| Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2007-1053 | 10.0 |
Multiple PHP remote file inclusion vulnerabilities in phpXmms 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the tcmdp parameter to (1) phpxmmsb.php or (2) phpxmmst.php. NOTE: this issue has been disputed by a reliable third p
|
07-08-2024 - 13:15 | 21-02-2007 - 23:28 | |
| CVE-2007-2859 | 7.5 |
Multiple PHP remote file inclusion vulnerabilities in SimpGB 1.46.0 allow remote attackers to execute arbitrary PHP code via a URL in the path_simpgb parameter to (1) guestbook.php, (2) search.php, (3) mailer.php, (4) avatars.php, (5) ccode.php, (6)
|
14-02-2024 - 01:17 | 24-05-2007 - 19:30 | |
| CVE-2007-2857 | 7.5 |
PHP remote file inclusion vulnerability in sample/xls2mysql in ABC Excel Parser Pro 4.0 allows remote attackers to execute arbitrary PHP code via a URL in the parser_path parameter.
|
14-02-2024 - 01:17 | 24-05-2007 - 19:30 | |
| CVE-2007-2861 | 7.5 |
Multiple PHP remote file inclusion vulnerabilities in Simple Accessible XHTML Online News (SAXON) 4.6 allow remote attackers to execute arbitrary PHP code via a URL in the template parameter to (1) news.php, (2) preview.php, or (3) archive-display.ph
|
14-02-2024 - 01:17 | 24-05-2007 - 19:30 | |
| CVE-2008-4127 | 4.3 |
Mshtml.dll in Microsoft Internet Explorer 7 Gold 7.0.5730 and 8 Beta 8.0.6001 on Windows XP SP2 allows remote attackers to cause a denial of service (failure of subsequent image rendering) via a crafted PNG file, related to an infinite loop in the CD
|
23-07-2021 - 15:12 | 18-09-2008 - 17:59 | |
| CVE-2006-3842 | 4.3 |
Cross-site scripting (XSS) vulnerability in Zoho Virtual Office 3.2 Build 3210 allows remote attackers to execute arbitrary web script or HTML via an HTML message.
|
17-10-2018 - 21:31 | 25-07-2006 - 23:04 | |
| CVE-2007-2880 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in Digirez 3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) Room_name parameter to room/info_book.asp or the (2) curYear parameter to room/week.asp.
|
16-10-2018 - 16:46 | 29-05-2007 - 20:30 | |
| CVE-2007-2879 | 4.3 |
Cross-site scripting (XSS) vulnerability in mods.php in GTP GNUTurk Portal System 3G allows remote attackers to inject arbitrary web script or HTML via the month parameter.
|
16-10-2018 - 16:46 | 29-05-2007 - 20:30 | |
| CVE-2007-2858 | 6.5 |
SQL injection vulnerability in the IP-Search functionality in the IP-Tracking Mod for phpBB 2.0.x allows remote authenticated administrators to execute arbitrary SQL commands via the Search Query field.
|
16-10-2018 - 16:45 | 24-05-2007 - 19:30 | |
| CVE-2007-2860 | 6.5 |
user.php in BoastMachine 3.0 platinum allows remote authenticated users to gain privileges via a modified id parameter, as demonstrated by an edit_post action.
|
16-10-2018 - 16:45 | 24-05-2007 - 19:30 | |
| CVE-2007-2852 | 9.3 |
Multiple stack-based buffer overflows in ESET NOD32 Antivirus before 2.70.37.0 allow remote attackers to execute arbitrary code during (1) delete/disinfect or (2) rename operations via a crafted directory name.
|
16-10-2018 - 16:45 | 24-05-2007 - 19:30 | |
| CVE-2007-2862 | 7.5 |
Multiple SQL injection vulnerabilities in CubeCart 3.0.16 might allow remote attackers to execute arbitrary SQL commands via an unspecified parameter to cart.inc.php and certain other files in an include directory, related to missing sanitization of
|
16-10-2018 - 16:45 | 24-05-2007 - 19:30 | |
| CVE-2007-0694 | 4.3 |
Cross-site scripting (XSS) vulnerability in footer.php in DGNews 2.1 allows remote attackers to inject arbitrary web script or HTML via the copyright parameter.
|
16-10-2018 - 16:33 | 30-05-2007 - 20:30 | |
| CVE-2007-5639 | 7.1 |
The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and other Nortel IP Phone, Mobile Voice Client, and WLAN Handsets products allow remote attackers to cause a denial of service (device hang) via a flood of Mute and UnMute messages that have a spo
|
15-10-2018 - 21:45 | 23-10-2007 - 17:46 | |
| CVE-2011-1858 | 4.3 |
Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows local users to bypass intended access restrictions via unknown vectors.
|
17-08-2017 - 01:34 | 14-06-2011 - 17:55 | |
| CVE-2011-1860 | 5.0 |
Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote attackers to capture HTTP session credentials via unknown vectors.
|
17-08-2017 - 01:34 | 14-06-2011 - 17:55 | |
| CVE-2011-1861 | 8.3 |
Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote attackers to modify data or obtain sensitive information via unknown vectors.
|
17-08-2017 - 01:34 | 14-06-2011 - 17:55 | |
| CVE-2011-1862 | 4.3 |
Cross-site scripting (XSS) vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
17-08-2017 - 01:34 | 14-06-2011 - 17:55 | |
| CVE-2011-1859 | 5.0 |
Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote attackers to obtain sensitive information via unknown vectors.
|
17-08-2017 - 01:34 | 14-06-2011 - 17:55 | |
| CVE-2011-1857 | 8.2 |
Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote authenticated users to bypass intended access restrictions via unknown vectors.
|
17-08-2017 - 01:34 | 14-06-2011 - 17:55 | |
| CVE-2011-1863 | 7.5 |
HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allow remote authenticated users to conduct unspecified script injection attacks via unknown vectors.
|
17-08-2017 - 01:34 | 14-06-2011 - 17:55 | |
| CVE-2005-4573 | 7.5 |
PHP remote file include vulnerability in plog-admin-functions.php in Plogger Beta 2 allows remote attackers to execute arbitrary code via a URL in the config[basedir] parameter.
|
20-07-2017 - 01:29 | 29-12-2005 - 11:03 |