Логотип exploitDog
source:"nvd"
Консоль
Логотип exploitDog

exploitDog

source:"nvd"

Количество 331 614

Количество 331 614

nvd логотип

CVE-2007-4812

больше 18 лет назад

Buffer overflow in Apple Safari 3.0.3 522.15.5, and other versions before Beta Update 3.0.4, allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact by setting document.location.hash to a long string. NOTE: the crash might actually occur in the alert method.

CVSS2: 5
EPSS: Низкий
nvd логотип

CVE-2007-4811

больше 18 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in Netjuke 1.0-rc2 allow remote attackers to inject arbitrary web script or HTML via (1) the val parameter to alphabet.php in an alpha.albums action, or the PATH_INFO to (2) random.php or (3) admin/hidden.php.

CVSS2: 4.3
EPSS: Низкий
nvd логотип

CVE-2007-4810

больше 18 лет назад

Multiple SQL injection vulnerabilities in Netjuke 1.0-rc2 allow remote attackers to execute arbitrary SQL commands via (1) the ge_id parameter in a list.artists action to explore.php or (2) the id parameter in a show.tracks action to xml.php.

CVSS2: 7.5
EPSS: Низкий
nvd логотип

CVE-2007-4809

больше 18 лет назад

Multiple PHP remote file inclusion vulnerabilities in Online Fantasy Football League (OFFL) 0.2.6 allow remote attackers to execute arbitrary PHP code via a URL in the DOC_ROOT parameter to (1) lib/functions.php or (2) lib/header.php.

CVSS2: 7.5
EPSS: Высокий
nvd логотип

CVE-2007-4808

больше 18 лет назад

Multiple SQL injection vulnerabilities in TLM CMS 3.2 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to news.php in a lirenews action, (2) the idnews parameter to goodies.php in a lire action, (3) the id parameter to file.php in a voir action, (4) the ID parameter to affichage.php, (5) the id_sal parameter to mod_forum/afficher.php, or (6) the id_sujet parameter to mod_forum/messages.php. NOTE: it was later reported that goodies.php and affichage.php scripts are reachable through index.php, and 1.1 is also affected. NOTE: it was later reported that the goodies.php vector also affects 3.1.

CVSS2: 7.5
EPSS: Низкий
nvd логотип

CVE-2007-4807

больше 18 лет назад

Multiple PHP remote file inclusion vulnerabilities in Focus/SIS 2.2 allow remote attackers to execute arbitrary PHP code via a URL in the staticpath parameter to (1) modules/Discipline/CategoryBreakdownTime.php or (2) modules/Discipline/StudentFieldBreakdown.php.

CVSS2: 7.5
EPSS: Низкий
nvd логотип

CVE-2007-4806

больше 18 лет назад

PHP remote file inclusion vulnerability in modules/Discipline/CategoryBreakdownTime.php in Focus/SIS 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the FocusPath parameter.

CVSS2: 7.5
EPSS: Низкий
nvd логотип

CVE-2007-4805

больше 18 лет назад

Directory traversal vulnerability in getgalldata.php in fuzzylime (cms) 3.0 and earlier allows remote attackers to include arbitrary local files via a .. (dot dot) in the p parameter.

CVSS2: 7.5
EPSS: Средний
nvd логотип

CVE-2007-4804

больше 18 лет назад

Multiple SQL injection vulnerabilities in AuraCMS 1.5rc allow remote attackers to execute arbitrary SQL commands via the id parameter in (1) hal.php, (2) cetak.php, (3) lihat.php, (4) pesan.php, and (5) teman.php, different vectors than CVE-2007-4171. NOTE: the scripts may be accessed through requests to the product's top-level default URI, using the pilih parameter, in some circumstances.

CVSS2: 7.5
EPSS: Низкий
nvd логотип

CVE-2007-4803

больше 18 лет назад

Buffer overflow in AtomixMP3 2.3 allows user-assisted remote attackers to execute arbitrary code via long strings in file and title fields in a .pls file, as demonstrated by the (1) File1 and (2) Title1 fields, different vectors than CVE-2006-6287 and CVE-2007-2487.

CVSS2: 6.8
EPSS: Средний
nvd логотип

CVE-2007-4802

больше 18 лет назад

Multiple heap-based buffer overflows in GlobalLink 2.7.0.8 allow remote attackers to execute arbitrary code via (1) a long eighth argument to the SetInfo method in a certain ActiveX control in glItemCom.dll or (2) a long second argument to the SetClientInfo method in a certain ActiveX control in glitemflat.dll.

CVSS2: 6.8
EPSS: Средний
nvd логотип

CVE-2007-4799

больше 18 лет назад

The perfstat kernel extension in bos.perf.perfstat in AIX 5.3 does not verify privileges when processing a SET call, which allows local users to cause a denial of service (system hang or crash) via unspecified SET operations.

CVSS2: 4.9
EPSS: Низкий
nvd логотип

CVE-2007-4798

больше 18 лет назад

Unspecified vulnerability in invscout in Inventory Scout in invscout.rte in IBM AIX 5.2 and 5.3 allows local users to delete system files that have names matching the final substring of a hostname alias, as demonstrated by hostnames ending in "unix".

CVSS2: 6.6
EPSS: Низкий
nvd логотип

CVE-2007-4797

больше 18 лет назад

Multiple buffer overflows in unspecified svprint (System V print) commands in bos.svprint.rte in IBM AIX 5.2 and 5.3 allow local users to gain privileges via unspecified vectors.

CVSS2: 7.2
EPSS: Низкий
nvd логотип

CVE-2007-4796

больше 18 лет назад

Buffer overflow in uucp in bos.net.uucp in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors.

CVSS2: 7.2
EPSS: Низкий
nvd логотип

CVE-2007-4795

больше 18 лет назад

Buffer overflow in mkpath in bos.rte.methods in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long ODM name.

CVSS2: 7.2
EPSS: Низкий
nvd логотип

CVE-2007-4794

больше 18 лет назад

Buffer overflow in fcstat in devices.common.IBM.fc.rte in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long input parameter.

CVSS2: 7.2
EPSS: Низкий
nvd логотип

CVE-2007-4793

больше 18 лет назад

Buffer overflow in xlplm in plm.server.rte in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors.

CVSS2: 7.2
EPSS: Низкий
nvd логотип

CVE-2007-4792

больше 18 лет назад

Buffer overflow in ibstat in devices.common.IBM.ib.rte in IBM AIX 5.3 allows local users to gain privileges via unspecified vectors.

CVSS2: 7.2
EPSS: Низкий
nvd логотип

CVE-2007-4791

больше 18 лет назад

Buffer overflow in the swcons command in bos.rte.console in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2005-3504 and CVE-2007-0978.

CVSS2: 7.2
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
nvd логотип
CVE-2007-4812

Buffer overflow in Apple Safari 3.0.3 522.15.5, and other versions before Beta Update 3.0.4, allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact by setting document.location.hash to a long string. NOTE: the crash might actually occur in the alert method.

CVSS2: 5
4%
Низкий
больше 18 лет назад
nvd логотип
CVE-2007-4811

Multiple cross-site scripting (XSS) vulnerabilities in Netjuke 1.0-rc2 allow remote attackers to inject arbitrary web script or HTML via (1) the val parameter to alphabet.php in an alpha.albums action, or the PATH_INFO to (2) random.php or (3) admin/hidden.php.

CVSS2: 4.3
0%
Низкий
больше 18 лет назад
nvd логотип
CVE-2007-4810

Multiple SQL injection vulnerabilities in Netjuke 1.0-rc2 allow remote attackers to execute arbitrary SQL commands via (1) the ge_id parameter in a list.artists action to explore.php or (2) the id parameter in a show.tracks action to xml.php.

CVSS2: 7.5
1%
Низкий
больше 18 лет назад
nvd логотип
CVE-2007-4809

Multiple PHP remote file inclusion vulnerabilities in Online Fantasy Football League (OFFL) 0.2.6 allow remote attackers to execute arbitrary PHP code via a URL in the DOC_ROOT parameter to (1) lib/functions.php or (2) lib/header.php.

CVSS2: 7.5
84%
Высокий
больше 18 лет назад
nvd логотип
CVE-2007-4808

Multiple SQL injection vulnerabilities in TLM CMS 3.2 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to news.php in a lirenews action, (2) the idnews parameter to goodies.php in a lire action, (3) the id parameter to file.php in a voir action, (4) the ID parameter to affichage.php, (5) the id_sal parameter to mod_forum/afficher.php, or (6) the id_sujet parameter to mod_forum/messages.php. NOTE: it was later reported that goodies.php and affichage.php scripts are reachable through index.php, and 1.1 is also affected. NOTE: it was later reported that the goodies.php vector also affects 3.1.

CVSS2: 7.5
2%
Низкий
больше 18 лет назад
nvd логотип
CVE-2007-4807

Multiple PHP remote file inclusion vulnerabilities in Focus/SIS 2.2 allow remote attackers to execute arbitrary PHP code via a URL in the staticpath parameter to (1) modules/Discipline/CategoryBreakdownTime.php or (2) modules/Discipline/StudentFieldBreakdown.php.

CVSS2: 7.5
10%
Низкий
больше 18 лет назад
nvd логотип
CVE-2007-4806

PHP remote file inclusion vulnerability in modules/Discipline/CategoryBreakdownTime.php in Focus/SIS 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the FocusPath parameter.

CVSS2: 7.5
10%
Низкий
больше 18 лет назад
nvd логотип
CVE-2007-4805

Directory traversal vulnerability in getgalldata.php in fuzzylime (cms) 3.0 and earlier allows remote attackers to include arbitrary local files via a .. (dot dot) in the p parameter.

CVSS2: 7.5
10%
Средний
больше 18 лет назад
nvd логотип
CVE-2007-4804

Multiple SQL injection vulnerabilities in AuraCMS 1.5rc allow remote attackers to execute arbitrary SQL commands via the id parameter in (1) hal.php, (2) cetak.php, (3) lihat.php, (4) pesan.php, and (5) teman.php, different vectors than CVE-2007-4171. NOTE: the scripts may be accessed through requests to the product's top-level default URI, using the pilih parameter, in some circumstances.

CVSS2: 7.5
1%
Низкий
больше 18 лет назад
nvd логотип
CVE-2007-4803

Buffer overflow in AtomixMP3 2.3 allows user-assisted remote attackers to execute arbitrary code via long strings in file and title fields in a .pls file, as demonstrated by the (1) File1 and (2) Title1 fields, different vectors than CVE-2006-6287 and CVE-2007-2487.

CVSS2: 6.8
20%
Средний
больше 18 лет назад
nvd логотип
CVE-2007-4802

Multiple heap-based buffer overflows in GlobalLink 2.7.0.8 allow remote attackers to execute arbitrary code via (1) a long eighth argument to the SetInfo method in a certain ActiveX control in glItemCom.dll or (2) a long second argument to the SetClientInfo method in a certain ActiveX control in glitemflat.dll.

CVSS2: 6.8
47%
Средний
больше 18 лет назад
nvd логотип
CVE-2007-4799

The perfstat kernel extension in bos.perf.perfstat in AIX 5.3 does not verify privileges when processing a SET call, which allows local users to cause a denial of service (system hang or crash) via unspecified SET operations.

CVSS2: 4.9
0%
Низкий
больше 18 лет назад
nvd логотип
CVE-2007-4798

Unspecified vulnerability in invscout in Inventory Scout in invscout.rte in IBM AIX 5.2 and 5.3 allows local users to delete system files that have names matching the final substring of a hostname alias, as demonstrated by hostnames ending in "unix".

CVSS2: 6.6
0%
Низкий
больше 18 лет назад
nvd логотип
CVE-2007-4797

Multiple buffer overflows in unspecified svprint (System V print) commands in bos.svprint.rte in IBM AIX 5.2 and 5.3 allow local users to gain privileges via unspecified vectors.

CVSS2: 7.2
0%
Низкий
больше 18 лет назад
nvd логотип
CVE-2007-4796

Buffer overflow in uucp in bos.net.uucp in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors.

CVSS2: 7.2
0%
Низкий
больше 18 лет назад
nvd логотип
CVE-2007-4795

Buffer overflow in mkpath in bos.rte.methods in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long ODM name.

CVSS2: 7.2
0%
Низкий
больше 18 лет назад
nvd логотип
CVE-2007-4794

Buffer overflow in fcstat in devices.common.IBM.fc.rte in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long input parameter.

CVSS2: 7.2
0%
Низкий
больше 18 лет назад
nvd логотип
CVE-2007-4793

Buffer overflow in xlplm in plm.server.rte in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors.

CVSS2: 7.2
0%
Низкий
больше 18 лет назад
nvd логотип
CVE-2007-4792

Buffer overflow in ibstat in devices.common.IBM.ib.rte in IBM AIX 5.3 allows local users to gain privileges via unspecified vectors.

CVSS2: 7.2
0%
Низкий
больше 18 лет назад
nvd логотип
CVE-2007-4791

Buffer overflow in the swcons command in bos.rte.console in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2005-3504 and CVE-2007-0978.

CVSS2: 7.2
0%
Низкий
больше 18 лет назад

Уязвимостей на страницу