• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

NVD-CWE-Other

CVE-2007-0860

February 26, 2023 by

** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in local Calendar System 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the (1) TEMPLATE_DIR parameter to (a) showinvoices.php, (b) showmonth.php, (c) showevents.php, (d) retrieveinvoice.php, (e) modifyitem.php, and (f) lookup_userid.php; or the LIBDIR parameter to (g) editevent.php, (h) resetpassword.php, (i) signup.php, showmonth.php, (j) showday.php, showevents.php, and lookup_userid.php. NOTE: this issue has been disputed by a third party, who states that the associated variables are set in config.php before use.

CVE-2007-0861

February 26, 2023 by

** DISPUTED ** PHP remote file inclusion vulnerability in modules/mail/index.php in phpCOIN RC-1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the _CCFG[‘_PKG_PATH_MDLS’] parameter. NOTE: this issue has been disputed by a reliable third party, who states that a fatal error occurs before the relevant code is reached.

CVE-2007-0863

February 26, 2023 by

** DISPUTED ** PHP remote file inclusion vulnerability in Trevorchan 0.7 and earlier allows remote attackers to execute arbitrary code via the tc_config[rootdir] parameter to (1) upgrade.php, (2) paint_save.php, (3) menu.php, (4) manage.php, and (5) banned.php. NOTE: his issue has been disputed by reliable third parties, who state that the variable is set before use in config.php.

CVE-2007-0864

February 26, 2023 by

SQL injection vulnerability in register.php in LushiWarPlaner 1.0 allows remote attackers to inject arbitrary SQL commands via the id parameter.

CVE-2007-0865

February 26, 2023 by

SQL injection vulnerability in comments.php in LushiNews 1.01 and earlier allows remote authenticated users to inject arbitrary SQL commands via the id parameter.

CVE-2007-0866

February 26, 2023 by

Unspecified vulnerability in HP OpenView Storage Data Protector on HP-UX B.11.00, B.11.11, or B.11.23 allows local users to execute arbitrary code via unknown vectors.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 505
  • Go to page 506
  • Go to page 507
  • Go to page 508
  • Go to page 509
  • Interim pages omitted …
  • Go to page 940
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE