• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-264

CVE-2007-4640

February 26, 2023 by

Unrestricted file upload vulnerability in index.php in Pakupaku CMS 0.4 and earlier allows remote attackers to upload and execute arbitrary PHP files in uploads/ via an Uploads action.

CVE-2007-4600

February 26, 2023 by

The “Protect Worksheet” functionality in Mathsoft Mathcad 12 through 13.1, and PTC Mathcad 14, implements file access restrictions via a protection element in a gzipped XML file, which allows attackers to bypass these restrictions by removing this element.

CVE-2007-4601

February 26, 2023 by

A regression error in tcp-wrappers 7.6.dbs-10 and 7.6.dbs-11 might allow remote attackers to bypass intended access restrictions when a service uses libwrap but does not specify server connection information.

CVE-2007-4563

February 26, 2023 by

Cosminexus Manager in Cosminexus Application Server 06-50 and later might assign the wrong user’s group permissions to logical J2EE server processes, which allows local users to gain privileges.

CVE-2007-4564

February 26, 2023 by

Cosminexus Manager in Cosminexus Application Server 07-00 and later might assign the wrong user’s group permissions to logical user server processes, which allows local users to gain privileges.

CVE-2007-4569

February 26, 2023 by

backend/session.c in KDM in KDE 3.3.0 through 3.5.7, when autologin is configured and “shutdown with password” is enabled, allows remote attackers to bypass the password requirement and login to arbitrary accounts via unspecified vectors.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 118
  • Go to page 119
  • Go to page 120
  • Go to page 121
  • Go to page 122
  • Interim pages omitted …
  • Go to page 136
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE