Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-02-27 | CVE-2007-1129 | Input Validation vulnerability in Mtcms 3.2 Multiple unrestricted file upload vulnerabilities in MTCMS 3.2 allow remote attackers to upload and execute files via (1) an avatar upload in an add_down action, or (2) an add_link action. | 7.5 |
| 2007-02-27 | CVE-2007-1123 | Remote File Include vulnerability in Zpanel 2.0 Multiple PHP remote file inclusion vulnerabilities in ZPanel 2.0 allow remote attackers to execute arbitrary PHP code via a URL in (1) the body parameter to templates/ZPanelV2/template.php or (2) the page parameter to zpanel.php. | 7.5 |
| 2007-02-26 | CVE-2007-1107 | SQL Injection vulnerability in Coppermine Photo Gallery ThumbNails.PHP SQL injection vulnerability in thumbnails.php in Coppermine Photo Gallery (CPG) 1.3.x allows remote authenticated users to execute arbitrary SQL commands via a cpg131_fav cookie. | 7.5 |
| 2007-02-26 | CVE-2007-1100 | Local File Include vulnerability in Pickle Directory traversal vulnerability in download.php in Ahmet Sacan Pickle before 20070301 allows remote attackers to read arbitrary files via a .. | 7.8 |
| 2007-02-26 | CVE-2007-1099 | Unspecified vulnerability in Dropbear SSH Project Dropbear SSH dbclient in Dropbear SSH client before 0.49 does not sufficiently warn the user when it detects a hostkey mismatch, which might allow remote attackers to conduct man-in-the-middle attacks. | 7.5 |
| 2007-02-26 | CVE-2007-1098 | Denial-Of-Service vulnerability in Scrymud Multiple unspecified vulnerabilities in ScryMUD before 2.1.11 have unknown impact and attack vectors, possibly related to denial of service caused by a search that begins with a .* sequence. | 7.8 |
| 2007-02-26 | CVE-2007-1094 | Unspecified vulnerability in Microsoft Internet Explorer 7.0 Microsoft Internet Explorer 7 allows remote attackers to cause a denial of service (NULL dereference and application crash) via JavaScript onUnload handlers that modify the structure of a document. | 7.8 |
| 2007-02-26 | CVE-2007-1090 | Denial of Service vulnerability in Microsoft Windows Explorer WMF File Handling Microsoft Windows Explorer on Windows XP and 2003 allows remote user-assisted attackers to cause a denial of service (crash) via a malformed WMF file, which triggers the crash when the user browses the folder. network microsoft | 7.1 |
| 2007-02-24 | CVE-2006-7063 | Local File Include vulnerability in TinyPHPForum Directory traversal vulnerability in profile.php in TinyPHPforum 3.6 and earlier allows remote attackers to include and execute arbitrary files via ".." sequences in the uname parameter. | 7.5 |
| 2007-02-24 | CVE-2006-7062 | Remote Security vulnerability in Kmail calendar.php in Kamgaing Email System (kmail) 2.3 and earlier allows remote attackers to obtain the full path of the server via an invalid d parameter, which leaks the path in an error message. | 7.8 |