70 results (0.009 seconds)

CVSS: 7.1EPSS: 78%CPEs: 8EXPL: 1

Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of service via a certain GIF file, as demonstrated by Art.gif. Microsoft Windows Explorer (explorer.exe) permite a atacantes remotos con la complicidad del usuario provocar una denegación de servicio mediante un determinado fichero GIF, como se demuestra con Art.gif. • https://www.exploit-db.com/exploits/4215 http://lostmon.blogspot.com/2007/08/windows-extended-file-attributes-buffer.html http://osvdb.org/43773 http://www.securityfocus.com/bid/25013 https://exchange.xforce.ibmcloud.com/vulnerabilities/35538 •

CVSS: 10.0EPSS: 5%CPEs: 18EXPL: 1

PHP remote file inclusion vulnerability in index.php in Achievo 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the config_atkroot parameter. Vulnerabilidad de inclusión remota de archivo en PHP en index.php de Achievo 1.1.0 permite a atacantes remotos ejecutar código PHP de su elección mediante una URL en el parámetro config_atkroot. • https://www.exploit-db.com/exploits/3928 http://osvdb.org/37919 http://www.securityfocus.com/bid/23992 https://exchange.xforce.ibmcloud.com/vulnerabilities/34305 •

CVSS: 5.8EPSS: 4%CPEs: 16EXPL: 1

formmail.php in Jetbox CMS 2.1 allows remote attackers to send arbitrary e-mails (spam) via modified recipient, _SETTINGS[allowed_email_hosts][], and subject parameters. formmail.php en Jetbox CMS 2.1 permite a atacantes remotos envíar e-mails de su elección a través de recipientes modificados, a través de los parámetros _SETTINGS[allowed_email_hosts][], y subject. Jetbox CMS version 2.1 suffers from an e-mail injection vulnerability that allows for spamming. • https://www.exploit-db.com/exploits/30040 http://securityreason.com/securityalert/2710 http://www.netvigilance.com/advisory0026 http://www.osvdb.org/34088 http://www.securityfocus.com/archive/1/468644/100/0/threaded http://www.securityfocus.com/bid/23989 http://www.securitytracker.com/id?1018063 http://www.vupen.com/english/advisories/2007/1831 https://exchange.xforce.ibmcloud.com/vulnerabilities/34292 •

CVSS: 5.0EPSS: 5%CPEs: 9EXPL: 1

Foxit Reader 2.0 allows remote attackers to cause a denial of service (application crash) via a crafted PDF document. Foxit Reader 2.0 permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) mediante un documento PDF manipulado artesanalmente. • https://www.exploit-db.com/exploits/3770 http://osvdb.org/39054 http://www.securityfocus.com/bid/23576 https://exchange.xforce.ibmcloud.com/vulnerabilities/33784 •

CVSS: 7.5EPSS: 0%CPEs: 18EXPL: 0

SQL injection vulnerability in directory.php in Super Link Exchange Script 1.0 might allow remote attackers to execute arbitrary SQL queries via the cat parameter. Vulnerabilidad de inyección SQL en directory.php en Super Link Exchange Script 1.0 podría permitir a atacantes remotos ejecutar consultas SQL de su elección a través del parámetro cat. • http://securityreason.com/securityalert/2285 http://www.securityfocus.com/archive/1/435166/30/4680/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/26720 •