Max CVSS 10.0 Min CVSS 2.6 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2006-7015 10.0
PHP remote file inclusion vulnerability in admin.jobline.php in Jobline 1.1.1 allows remote attackers to execute arbitrary code via a URL in the mosConfig_absolute_path parameter. NOTE: CVE disputes this issue because the script is protected against
21-03-2024 - 02:15 15-02-2007 - 02:28
CVE-2007-1918 5.0
The RFC_SET_REG_SERVER_PROPERTY function in the SAP RFC Library 6.40 and 7.00 before 20070109 implements an option for exclusive access to an RFC server, which allows remote attackers to cause a denial of service (client lockout) via unspecified vect
22-09-2021 - 14:22 10-04-2007 - 23:19
CVE-2005-2829 5.1
Multiple design errors in Microsoft Internet Explorer 5.01, 5.5, and 6 allow user-assisted attackers to execute arbitrary code by (1) overlaying a malicious new window above a file download box, then (2) using a keyboard shortcut and delaying the dis
23-07-2021 - 12:55 14-12-2005 - 11:03
CVE-2006-3795 2.6
Multiple cross-site scripting (XSS) vulnerabilities in DeluxeBB before 1.08 allow remote attackers to inject arbitrary web script or HTML via the (1) membercookie cookie in header.php and the (2) redirect parameter in misc.php.
17-10-2018 - 21:30 24-07-2006 - 12:19
CVE-2006-3799 7.5
DeluxeBB 1.07 and earlier allows remote attackers to bypass SQL injection protection mechanisms via the login variable and certain other variables, by using lowercase "union select" or possibly other statements that do not match the uppercase "UNION
17-10-2018 - 21:30 24-07-2006 - 12:19
CVE-2006-3797 7.5
SQL injection vulnerability in DeluxeBB 1.07 and earlier allows remote attackers to bypass authentication, spoof users, and modify settings via the (1) memberpw and (2) membercookie cookies.
17-10-2018 - 21:30 24-07-2006 - 12:19
CVE-2006-3796 7.5
DeluxeBB 1.07 and earlier does not properly handle a username composed of a single space character, which allows remote authenticated users to login as the "space" user, post as the guest user, and block the ability of an administrator to ban the "sp
17-10-2018 - 21:30 24-07-2006 - 12:19
CVE-2006-3798 5.0
DeluxeBB 1.07 and earlier allows remote attackers to overwrite the (1) _GET, (2) _POST, (3) _ENV, and (4) _SERVER variables via the _COOKIE (aka COOKIE) variable, which can overwrite the other variables during an extract function call, probably leadi
17-10-2018 - 21:30 24-07-2006 - 12:19
CVE-2007-1968 6.8
PHP remote file inclusion vulnerability in games.php in Sam Crew MyBlog, possibly 1.0 through 1.6, allows remote attackers to execute arbitrary PHP code via a URL in the scoreid parameter.
16-10-2018 - 16:41 11-04-2007 - 10:19
CVE-2007-1952 7.5
Session fixation vulnerability in onelook onebyone CMS allows remote attackers to hijack web sessions by setting a PHPSESSID cookie.
16-10-2018 - 16:41 11-04-2007 - 01:19
CVE-2007-1956 7.5
SQL injection vulnerability in ubbthreads.php in Groupee UBB.threads 6.1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the C parameter.
16-10-2018 - 16:41 11-04-2007 - 01:19
CVE-2007-1971 7.5
SQL injection vulnerability in fotokategori.asp in Gazi Okul Sitesi 2007 allows remote attackers to execute arbitrary SQL commands via the query string.
16-10-2018 - 16:41 11-04-2007 - 10:19
CVE-2007-1964 6.0
member.php in MyBB (aka MyBulletinBoard), when debug mode is available, allows remote authenticated users to change the password of any account by providing the account's registered e-mail address in a debug request for a do_lostpw action, which prin
16-10-2018 - 16:41 11-04-2007 - 10:19
CVE-2007-1921 9.3
LIBSNDFILE.DLL, as used by AOL Nullsoft Winamp 5.33 and possibly other products, allows remote attackers to execute arbitrary code via a crafted .MAT file that contains a value that is used as an offset, which triggers memory corruption. To exploit t
16-10-2018 - 16:41 10-04-2007 - 23:19
CVE-2007-1969 4.3
Cross-site scripting (XSS) vulnerability in admin/modify.php in Sam Crew MyBlog remote attackers to inject arbitrary web script or HTML via the id parameter.
16-10-2018 - 16:41 11-04-2007 - 10:19
CVE-2007-1957 6.8
Multiple PHP remote file inclusion vulnerabilities in Guernion Sylvain Portail Web Php (aka Gsylvain35 Portail Web, PwP) allow remote attackers to execute arbitrary PHP code via a URL in the pageAll parameter to index.php in (1) template/Vert/, or (2
16-10-2018 - 16:41 11-04-2007 - 01:19
CVE-2007-0038 9.3
Stack-based buffer overflow in the animated cursor code in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a large length value in the second (or later) a
16-10-2018 - 16:30 30-03-2007 - 20:19
CVE-2008-4084 6.8
SQL injection vulnerability in staticpages/easyclassifields/index.php in MyioSoft EasyClassifields 3.0 allows remote attackers to execute arbitrary SQL commands via the go parameter in a browse action.
29-09-2017 - 01:31 15-09-2008 - 17:12
CVE-2003-1382 7.5
Buffer overflow in ISMail 1.4.3 and earlier allow remote attackers to execute arbitrary code via long domain names in (1) MAIL FROM or (2) RCPT TO fields.
29-07-2017 - 01:29 31-12-2003 - 05:00
CVE-2011-1511 6.4
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Sun Products Suite 2.1.1 and 3.0.1 allows remote attackers to execute arbitrary code via unknown vectors related to Administration.
21-12-2011 - 03:58 20-07-2011 - 22:55
Back to Top Mark selected
Back to Top