| Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2011-1771 | 4.4 |
The cifs_close function in fs/cifs/file.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service (NULL pointer dereference and BUG) or possibly have unspecified other impact by setting the O_DIRECT flag during an attempt to
|
13-02-2023 - 04:30 | 06-09-2011 - 16:55 | |
| CVE-2006-4075 | 5.1 |
Multiple PHP remote file inclusion vulnerabilities in Wim Fleischhauer docpile: wim's edition (docpile:we) 0.2.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the INIT_PATH parameter to (1) lib/folder.class.php, (2) li
|
17-10-2018 - 21:33 | 11-08-2006 - 01:04 | |
| CVE-2007-1220 | 6.2 |
The Hypervisor in Microsoft Xbox 360 kernel 4532 and 4548 does not properly verify the parameters passed to the syscall dispatcher, which allows attackers with physical access to bypass code-signing requirements and execute arbitrary code.
|
16-10-2018 - 16:37 | 02-03-2007 - 22:19 | |
| CVE-2007-1221 | 7.2 |
The Hypervisor in Microsoft Xbox 360 kernel 4532 and 4548 allows attackers with physical access to force execution of the hypervisor syscall with a certain register set, which bypasses intended code protection.
|
16-10-2018 - 16:37 | 02-03-2007 - 22:19 | |
| CVE-2008-0855 | 7.5 |
SQL injection vulnerability in the Facile Forms (com_facileforms) component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.
|
15-10-2018 - 22:03 | 21-02-2008 - 00:44 | |
| CVE-2008-0838 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in the web administration interface in Sophos ES1000 and ES4000 Email Security Appliance 2.1.0.0 allow remote attackers to inject arbitrary web script or HTML via the (1) error and (2) go parameters
|
15-10-2018 - 22:03 | 20-02-2008 - 21:44 | |
| CVE-2008-0849 | 7.5 |
SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a selectcat function, a different vector than CVE-2008-0652.
|
15-10-2018 - 22:03 | 21-02-2008 - 00:44 | |
| CVE-2008-0837 | 4.3 |
Cross-site scripting (XSS) vulnerability in the log feature in the John Godley Search Unleashed 0.2.10 plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter, which is not properly handled when the adm
|
15-10-2018 - 22:03 | 20-02-2008 - 21:44 | |
| CVE-2008-0845 | 7.5 |
SQL injection vulnerability in wp-people-popup.php in Dean Logan WP-People plugin 1.6.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the person parameter.
|
15-10-2018 - 22:03 | 20-02-2008 - 21:44 | |
| CVE-2008-0854 | 7.5 |
SQL injection vulnerability in the com_salesrep component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the rid parameter in a showrep action to index.php.
|
15-10-2018 - 22:03 | 21-02-2008 - 00:44 | |
| CVE-2008-0828 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.5.5 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) attributes such as style and onmouseover in (a) forum post or (b) mail; or (2) the website field of
|
15-10-2018 - 22:03 | 19-02-2008 - 21:44 | |
| CVE-2008-0853 | 7.5 |
SQL injection vulnerability in the com_detail component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. NOTE: this issue might be site-specific. If so, it should not be included in
|
15-10-2018 - 22:03 | 21-02-2008 - 00:44 | |
| CVE-2008-0843 | 6.4 |
StatCounteX 3.0 and 3.1 allows remote attackers to obtain sensitive information and edit configuration scripts via a direct request to admin.asp.
|
15-10-2018 - 22:03 | 20-02-2008 - 21:44 | |
| CVE-2007-6319 | 10.0 |
Multiple unspecified vulnerabilities in Lyris ListManager 8.x before 8.95d, 9.2 before 9.2c, and 9.3 before 9.3b allow remote attackers to (1) gain list administrator privileges or (2) access arbitrary mailing lists via unknown vectors related to mod
|
15-10-2018 - 21:52 | 19-02-2008 - 22:44 | |
| CVE-2007-6007 | 6.8 |
Integer overflow in the ID_PSP.apl plug-in for ACD ACDSee Photo Manager 9.0 build 108, Pro Photo Manager 8.1 build 99, and Photo Editor 4.0 build 195 allows user-assisted remote attackers to execute arbitrary code via a crafted PSP image that trigger
|
15-10-2018 - 21:48 | 15-11-2007 - 22:46 | |
| CVE-2007-4344 | 9.3 |
Multiple input validation errors in ACD ACDSee Photo Manager 9.0 build 108, Pro Photo Manager 8.1 build 99, and Photo Editor 4.0 build 195 allow user-assisted remote attackers to execute arbitrary code via a long section string in (1) a PSP image to
|
15-10-2018 - 21:34 | 15-11-2007 - 22:46 | |
| CVE-2008-4485 | 4.3 |
Cross-site scripting (XSS) vulnerability in the ICAP patience page in Blue Coat Security Gateway OS (SGOS) 4.2 before 4.2.9, 5.2 before 5.2.5, and 5.3 before 5.3.1.7 allows remote attackers to inject arbitrary web script or HTML via the URL.
|
08-08-2017 - 01:32 | 08-10-2008 - 02:00 | |
| CVE-2005-3269 | 7.5 |
Stack-based buffer overflow in help.cgi in the HTTP administrative interface for (1) Sun Java System Directory Server 5.2 2003Q4, 2004Q2, and 2005Q1, (2) Red Hat Directory Server and (3) Certificate Server before 7.1 SP1, (4) Sun ONE Directory Server
|
11-07-2017 - 01:33 | 20-10-2005 - 23:02 |