CVE Daily
← All years

Uncategorized 2007

Page 38/38.

CVEs without a recognized CWE (not present in the CWE map or marked as N/A).

CVSS ≥ 0.0
2007-01-04
Medium

CVE-2007-0054

Cross-site scripting (XSS) vulnerability in gbrowse.php in Belchior Foundry vCard PRO allows remote attackers to inject arbitrary web script or HTML via the sortby parameter.

CVSS: 6.8CWE: N/A
Read more
Medium

CVE-2007-0055

Directory traversal vulnerability in formbankcgi.exe/AbfrageForm in Formbankserver 1.9 allows remote attackers to read arbitrary files via directory traversal sequences in the Name parameter. NOTE:…

CVSS: 5.0CWE: N/A
Read more
Medium

CVE-2007-0056

Multiple cross-site scripting (XSS) vulnerabilities in AShop Deluxe 4.5 and AShop Administration Panel allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter to (a) a…

CVSS: 6.8CWE: N/A
Read more
Critical

CVE-2007-0057

Cisco Clean Access (CCA) 3.6.x through 3.6.4.2 and 4.0.x through 4.0.3.2 does not properly configure or allow modification of a shared secret authentication key, which causes all devices to have the…

CVSS: 10.0CWE: CWE-255
Read more
High

CVE-2007-0049

Geckovich TaskTracker Pro 1.5 and earlier allows remote attackers to add administrative or other accounts via an Add action with a modified GroupID in a direct request to Customize.asp.

CVSS: 7.5CWE: N/A
Read more
High

CVE-2007-0050

PHP remote file inclusion vulnerability in index.php in OpenPinboard 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the language parameter. NOTE: this issue has been disputed…

CVSS: 7.5CWE: N/A
Read more
2007-01-03
Medium

CVE-2007-0048

Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, when used with Internet Explorer, Google Chrome…

CVSS: 5.0CWE: N/A
Read more
Medium

CVE-2007-0047

CRLF injection vulnerability in Adobe Acrobat Reader Plugin before 8.0.0, when used with the Microsoft.XMLHTTP ActiveX object in Internet Explorer, allows remote attackers to inject arbitrary HTTP he…

CVSS: 6.8CWE: N/A
Read more
High

CVE-2007-0046

Double free vulnerability in the Adobe Acrobat Reader Plugin before 8.0.0, as used in Mozilla Firefox 1.5.0.7, allows remote attackers to execute arbitrary code by causing an error via a javascript:…

CVSS: 7.5CWE: N/A
Read more
2007-01-01
Medium

CVE-2007-0015

Buffer overflow in Apple QuickTime 7.1.3 allows remote attackers to execute arbitrary code via a long rtsp:// URI.

CVSS: 6.8CWE: N/A
Read more
>