| Max CVSS | 10.0 | Min CVSS | 4.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2007-0882 | 10.0 |
Argument injection vulnerability in the telnet daemon (in.telnetd) in Solaris 10 and 11 (SunOS 5.10 and 5.11) misinterprets certain client "-f" sequences as valid requests for the login program to skip authentication, which allows remote attackers to
|
14-02-2024 - 14:56 | 12-02-2007 - 20:28 | |
| CVE-2007-3387 | 6.8 |
Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute
|
13-02-2023 - 02:17 | 30-07-2007 - 23:17 | |
| CVE-2017-16605 | 4.0 |
This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authenticati
|
09-10-2019 - 23:25 | 23-01-2018 - 01:29 | |
| CVE-2001-0593 | 5.0 |
Anaconda Partners Clipper 3.3 and earlier allows a remote attacker to read arbitrary files via a '..' (dot dot) attack in the template parameter.
|
16-11-2018 - 18:29 | 22-08-2001 - 04:00 | |
| CVE-2007-4115 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in IT!CMS (itcms) 0.2 allow remote attackers to inject arbitrary web script or HTML via the wndtitle parameter to (1) lang-en.php, (2) menu-ed.php, or (3) titletext-ed.php.
|
15-10-2018 - 21:33 | 31-07-2007 - 10:17 | |
| CVE-2007-4121 | 10.0 |
Multiple SQL injection vulnerabilities in admin.aspx in E-Commerce Scripts Shopping Cart Script, Multi-Vendor E-Shop Script, and Auction Script allow remote attackers to execute arbitrary SQL commands via the (1) EmailAdd (Username) and (2) Pass (pas
|
15-10-2018 - 21:33 | 01-08-2007 - 16:17 | |
| CVE-2007-4105 | 9.3 |
A certain ActiveX control in BaiduBar.dll in Baidu Soba Search Bar 5.4 allows remote attackers to execute arbitrary code via a request containing "a link to download and a file to execute," possibly involving remote file inclusion.
|
15-10-2018 - 21:33 | 31-07-2007 - 10:17 | |
| CVE-2008-6809 | 7.5 |
SQL injection vulnerability in hotel_habitaciones.php in Venalsur Booking Centre Booking System for Hotels Group 2.01 allows remote attackers to execute arbitrary SQL commands via the HotelID parameter.
|
29-09-2017 - 01:33 | 18-05-2009 - 12:00 | |
| CVE-2007-4060 | 9.0 |
Multiple buffer overflows in the HttpSprockMake function in http.c in Frank Yaul corehttp 0.5.3alpha allow remote attackers to execute arbitrary code via a long string in the (1) method name or (2) URI in an HTTP request.
|
29-09-2017 - 01:29 | 30-07-2007 - 17:30 | |
| CVE-2007-4054 | 7.5 |
SQL injection vulnerability in category.php in PHP123 Top Sites allows remote attackers to execute arbitrary SQL commands via the cat parameter.
|
29-09-2017 - 01:29 | 30-07-2007 - 17:30 | |
| CVE-2007-4055 | 7.5 |
SQL injection vulnerability in comments_get.asp in SimpleBlog 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: this may be related to CVE-2006-4300.
|
29-09-2017 - 01:29 | 30-07-2007 - 17:30 | |
| CVE-2016-1458 | 9.0 |
The web-based GUI in Cisco Firepower Management Center 4.x and 5.x before 5.3.0.3, 5.3.1.x before 5.3.1.2, and 5.4.x before 5.4.0.1 and Cisco Adaptive Security Appliance (ASA) Software on 5500-X devices with FirePOWER Services 4.x and 5.x before 5.3.
|
28-11-2016 - 19:59 | 18-08-2016 - 19:59 |