Max CVSS | 7.8 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2007-0673 | 7.8 |
LGSERVER.EXE in BrightStor ARCserve Backup for Laptops & Desktops r11.1 allows remote attackers to cause a denial of service (daemon crash) via a value of 0xFFFFFFFF at a certain point in an authentication negotiation packet, which results in an out-
|
08-04-2021 - 13:31 | 03-02-2007 - 01:28 | |
CVE-2005-3991 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in phpMyChat 0.14.6 allow remote attackers to inject arbitrary web script or HTML via the medium parameter to (1) start_page.css.php and (2) style.css.php; or the From parameter to users_popupL.php.
|
19-10-2018 - 15:39 | 04-12-2005 - 23:03 | |
CVE-2006-3560 | 7.5 |
SQL injection vulnerability in topics.php in Blue Dojo Graffiti Forums 1.0 allows remote attackers to execute arbitrary SQL commands via the f parameter.
|
18-10-2018 - 16:47 | 13-07-2006 - 01:05 | |
CVE-2007-0795 | 7.5 |
Multiple PHP remote file inclusion vulnerabilities in Wap Portal Server 1.x allow remote attackers to execute arbitrary PHP code via a URL in the language parameter to (1) index.php and (2) admin/index.php.
|
16-10-2018 - 16:34 | 06-02-2007 - 19:28 | |
CVE-2007-0793 | 7.5 |
PHP remote file inclusion vulnerability in inc/common.php in GlobalMegaCorp dvddb 0.6 allows remote attackers to execute arbitrary PHP code via a URL in the config parameter.
|
16-10-2018 - 16:34 | 06-02-2007 - 19:28 | |
CVE-2007-0538 | 5.0 |
Telligent Community Server 2.1 and earlier allows remote attackers to cause a denial of service (bandwidth or thread consumption) via pingback service calls with a source URI that corresponds to (1) a large file, which triggers a long download sessio
|
16-10-2018 - 16:33 | 29-01-2007 - 17:28 | |
CVE-2007-0549 | 6.8 |
Cross-site scripting (XSS) vulnerability in list3.php in 212cafeBoard 6.30 Beta allows remote attackers to inject arbitrary web script or HTML via the user parameter.
|
16-10-2018 - 16:33 | 29-01-2007 - 17:28 | |
CVE-2007-0546 | 7.8 |
Toxiclab Shoutbox 1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for db.mdb.
|
16-10-2018 - 16:33 | 29-01-2007 - 17:28 | |
CVE-2007-0677 | 7.5 |
PHP remote file inclusion vulnerability in fw/class.Quick_Config_Browser.php in Cadre PHP Framework 20020724 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[config][framework_path] parameter.
|
16-10-2018 - 16:33 | 03-02-2007 - 01:28 | |
CVE-2007-0667 | 6.5 |
The redirect function in Form.pm for (1) LedgerSMB before 1.1.5 and (2) SQL-Ledger allows remote authenticated users to execute arbitrary code via redirects, related to callbacks, a different issue than CVE-2006-5872.
|
16-10-2018 - 16:33 | 02-02-2007 - 21:28 | |
CVE-2007-0545 | 7.8 |
Maxtricity Tagger 0.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for tagger.mdb.
|
16-10-2018 - 16:33 | 29-01-2007 - 17:28 | |
CVE-2007-0550 | 6.8 |
Cross-site scripting (XSS) vulnerability in search.php in 212cafeBoard 0.08 Beta allows remote attackers to inject arbitrary web script or HTML via keyword parameter.
|
16-10-2018 - 16:33 | 29-01-2007 - 17:28 | |
CVE-2007-0452 | 6.8 |
smbd in Samba 3.0.6 through 3.0.23d allows remote authenticated users to cause a denial of service (memory and CPU exhaustion) by renaming a file in a way that prevents a request from being removed from the deferred open queue, which triggers an infi
|
16-10-2018 - 16:32 | 06-02-2007 - 02:28 | |
CVE-2008-3936 | 7.8 |
The web interface in Dreambox DM500C allows remote attackers to cause a denial of service (application hang) via a long URI.
|
11-10-2018 - 20:50 | 05-09-2008 - 15:08 | |
CVE-2010-4793 | 7.5 |
SQL injection vulnerability in detail.asp in Site2Nite Auto e-Manager allows remote attackers to execute arbitrary SQL commands via the ID parameter.
|
17-08-2017 - 01:33 | 27-04-2011 - 00:55 | |
CVE-2007-0617 | 6.8 |
The SpamBlocker.dll ActiveX control in Earthlink TotalAccess is marked "safe for scripting," which allows remote attackers to add arbitrary e-mail addresses and domains to the spam blocker whitelist via the (1) AddSenderToWhitelist and (2) AddDomainT
|
29-07-2017 - 01:30 | 31-01-2007 - 11:28 |