Exploit Intelligence Platform – 370K+ CVEs, Ranked Exploits & EPSS Scores

CVE-2007-5954 6.1 MEDIUM 1 PoC Analysis EPSS 0.00

JLMForo System - XSS

Cross-site scripting (XSS) vulnerability in buscador.php in JLMForo System allows remote attackers to inject arbitrary web script or HTML via the clave parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

CWE-79 Nov 14, 2007

CVE-2007-5817 6.1 MEDIUM 1 PoC Analysis EPSS 0.00

CONTENTCustomizer <3.1mp - RCE

dialog.php in CONTENTCustomizer 3.1mp and earlier allows remote attackers to perform certain privileged actions via a (1) del, (2) delbackup, (3) res, or (4) ren action. NOTE: this issue can be leveraged to conduct cross-site scripting (XSS) and possibly other attacks.

CWE-79 Nov 05, 2007

CVE-2007-5626 5.5 MEDIUM EPSS 0.00

Bacula < 2.2.5 - Cleartext Transmission

make_catalog_backup in Bacula 2.2.5, and probably earlier, sends a MySQL password as a command line argument, and sometimes transmits cleartext e-mail containing this command line, which allows context-dependent attackers to obtain the password by listing the process and its arguments, or by sniffing the network.

CWE-319 Oct 23, 2007

CVE-2007-5460 4.6 MEDIUM EPSS 0.01

Microsoft Windows Mobile - Broken Cryptographic Algorithm

Microsoft ActiveSync 4.1, as used in Windows Mobile 5.0, uses weak encryption (XOR obfuscation with a fixed key) when sending the user's PIN/Password over the USB connection from the host to the device, which might make it easier for attackers to decode a PIN/Password obtained by (1) sniffing or (2) spoofing the docking process.

CWE-327 Oct 15, 2007

CVE-2007-4465 6.1 MEDIUM EPSS 0.03

Apache HTTP Server <2.2.6 - XSS

Cross-site scripting (XSS) vulnerability in mod_autoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that this issue is due to a design limitation of browsers that attempt to perform automatic content type detection.

CWE-79 Sep 14, 2007

CVE-2007-4786 5.3 MEDIUM EPSS 0.00

Cisco Adaptive Security Appliance Software - Cleartext Transmission

Cisco Adaptive Security Appliance (ASA) running PIX 7.0 before 7.0.7.1, 7.1 before 7.1.2.61, 7.2 before 7.2.2.34, and 8.0 before 8.0.2.11, when AAA is enabled, composes %ASA-5-111008 messages from the "test aaa" command with cleartext passwords and sends them over the network to a remote syslog server or places them in a local logging buffer, which allows context-dependent attackers to obtain sensitive information.

CWE-319 Sep 10, 2007

CVE-2007-3968 5.3 MEDIUM EPSS 0.00

Dirlist Php < 0.1.1 - Incorrect Authorization

index.php in dirLIST before 0.1.1 allows remote attackers to list the contents of an excluded folder via a modified URL containing the folder name.

CWE-264 Jul 25, 2007

CVE-2007-3484 6.1 MEDIUM EPSS 0.01

Google Custom Search Engine - XSS

Cross-site scripting (XSS) vulnerability in search.php in Google Custom Search Engine allows remote attackers to inject arbitrary web script or HTML via the q parameter. NOTE: this issue is disputed by the Google Security Team, who states that "Google does not provide the 'search.php' script referenced. When a user creates a custom search engine, we provide them with a block of javascript to include on their site. Some users write additional code around this block of javascript to further customize their website.

CWE-79 Jun 28, 2007

CVE-2007-2237 5.5 MEDIUM 2 PoCs Analysis EPSS 0.61

Microsoft Windows XP - Divide By Zero

Microsoft Windows Graphics Device Interface (GDI+, GdiPlus.dll) allows context-dependent attackers to cause a denial of service (crash) via an ICO file with an InfoHeader containing a Height of zero, which triggers a divide-by-zero error.

CWE-369 Jun 06, 2007

CVE-2007-2723 5.5 MEDIUM EPSS 0.01

Media Player Classic 6.4.9.0 - DoS

Media Player Classic 6.4.9.0 allows user-assisted remote attackers to cause a denial of service (web browser crash) via an "empty" .MPA file, which triggers a divide-by-zero error.

CWE-369 May 16, 2007

CVE-2007-2479 5.9 MEDIUM EPSS 0.01

Cerulean Studios Trillian Pro <3.1.5.1 - Info Disclosure

Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers to obtain potentially sensitive information via long CTCP PING messages that contain UTF-8 characters, which generates a malformed response that is not truncated by a newline, which can cause portions of a server message to be sent to the attacker.

CWE-200 May 03, 2007

CVE-2007-1679 5.4 MEDIUM EPSS 0.00

Horde Groupware - XSS

Multiple cross-site scripting (XSS) vulnerabilities in Horde Groupware Webmail 1.0 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors in (1) imp/search.php and (2) ingo/rule.php. NOTE: this issue has been disputed by the vendor, noting that the search.php issue was resolved in CVE-2006-4255, and attackers can only use rule.php to inject XSS into their own pages

CWE-79 Mar 26, 2007

CVE-2006-7031 6.5 MEDIUM 1 PoC Analysis EPSS 0.25

Microsoft Internet Explorer < 6.0.2900 - Denial of Service

Microsoft Internet Explorer 6.0.2900 SP2 and earlier allows remote attackers to cause a denial of service (crash) via a table element with a CSS attribute that sets the position, which triggers an "unhandled exception" in mshtml.dll.

Feb 23, 2007

CVE-2006-6811 6.5 MEDIUM 1 PoC Analysis EPSS 0.06

KsIRC 1.3.12 - DoS

KsIRC 1.3.12 allows remote attackers to cause a denial of service (crash) via a long PRIVMSG string when connecting to an Internet Relay Chat (IRC) server, which causes an assertion failure and results in a NULL pointer dereference. NOTE: this issue was originally reported as a buffer overflow.

CWE-617 Dec 29, 2006

CVE-2006-5648 5.5 MEDIUM EPSS 0.00

Ubuntu Linux - Denial of Service

Ubuntu Linux 6.10 for the PowerPC (PPC) allows local users to cause a denial of service (resource consumption) by using the (1) sys_get_robust_list and (2) sys_set_robust_list functions to create processes that cannot be killed.

CWE-400 Dec 14, 2006

CVE-2006-5649 5.5 MEDIUM EPSS 0.00

Ubuntu Linux - Denial of Service

Unspecified vulnerability in the "alignment check exception handling" in Ubuntu 5.10, 6.06 LTS, and 6.10 for the PowerPC (PPC) allows local users to cause a denial of service (kernel panic) via unspecified vectors.

CWE-400 Dec 14, 2006

CVE-2006-6016 6.5 MEDIUM EPSS 0.01

Wordpress < 2.0.4 - Out-of-Bounds Read

wp-admin/user-edit.php in WordPress before 2.0.5 allows remote authenticated users to read the metadata of an arbitrary user via a modified user_id parameter.

CWE-125 Nov 21, 2006

CVE-2006-6017 6.5 MEDIUM EPSS 0.03

Wordpress < 2.0.5 - Denial of Service

WordPress before 2.0.5 does not properly store a profile containing a string representation of a serialized object, which allows remote authenticated users to cause a denial of service (application crash) via a string that represents a (1) malformed or (2) large serialized object, because the object triggers automatic unserialization for display.

CWE-400 Nov 21, 2006

CVE-2006-5847 6.1 MEDIUM 1 PoC Analysis EPSS 0.04

Freewebshop < 2.2.2 - XSS

Cross-site scripting (XSS) vulnerability in index.php in FreeWebshop 2.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the cat parameter.

CWE-79 Nov 10, 2006

CVE-2006-5632 6.1 MEDIUM EPSS 0.00

IG Shop - XSS

Cross-site scripting (XSS) vulnerability in change_pass.php in iG Shop 1.4 allows remote attackers to inject arbitrary web script or HTML via the id parameter, a different vulnerability than CVE-2006-5631. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

CWE-79 Oct 31, 2006

CVE & Exploit Intelligence Database

Investigate

Ecosystems

Reference Indexes

Recent Blog Posts

CVEForge Labs

KEV Gaps