Логотип exploitDog
source:"nvd"
Консоль
Логотип exploitDog

exploitDog

source:"nvd"

Количество 331 614

Количество 331 614

nvd логотип

CVE-2007-1947

почти 19 лет назад

Cross-zone scripting vulnerability in the DOM templates (domplates) used by the console.log function in the Firebug extension before 1.04 for Mozilla Firefox allows remote attackers to bypass zone restrictions, read arbitrary file:// URIs, or execute arbitrary code in the browser chrome by overwriting the toString function via a certain function declaration, related to incorrect identification of anonymous JavaScript functions, a different issue than CVE-2007-1878.

CVSS2: 3.5
EPSS: Низкий
nvd логотип

CVE-2007-1946

почти 19 лет назад

Integer overflow in Windows Explorer in Microsoft Windows XP SP1 might allow user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large width dimension in a crafted BMP image, as demonstrated by w4intof.bmp.

CVSS2: 10
EPSS: Средний
nvd логотип

CVE-2007-1945

почти 19 лет назад

Unspecified vulnerability in the Servlet Engine/Web Container in IBM WebSphere Application Server (WAS) before 6.1.0.7 has unknown impact and attack vectors.

CVSS2: 7.5
EPSS: Низкий
nvd логотип

CVE-2007-1944

почти 19 лет назад

The Java Message Service (JMS) in IBM WebSphere Application Server (WAS) before 6.1.0.7 allows attackers to cause a denial of service via unknown vectors involving the "double release [of] a bytebuffer input stream," possibly a double free vulnerability.

CVSS2: 5
EPSS: Низкий
nvd логотип

CVE-2007-1943

почти 19 лет назад

Integer overflow in ACDSee Photo Manager 9.0 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via large width image sizes in a crafted BMP image, as demonstrated by w3intof.bmp and w4intof.bmp.

CVSS2: 9.3
EPSS: Средний
nvd логотип

CVE-2007-1942

почти 19 лет назад

Integer overflow in FastStone Image Viewer 2.9 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a crafted BMP image, as demonstrated by wh3intof.bmp and wh4intof.bmp.

CVSS2: 9.3
EPSS: Низкий
nvd логотип

CVE-2007-1941

почти 19 лет назад

Cross-site scripting (XSS) vulnerability in the Active Content Filter feature in Domino Web Access (DWA) in IBM Lotus Notes before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to inject arbitrary web script or HTML via a multipart/related e-mail message, a different issue than CVE-2006-4843.

CVSS2: 4.3
EPSS: Низкий
nvd логотип

CVE-2007-1940

почти 19 лет назад

IBM Tivoli Business Service Manager (TBSM) 4.1 before Interim Fix 1 logs passwords in plaintext, which allows local users to obtain sensitive information by reading (1) ncisetup.db or (2) msi.log.

CVSS2: 4.9
EPSS: Низкий
nvd логотип

CVE-2007-1939

почти 19 лет назад

Cross-site scripting (XSS) vulnerability in the embedded webserver in Daniel Naber LanguageTool before 0.8.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving an error message, possibly the demultiplex method in HTTPServer.java.

CVSS2: 6.8
EPSS: Низкий
nvd логотип

CVE-2007-1938

почти 19 лет назад

Ichitaro 2005 through 2007, and possibly related products, allows remote attackers to have an unknown impact via unspecified vectors in a document distributed through e-mail or a web site, possibly due to a buffer overflow or cross-site scripting (XSS).

CVSS2: 4.3
EPSS: Низкий
nvd логотип

CVE-2007-1937

почти 19 лет назад

PHP remote file inclusion vulnerability in smilies.php in Scorp Book 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the config parameter.

CVSS2: 6.8
EPSS: Средний
nvd логотип

CVE-2007-1936

почти 19 лет назад

PHP remote file inclusion vulnerability in scaradcontrol.php in ScarAdControl (ScarAdController) 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the sac_config_dir parameter.

