Max CVSS | 7.8 | Min CVSS | 4.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2007-1345 | 4.1 |
Unspecified vulnerability in cube.exe in the GINA component for CA (Computer Associates) eTrust Admin 8.1.0 through 8.1.2 allows attackers with physical interactive or Remote Desktop access to bypass authentication and gain privileges via the passwor
|
09-04-2021 - 13:51 | 10-03-2007 - 19:19 | |
CVE-2007-1396 | 6.8 |
The import_request_variables function in PHP 4.0.7 through 4.4.6, and 5.x before 5.2.2, when called without a prefix, does not prevent the (1) GET, (2) POST, (3) COOKIE, (4) FILES, (5) SERVER, (6) SESSION, and other superglobals from being overwritte
|
30-10-2018 - 16:25 | 10-03-2007 - 22:19 | |
CVE-2007-1411 | 6.8 |
Buffer overflow in PHP 4.4.6 and earlier, and unspecified PHP 5 versions, allows local and possibly remote attackers to execute arbitrary code via long server name arguments to the (1) mssql_connect and (2) mssql_pconnect functions.
|
19-10-2018 - 18:18 | 10-03-2007 - 22:19 | |
CVE-2005-3192 | 7.5 |
Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libextractor allows remote attackers to execute arbitra
|
19-10-2018 - 15:35 | 08-12-2005 - 01:03 | |
CVE-2007-1389 | 7.5 |
dynaliens 2.0 and 2.1 allows remote attackers to bypass authentication and perform certain privileged actions via a direct request for (1) validlien.php3 (2) supprlien.php3 (3) supprub.php3 (4) validlien.php3 (5) confsuppr.php3 (6) modiflien.php3, or
|
16-10-2018 - 16:38 | 10-03-2007 - 22:19 | |
CVE-2007-1390 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in dynaliens 2.0 and 2.1 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) recherche.php3 or (2) ajouter.php3.
|
16-10-2018 - 16:38 | 10-03-2007 - 22:19 | |
CVE-2007-1395 | 4.3 |
Incomplete blacklist vulnerability in index.php in phpMyAdmin 2.8.0 through 2.9.2 allows remote attackers to conduct cross-site scripting (XSS) attacks by injecting arbitrary JavaScript or HTML in a (1) db or (2) table parameter value followed by an
|
16-10-2018 - 16:38 | 10-03-2007 - 22:19 | |
CVE-2007-1430 | 7.5 |
PHP remote file inclusion vulnerability in include/adodb-connection.inc.php in ClipShare 1.5.3 allows remote attackers to execute arbitrary PHP code via a URL in the cmd parameter.
|
16-10-2018 - 16:38 | 13-03-2007 - 01:19 | |
CVE-2007-1401 | 6.9 |
Buffer overflow in the crack extension (CrackLib), as bundled with PHP 4.4.6 and other versions before 5.0.0, might allow local users to gain privileges via a long argument to the crack_opendict function.
|
16-10-2018 - 16:38 | 10-03-2007 - 22:19 | |
CVE-2007-1429 | 7.5 |
Multiple PHP remote file inclusion vulnerabilities in Moodle 1.7.1 allow remote attackers to execute arbitrary PHP code via a URL in the cmd parameter to (1) admin/utfdbmigrate.php or (2) filter.php.
|
16-10-2018 - 16:38 | 13-03-2007 - 01:19 | |
CVE-2007-0928 | 5.0 |
Virtual Calendar stores sensitive information under the web root with insufficient access control, which allows remote attackers to download an encoded password via a direct request for pwd.txt.
|
16-10-2018 - 16:35 | 14-02-2007 - 11:28 | |
CVE-2007-5478 | 4.3 |
Cross-site scripting (XSS) vulnerability in projects in Nabh Stringbeans Portal (sbportal) 3.2 allows remote attackers to inject arbitrary web script or HTML via the project_name parameter.
|
15-10-2018 - 21:45 | 16-10-2007 - 23:17 | |
CVE-2011-1786 | 5.0 |
lsassd in Likewise Open /Enterprise 5.3 before build 7845, Open 6.0 before build 8325, and Enterprise 6.0 before build 178, as distributed in VMware ESXi 4.1 and ESX 4.1 and possibly other products, allows remote attackers to cause a denial of servic
|
09-10-2018 - 19:32 | 03-05-2011 - 22:55 | |
CVE-2011-1785 | 7.8 |
VMware ESXi 4.0 and 4.1 and ESX 4.0 and 4.1 allow remote attackers to cause a denial of service (socket exhaustion) via unspecified network traffic.
|
09-10-2018 - 19:32 | 03-05-2011 - 22:55 | |
CVE-2008-4043 | 7.5 |
Multiple SQL injection vulnerabilities in AJ Square AJ HYIP Acme allow remote attackers to execute arbitrary SQL commands via the artid parameter to (1) acme/article/comment.php and (2) prime/article/comment.php.
|
29-09-2017 - 01:31 | 11-09-2008 - 21:06 | |
CVE-2006-3668 | 7.6 |
Heap-based buffer overflow in the it_read_envelope function in Dynamic Universal Music Bibliotheque (DUMB) 0.9.3 and earlier and current CVS as of 20060716, including libdumb, allows user-assisted attackers to execute arbitrary code via a ".it" (Impu
|
20-07-2017 - 01:32 | 18-07-2006 - 15:47 |