• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

NVD-CWE-Other

CVE-2007-3171

February 26, 2023 by

Uebimiau Webmail allows remote attackers to obtain sensitive information via a request to demo/pop3/error.php with an invalid value of the (1) smarty or (2) selected_theme parameter, which reveals the path in various error messages.

CVE-2007-3172

February 26, 2023 by

Directory traversal vulnerability in demo/pop3/error.php in Uebimiau Webmail allows remote attackers to determine the existence of arbitrary directories via an absolute pathname and .. (dot dot) in the selected_theme parameter.

CVE-2007-3173

February 26, 2023 by

Almnzm allows remote attackers to obtain sensitive information via an activateorder request to index.php with an invalid orderid parameter, probably related to ‘[‘ and ‘]’ characters.

CVE-2007-3174

February 26, 2023 by

Cross-site scripting (XSS) vulnerability in auth.w2b in W2B Online Banking allows remote attackers to inject arbitrary web script or HTML via the adtype parameter, a different vector than CVE-2006-1980.

CVE-2007-3175

February 26, 2023 by

Multiple SQL injection vulnerabilities in W2B Online Banking allow remote attackers to execute arbitrary SQL commands via (1) the draft parameter to mailer.w2b or (2) the listDocPay parameter to DocPay.w2b.

CVE-2007-3176

February 26, 2023 by

Unspecified vulnerability in Ingate Firewall and SIParator before 4.5.2 allows remote authenticated users without full privileges to download a Support Report.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 211
  • Go to page 212
  • Go to page 213
  • Go to page 214
  • Go to page 215
  • Interim pages omitted …
  • Go to page 940
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE