Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2002-0150 | 7.5 |
Buffer overflow in Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to spoof the safety check for HTTP headers and cause a denial of service or execute arbitrary code via HTTP header field values.
|
23-11-2020 - 19:49 | 22-04-2002 - 04:00 | |
CVE-2007-1234 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in sitex allow remote attackers to inject arbitrary web script or HTML via (1) the sxYear parameter to calendar.php, (2) the search parameter to search.php, (3) the linkid parameter to redirect.php,
|
16-10-2018 - 16:37 | 03-03-2007 - 19:19 | |
CVE-2007-1061 | 6.8 |
SQL injection vulnerability in index.php in Francisco Burzi PHP-Nuke 8.0 Final and earlier, when the "HTTP Referers" block is enabled, allows remote attackers to execute arbitrary SQL commands via the HTTP Referer header (HTTP_REFERER variable).
|
16-10-2018 - 16:36 | 22-02-2007 - 00:28 | |
CVE-2007-0889 | 4.6 |
Kiwi CatTools before 3.2.0 beta uses weak encryption ("reversible encoding") for passwords, account names, and IP addresses in kiwidb-cattools.kdb, which might allow local users to gain sensitive information by decrypting the file. NOTE: this issue
|
16-10-2018 - 16:35 | 12-02-2007 - 23:28 | |
CVE-2007-0888 | 10.0 |
Directory traversal vulnerability in the TFTP server in Kiwi CatTools before 3.2.0 beta allows remote attackers to read arbitrary files, and upload files to arbitrary locations, via ..// (dot dot) sequences in the pathname argument to an FTP (1) GET
|
16-10-2018 - 16:35 | 12-02-2007 - 23:28 | |
CVE-2007-0866 | 6.8 |
Unspecified vulnerability in HP OpenView Storage Data Protector on HP-UX B.11.00, B.11.11, or B.11.23 allows local users to execute arbitrary code via unknown vectors.
|
16-10-2018 - 16:34 | 09-02-2007 - 01:28 | |
CVE-2007-0864 | 7.5 |
SQL injection vulnerability in register.php in LushiWarPlaner 1.0 allows remote attackers to inject arbitrary SQL commands via the id parameter.
|
19-10-2017 - 01:30 | 09-02-2007 - 01:28 | |
CVE-2007-0887 | 7.8 |
axigen 1.2.6 through 2.0.0b1 does not properly parse login credentials, which allows remote attackers to cause a denial of service (NULL dereference and application crash) via a base64-encoded "*\x00" sequence on the imap port (143/tcp).
|
19-10-2017 - 01:30 | 12-02-2007 - 23:28 | |
CVE-2007-0847 | 7.5 |
SQL injection vulnerability in mod/PM/reply.php in Open Tibia Server CMS (OTSCMS) 2.1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter to priv.php.
|
19-10-2017 - 01:30 | 08-02-2007 - 18:28 | |
CVE-2007-0669 | 4.6 |
Unspecified vulnerability in Twiki 4.0.0 through 4.1.0 allows local users to execute arbitrary Perl code via unknown vectors related to CGI session files.
|
29-07-2017 - 01:30 | 08-02-2007 - 22:28 |