Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2007-0849

Malware in sbrugna...

6.8CVSS6.4AI score0.00977EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2007-0850

Malware in sbrugna...

7.5CVSS6.4AI score0.00502EPSS
Exploits0References5
Tenable Nessus
Tenable Nessusadded 2007/02/09 12:0 a.m.55 views

DevTrack Web Service UserName Field SQL Injection

The remote host is running DevTrack, a defect and project tracking tool. The DevTrack Web Services component installed on the remote host contains an ASP script that fails to sanitize user-supplied input to the 'UserName' parameter before using it in a database query. An unauthenticated, remote...

7.5CVSS5.8AI score0.00502EPSS
Exploits0References1
Prion
Prionadded 2007/02/08 6:28 p.m.11 views

Sql injection

SQL injection vulnerability in DevTrack 6.0.3 allows remote attackers to execute arbitrary SQL commands via the Username form field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

7.5CVSS8.7AI score0.00502EPSS
Exploits0References4Affected Software1
NVD
NVDadded 2007/02/08 6:28 p.m.12 views

CVE-2007-0853

SQL injection vulnerability in DevTrack 6.0.3 allows remote attackers to execute arbitrary SQL commands via the Username form field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

7.5CVSS8AI score0.00502EPSS
Exploits0References4
Prion
Prionadded 2007/02/08 6:28 p.m.9 views

Cross site scripting

Cross-site scripting XSS vulnerability in DevTrack 6.x allows remote attackers to inject arbitrary web script or HTML via the "Keyword search" form field and unspecified other form fields that populate a public saved query. NOTE: the provenance of this information is unknown; the details are...

6.8CVSS6.1AI score0.00977EPSS
Exploits0References3Affected Software1
CVE
CVEadded 2007/02/08 6:0 p.m.47 views

CVE-2007-0853

CVE-2007-0853 is a SQL injection in DevTrack 6.0.3. The vulnerability resides in the Web Services component’s handling of the 'UserName' parameter, where unsanitized input is used in a database query. An unauthenticated, remote attacker could manipulate SQL queries via the Username form field, po...

7.5CVSS8AI score0.00502EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2007/02/08 6:0 p.m.15 views

CVE-2007-0852

Cross-site scripting XSS vulnerability in DevTrack 6.x allows remote attackers to inject arbitrary web script or HTML via the "Keyword search" form field and unspecified other form fields that populate a public saved query. NOTE: the provenance of this information is unknown; the details are...

5.6AI score0.00977EPSS
Exploits0References3
CVE
CVEadded 2007/02/08 6:0 p.m.38 views

CVE-2007-0852

DevTrack 6.x is affected by CVE-2007-0852, a cross-site scripting (XSS) vulnerability. The flaw allows remote attackers to inject arbitrary web script or HTML via the Keyword search form field and other inputs that populate a public saved query. Descriptions in CVE/NVD records confirm unsafe hand...

6.8CVSS5.6AI score0.00977EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2007/02/08 6:0 p.m.19 views

CVE-2007-0853

SQL injection vulnerability in DevTrack 6.0.3 allows remote attackers to execute arbitrary SQL commands via the Username form field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

8AI score0.00502EPSS
Exploits0References4
Rows per page
Query Builder