| Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2007-0601 | 7.5 |
common/safety.php in Aztek Forum 4.00 allows remote attackers to enter certain data containing %22 sequences (URL encoded double quotes) and other potentially dangerous manipulations by sending a cookie, which bypasses the blacklist matching against
|
16-10-2018 - 16:33 | 30-01-2007 - 18:28 | |
| CVE-2007-0599 | 7.5 |
Variable overwrite vulnerability in common/config.php in Aztek Forum 4.00 allows remote attackers to overwrite arbitrary program variables and conduct other unauthorized activities, such as copying arbitrary files using index/common_actions.php, via
|
16-10-2018 - 16:33 | 30-01-2007 - 18:28 | |
| CVE-2007-0598 | 7.5 |
SQL injection vulnerability in forum/load.php in Aztek Forum 4.00 allows remote attackers to execute arbitrary SQL commands via the fid cookie to forum.php.
|
16-10-2018 - 16:33 | 30-01-2007 - 18:28 | |
| CVE-2007-0597 | 5.0 |
Aztek Forum 4.00 allows remote attackers to obtain sensitive information via a direct request to forum.php with the fid=XD query string, which reveals the path in an error message.
|
16-10-2018 - 16:33 | 30-01-2007 - 18:28 | |
| CVE-2007-0596 | 6.0 |
PHP remote file inclusion vulnerability in index/main.php in Aztek Forum 4.00 allows remote authenticated administrators to execute arbitrary PHP code via a URL in the PF[top_url] parameter.
|
16-10-2018 - 16:33 | 30-01-2007 - 18:28 |