daemon crash) via a crafted type 6 command, which triggers a NULL pointer dereference.
|
11-10-2018 - 20:47 | 25-07-2008 - 16:41 | |
| CVE-2008-3331 | 3.5 |
Cross-site scripting (XSS) vulnerability in return_dynamic_filters.php in Mantis before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the filter_target parameter. http://marc.info/?l=bugtraq&m=121130774617956&w=4
"We hav
|
29-09-2017 - 01:31 | 27-07-2008 - 23:41 | |
| CVE-2008-3346 | 7.5 |
SQL injection vulnerability in product_detail.php in ShopCart DX allows remote attackers to execute arbitrary SQL commands via the pid parameter.
|
29-09-2017 - 01:31 | 28-07-2008 - 16:41 | |
| CVE-2008-3332 | 6.5 |
Eval injection vulnerability in adm_config_set.php in Mantis before 1.1.2 allows remote authenticated administrators to execute arbitrary code via the value parameter.
|
29-09-2017 - 01:31 | 27-07-2008 - 23:41 | |
| CVE-2008-3317 | 7.5 |
admin/index.php in Maian Search 1.1 and earlier allows remote attackers to bypass authentication and gain administrative access by sending an arbitrary search_cookie cookie.
|
29-09-2017 - 01:31 | 25-07-2008 - 16:41 | |
| CVE-2008-3355 | 7.5 |
SQL injection vulnerability in sitemap.xml.php in Camera Life 2.6.2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a photos action.
|
29-09-2017 - 01:31 | 28-07-2008 - 17:41 | |
| CVE-2011-3579 | 6.4 |
server/webmail.php in IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service (CPU and memory consumption), via an XML exte
|
29-08-2017 - 01:30 | 30-09-2011 - 17:55 | |
| CVE-2011-3580 | 5.0 |
IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote attackers to obtain configuration information via a direct request to the /server URI, which triggers a call to the phpinfo function.
|
29-08-2017 - 01:30 | 30-09-2011 - 17:55 | |
| CVE-2008-3345 | 6.8 |
SQL injection vulnerability in staticpages/easyecards/index.php in MyioSoft EasyE-Cards 3.5 trial edition (tr) and 3.10a, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the sid parameter in a pickup a
|
08-08-2017 - 01:31 | 28-07-2008 - 16:41 | |
| CVE-2008-3344 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in staticpages/easyecards/index.php in MyioSoft EasyE-Cards 3.5 trial edition (tr) and 3.10a allow remote attackers to inject arbitrary web script or HTML via the (1) ResultHtml, (2) dir, (3) Sender
|
08-08-2017 - 01:31 | 28-07-2008 - 16:41 |