CVSS: 9.3EPSS: 63%CPEs: 1EXPL: 2CVE-2008-0955 – Creative Software AutoUpdate Engine - ActiveX Control Buffer Overflow
https://notcve.org/view.php?id=CVE-2008-0955
Stack-based buffer overflow in the Creative Software AutoUpdate Engine ActiveX control in CTSUEng.ocx allows remote attackers to execute arbitrary code via a long CacheFolder property value. Desbordamiento de búfer basado en pila en el Control Creative Software AutoUpdate Engine ActiveX en CTSUEng.ocx, permite a atacantes remotos ejecutar código de su elección a través de un valor largo en "CacheFolder". • https://www.exploit-db.com/exploits/16539 https://www.exploit-db.com/exploits/5681 http://secunia.com/advisories/30403 http://www.kb.cert.org/vuls/id/501843 http://www.securityfocus.com/bid/29391 http://www.vupen.com/english/advisories/2008/1668 https://exchange.xforce.ibmcloud.com/vulnerabilities/42673 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 14%CPEs: 1EXPL: 1CVE-2007-2569 – Friendly 1.0d1 - 'friendly_path' Remote File Inclusion
https://notcve.org/view.php?id=CVE-2007-2569
Multiple PHP remote file inclusion vulnerabilities in Friendly 1.0d1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the friendly_path parameter to (1) core/data/yaml.inc.php, or _load.php in (2) core/data/, (3) core/display/, or (4) core/support/. Múltiples vulnerabilidades de inclusión remota de archivo en PHP en el Friendly 1.0d1 y versiones anteriores permiten a atacantes remotos ejecutar código PHP de su elección mediante una URL en el parámetro friendly_path del (1) core/data/yaml.inc.php o _load.php en (2) core/data/, (3) core/display/ o (4) core/support/. • https://www.exploit-db.com/exploits/3864 http://osvdb.org/37657 http://osvdb.org/37658 http://osvdb.org/37659 http://osvdb.org/37660 http://www.vupen.com/english/advisories/2007/1679 https://exchange.xforce.ibmcloud.com/vulnerabilities/34099 •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 1CVE-2007-1480 – creative Guestbook 1.0 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2007-1480
Creative Guestbook 1.0 allows remote attackers to add an administrative account via a direct request to createadmin.php with Name, Email, and PASSWORD parameters set. Creative Guestbook 1.0 permite a atacantes remotos añadir una cuenta de administración mediante una petición directa de createadmin.php con valor para los parámetros Name, Email, y PASSWORD. • https://www.exploit-db.com/exploits/3489 http://osvdb.org/34234 http://secunia.com/advisories/24536 https://exchange.xforce.ibmcloud.com/vulnerabilities/33014 • CWE-287: Improper Authentication •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2007-1479 – creative Guestbook 1.0 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2007-1479
Cross-site scripting (XSS) vulnerability in Guestbook.php in Creative Guestbook 1.0 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter. Vulnerabilidad de secuencia de comandos en sitios cruzados (XSS) en Guestbook.php en Creative Guestbook 1.0 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de un parámetro no especificado. • https://www.exploit-db.com/exploits/3489 http://osvdb.org/34233 http://secunia.com/advisories/24536 https://exchange.xforce.ibmcloud.com/vulnerabilities/33015 •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 7CVE-2006-2255 – Creative Software UK Community Portal 1.1 - 'Discussions.php?forum_id' SQL Injection
https://notcve.org/view.php?id=CVE-2006-2255
Multiple SQL injection vulnerabilities in Creative Community Portal 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter to (a) ArticleView.php, (2) forum_id parameter to (b) DiscView.php or (c) Discussions.php, (3) event_id parameter to (d) EventView.php, (4) AddVote and (5) answer_id parameter to (e) PollResults.php, or (7) mid parameter to (f) DiscReply.php. • https://www.exploit-db.com/exploits/27833 https://www.exploit-db.com/exploits/27836 https://www.exploit-db.com/exploits/27831 https://www.exploit-db.com/exploits/27832 https://www.exploit-db.com/exploits/27835 https://www.exploit-db.com/exploits/27834 http://pridels0.blogspot.com/2006/05/creative-community-portal-vuln.html http://secunia.com/advisories/19999 http://www.osvdb.org/25307 http://www.osvdb.org/25308 http://www.osvdb.org/25309 http://www.osvdb&# •