CVSS2: 6.8
EPSS: Низкий
nvd логотип

CVE-2007-1935

почти 19 лет назад

PHP file inclusion vulnerability in admin/index.php in ScarAdControl (ScarAdController) 1.1 allows remote attackers to execute arbitrary PHP code via a UNC share pathname or a local file pathname in the site parameter, which is accessed by the file_exists function.

CVSS2: 6.8
EPSS: Низкий
nvd логотип

CVE-2007-1934

почти 19 лет назад

Directory traversal vulnerability in member.php in the eBoard 1.0.7 module for PHP-Nuke allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the GLOBALS[name] parameter.

CVSS2: 6.8
EPSS: Средний
nvd логотип

CVE-2007-1933

почти 19 лет назад

Multiple directory traversal vulnerabilities in PcP-Guestbook (PcP-Book) 3.0 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter to (1) index.php, (2) gb.php, or (3) faq.php.

CVSS2: 7.5
EPSS: Низкий
nvd логотип

CVE-2007-1932

почти 19 лет назад

Directory traversal vulnerability in scarnews.inc.php in ScarNews 1.2.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the sn_admin_dir parameter.

CVSS2: 7.5
EPSS: Низкий
nvd логотип

CVE-2007-1931

почти 19 лет назад

SQL injection vulnerability in index.php in the slownik module in SmodCMS 2.10 and earlier allows remote attackers to execute arbitrary SQL commands via the ssid parameter.

CVSS2: 7.5
EPSS: Низкий
nvd логотип

CVE-2007-1930

почти 19 лет назад

Directory traversal vulnerability in download2.php in cattaDoc 2.21, and possibly other versions including 3.0, allows remote attackers to read arbitrary files via a .. (dot dot) in the fn1 parameter.

CVSS2: 7.8
EPSS: Средний
nvd логотип

CVE-2007-1929

почти 19 лет назад

Directory traversal vulnerability in downloadpic.php in Beryo 2.0, and possibly other versions including 2.4, allows remote attackers to read arbitrary files via a .. (dot dot) in the chemin parameter.

CVSS2: 5
EPSS: Средний
nvd логотип

CVE-2007-1928

почти 19 лет назад

Directory traversal vulnerability in index.php in witshare 0.9 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the menu parameter.

CVSS2: 7.5
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
nvd логотип
CVE-2007-1947

Cross-zone scripting vulnerability in the DOM templates (domplates) used by the console.log function in the Firebug extension before 1.04 for Mozilla Firefox allows remote attackers to bypass zone restrictions, read arbitrary file:// URIs, or execute arbitrary code in the browser chrome by overwriting the toString function via a certain function declaration, related to incorrect identification of anonymous JavaScript functions, a different issue than CVE-2007-1878.

CVSS2: 3.5
5%
Низкий
почти 19 лет назад
nvd логотип
CVE-2007-1946

Integer overflow in Windows Explorer in Microsoft Windows XP SP1 might allow user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large width dimension in a crafted BMP image, as demonstrated by w4intof.bmp.

CVSS2: 10
44%
Средний
почти 19 лет назад
nvd логотип
CVE-2007-1945

Unspecified vulnerability in the Servlet Engine/Web Container in IBM WebSphere Application Server (WAS) before 6.1.0.7 has unknown impact and attack vectors.

CVSS2: 7.5
1%
Низкий
почти 19 лет назад
nvd логотип
CVE-2007-1944

The Java Message Service (JMS) in IBM WebSphere Application Server (WAS) before 6.1.0.7 allows attackers to cause a denial of service via unknown vectors involving the "double release [of] a bytebuffer input stream," possibly a double free vulnerability.

CVSS2: 5
1%
Низкий
почти 19 лет назад
nvd логотип
CVE-2007-1943

Integer overflow in ACDSee Photo Manager 9.0 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via large width image sizes in a crafted BMP image, as demonstrated by w3intof.bmp and w4intof.bmp.

CVSS2: 9.3
16%
Средний
почти 19 лет назад
nvd логотип
CVE-2007-1942

Integer overflow in FastStone Image Viewer 2.9 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a crafted BMP image, as demonstrated by wh3intof.bmp and wh4intof.bmp.

CVSS2: 9.3
10%
Низкий
почти 19 лет назад
nvd логотип
CVE-2007-1941

Cross-site scripting (XSS) vulnerability in the Active Content Filter feature in Domino Web Access (DWA) in IBM Lotus Notes before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to inject arbitrary web script or HTML via a multipart/related e-mail message, a different issue than CVE-2006-4843.

CVSS2: 4.3
0%
Низкий
почти 19 лет назад
nvd логотип
CVE-2007-1940

IBM Tivoli Business Service Manager (TBSM) 4.1 before Interim Fix 1 logs passwords in plaintext, which allows local users to obtain sensitive information by reading (1) ncisetup.db or (2) msi.log.

CVSS2: 4.9
0%
Низкий
почти 19 лет назад
nvd логотип
CVE-2007-1939

Cross-site scripting (XSS) vulnerability in the embedded webserver in Daniel Naber LanguageTool before 0.8.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving an error message, possibly the demultiplex method in HTTPServer.java.

CVSS2: 6.8
1%
Низкий
почти 19 лет назад
nvd логотип
CVE-2007-1938

Ichitaro 2005 through 2007, and possibly related products, allows remote attackers to have an unknown impact via unspecified vectors in a document distributed through e-mail or a web site, possibly due to a buffer overflow or cross-site scripting (XSS).

CVSS2: 4.3
1%
Низкий
почти 19 лет назад
nvd логотип
CVE-2007-1937

PHP remote file inclusion vulnerability in smilies.php in Scorp Book 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the config parameter.

CVSS2: 6.8
11%
Средний
почти 19 лет назад
nvd логотип
CVE-2007-1936

PHP remote file inclusion vulnerability in scaradcontrol.php in ScarAdControl (ScarAdController) 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the sac_config_dir parameter.

CVSS2: 6.8
1%
Низкий
почти 19 лет назад
nvd логотип
CVE-2007-1935

PHP file inclusion vulnerability in admin/index.php in ScarAdControl (ScarAdController) 1.1 allows remote attackers to execute arbitrary PHP code via a UNC share pathname or a local file pathname in the site parameter, which is accessed by the file_exists function.

CVSS2: 6.8
1%
Низкий
почти 19 лет назад
nvd логотип
CVE-2007-1934

Directory traversal vulnerability in member.php in the eBoard 1.0.7 module for PHP-Nuke allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the GLOBALS[name] parameter.

CVSS2: 6.8
11%
Средний
почти 19 лет назад
nvd логотип
CVE-2007-1933

Multiple directory traversal vulnerabilities in PcP-Guestbook (PcP-Book) 3.0 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter to (1) index.php, (2) gb.php, or (3) faq.php.

CVSS2: 7.5
5%
Низкий
почти 19 лет назад
nvd логотип
CVE-2007-1932

Directory traversal vulnerability in scarnews.inc.php in ScarNews 1.2.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the sn_admin_dir parameter.

CVSS2: 7.5
6%
Низкий
почти 19 лет назад
nvd логотип
CVE-2007-1931

SQL injection vulnerability in index.php in the slownik module in SmodCMS 2.10 and earlier allows remote attackers to execute arbitrary SQL commands via the ssid parameter.

CVSS2: 7.5
1%
Низкий
почти 19 лет назад
nvd логотип
CVE-2007-1930

Directory traversal vulnerability in download2.php in cattaDoc 2.21, and possibly other versions including 3.0, allows remote attackers to read arbitrary files via a .. (dot dot) in the fn1 parameter.

CVSS2: 7.8
12%
Средний
почти 19 лет назад
nvd логотип
CVE-2007-1929

Directory traversal vulnerability in downloadpic.php in Beryo 2.0, and possibly other versions including 2.4, allows remote attackers to read arbitrary files via a .. (dot dot) in the chemin parameter.

CVSS2: 5
11%
Средний
почти 19 лет назад
nvd логотип
CVE-2007-1928

Directory traversal vulnerability in index.php in witshare 0.9 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the menu parameter.

CVSS2: 7.5
9%
Низкий
почти 19 лет назад

Уязвимостей на страницу