• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

NVD-CWE-Other

CVE-2007-0246

February 26, 2023 by

plugins/scmcvs/www/cvsweb.php in the CVSWeb CGI in GForge 4.5.16 before 20070524, aka gforge-plugin-scmcvs, allows remote attackers to execute arbitrary commands via shell metacharacters in the PATH_INFO.

CVE-2007-0248

February 26, 2023 by

The aclMatchExternal function in Squid before 2.6.STABLE7 allows remote attackers to cause a denial of service (crash) by causing an external_acl queue overload, which triggers an infinite loop.

CVE-2007-0249

February 26, 2023 by

Cross-site scripting (XSS) vulnerability in index.php in Nwom topsites 3.0 allows remote attackers to inject arbitrary web script or HTML via the o parameter.

CVE-2007-0250

February 26, 2023 by

index.php in Nwom topsites 3.0 allows remote attackers to obtain potentially sensitive information via a ‘ (quote) character in the o parameter, which forces a SQL error.

CVE-2007-0251

February 26, 2023 by

Integer underflow in the DecodeGRE function in src/decode.c in Snort 2.6.1.2 allows remote attackers to trigger dereferencing of certain memory locations via crafted GRE packets, which may cause corruption of log files or writing of sensitive information into log files.

CVE-2007-0154

February 26, 2023 by

Webulas stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for db/db.mdb.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 589
  • Go to page 590
  • Go to page 591
  • Go to page 592
  • Go to page 593
  • Interim pages omitted …
  • Go to page 940
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE