CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2007-6052
https://notcve.org/view.php?id=CVE-2007-6052
20 Nov 2007 — IBM DB2 UDB 9.1 before Fixpak 4 does not properly perform vector aggregation, which might allow attackers to cause a denial of service (divide-by-zero error and DBMS crash), related to an "overflow." NOTE: the vendor description of this issue is too vague to be certain that it is security-related. IBM DB2 UDB 9.1 anterior a Fixpak 4 no realiza adecuadamente la suma de vector, lo cual permite a atacantes provocar denegación de servicio (error de división por zero y caida DBMS), relacionad con un "desbordamie... • http://www-1.ibm.com/support/docview.wss?uid=swg1IZ08205 •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2007-6053
https://notcve.org/view.php?id=CVE-2007-6053
20 Nov 2007 — IBM DB2 UDB 9.1 before Fixpak 4 does not properly handle use of large numbers of file descriptors, which might allow attackers to have an unknown impact involving "memory corruption." NOTE: the vendor description of this issue is too vague to be certain that it is security-related. IBM DB2 UDB 9.1 anterior a Fixpak 4 no maneja de forma adecuada la utilización de números grandes de descriptores de archivos, lo cual podría permitira a atacantes tener un impacto desconocido afectando a "corrupción de memoria".... • http://www-1.ibm.com/support/docview.wss?uid=swg1IZ04039 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 1%CPEs: 43EXPL: 0CVE-2007-3073
https://notcve.org/view.php?id=CVE-2007-3073
06 Jun 2007 — Directory traversal vulnerability in Mozilla Firefox 2.0.0.4 and earlier on Mac OS X and Unix allows remote attackers to read arbitrary files via ..%2F (dot dot encoded slash) sequences in a resource:// URI. Vulnerabilidad de salto de directorio en Mozilla Firefox 2.0.0.4 y anteriores en Mac OS X y Unix permite a atacantes remotos leer archivos de su elección mediante secuencias ..%2F (punto punto, barra codificada) en un URI resource://. • http://ha.ckers.org/blog/20070516/read-firefox-settings-poc •
CVSS: 5.3EPSS: 0%CPEs: 20EXPL: 0CVE-2006-7164
https://notcve.org/view.php?id=CVE-2006-7164
20 Mar 2007 — SimpleFileServlet in IBM WebSphere Application Server 5.0.1 through 5.0.2.7 on Linux and UNIX does not block certain invalid URIs and does not issue a security challenge, which allows remote attackers to read secure files and obtain sensitive information via certain requests. SimpleFileServlet en IBM WebSphere Application Server 5.0.1 hasta 5.0.2.7 en Linux y UNIX no bloquea determinados URIs inválidos y no emite un desafío de seguridad, lo cual permite a atacantes remotos leer archivos seguros y obtener in... • http://www-1.ibm.com/support/docview.wss?uid=swg24013029 •
CVSS: 4.4EPSS: 0%CPEs: 10EXPL: 0CVE-2007-1228
https://notcve.org/view.php?id=CVE-2007-1228
02 Mar 2007 — IBM DB2 UDB 8.2 before Fixpak 7 (aka fixpack 14), and DB2 9 before Fix Pack 2, on UNIX allows the "fenced" user to access certain unauthorized directories. IBM DB2 UDB 8.2 anterior a ixpak 7 (también conocido como fixpack 14), y DB2 9 anterior a Fix Pack 2, sobre UNIX permite al usuario "cercano" acceder a ciertos directorios no autorizados. • http://secunia.com/advisories/24387 • CWE-287: Improper Authentication •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 3CVE-2003-1372 – myPHPNuke 1.8.8 - 'links.php' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2003-1372
31 Dec 2003 — Cross-site scripting (XSS) vulnerability in links.php script in myPHPNuke 1.8.8, and possibly earlier versions, allows remote attackers to inject arbitrary HTML and web script via the (1) ratenum or (2) query parameters. • https://www.exploit-db.com/exploits/22268 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2003-1423
https://notcve.org/view.php?id=CVE-2003-1423
31 Dec 2003 — Petitforum stores the liste.txt data file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as e-mail addresses and encrypted passwords. • http://securitytracker.com/id?1006117 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2003-1454
https://notcve.org/view.php?id=CVE-2003-1454
31 Dec 2003 — Invision Power Services Invision Board 1.0 through 1.1.1, when a forum is password protected, stores the administrator password in a cookie in plaintext, which could allow remote attackers to gain access. • http://securityreason.com/securityalert/3276 •
CVSS: 9.8EPSS: 4%CPEs: 4EXPL: 1CVE-2003-1456 – Mike Bobbitt Album.PL 0.61 - Remote Command Execution
https://notcve.org/view.php?id=CVE-2003-1456
31 Dec 2003 — Album.pl 6.1 allows remote attackers to execute arbitrary commands, when an alternative configuration file is used, via unknown attack vectors. • https://www.exploit-db.com/exploits/22545 • CWE-20: Improper Input Validation •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2003-1467
https://notcve.org/view.php?id=CVE-2003-1467
31 Dec 2003 — Multiple cross-site scripting (XSS) vulnerabilities in (1) login.php, (2) register.php, (3) post.php, and (4) common.php in Phorum before 3.4.3 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors. • http://securityreason.com/securityalert/3288 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •