Lucene search
K

10 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2007-1569

Malware in sbrugna...

7.5CVSS6.2AI score0.02021EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2007-1570

Malware in sbrugna...

4.3CVSS6.2AI score0.01839EPSS
Exploits0References15
Prion
Prion
added 2007/03/23 11:19 p.m.22 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the checkcsrftoken function in lib/lib.inc.php in PHProjekt 5.2.0, when magicquotesgpc is disabled, allow remote attackers to perform unauthorized actions as an arbitrary user via the 1 Projects, 2 Contacts, 3 Helpdesk, 4 Notes, 5 Search...

6.8CVSS7.7AI score0.01723EPSS
Exploits0References9Affected Software1
NVD
NVD
added 2007/03/23 11:19 p.m.22 views

CVE-2007-1638

Multiple cross-site request forgery CSRF vulnerabilities in the checkcsrftoken function in lib/lib.inc.php in PHProjekt 5.2.0, when magicquotesgpc is disabled, allow remote attackers to perform unauthorized actions as an arbitrary user via the 1 Projects, 2 Contacts, 3 Helpdesk, 4 Notes, 5 Search...

6.8CVSS7.1AI score0.01723EPSS
Exploits0References9
CVE
CVE
added 2007/03/23 11:0 p.m.57 views

CVE-2007-1639

PHProjekt 5.2.0 contains an unrestricted file upload vulnerability (CVE-2007-1639) that allows an authenticated user to upload a PHP payload and execute code via a file with an executable extension, when magic_quotes_gpc is disabled. The issue can be triggered through modules such as calendar or ...

4.6CVSS7.3AI score0.0199EPSS
Exploits0References10Affected Software1
Prion
Prion
added 2007/03/21 9:19 p.m.21 views

Sql injection

Multiple SQL injection vulnerabilities in PHProjekt 5.2.0, when magicquotesgpc is disabled, allow remote authenticated users to execute arbitrary SQL commands via 1 unspecified vectors to the a calendar and 2 search modules, and an 2 unspecified cookie when the user logs out...

7.5CVSS8.7AI score0.02021EPSS
Exploits0References8Affected Software1
Prion
Prion
added 2007/03/21 9:19 p.m.12 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in PHProjekt 5.2.0, when magicquotesgpc is disabled, allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors to the 1 Projects, 2 Contacts, 3 Helpdesk, 4 Search only Gecko engine driven Browsers, and 5 Notes...

4.3CVSS5.7AI score0.01839EPSS
Exploits0References14Affected Software1
CVE
CVE
added 2007/03/21 9:0 p.m.58 views

CVE-2007-1575

PHProjekt 5.2.0 is affected by multiple SQL injection vulnerabilities when magic_quotes_gpc is off, allowing remote authenticated users to execute arbitrary SQL via (a) calendar and (b) search module vectors and via a logout cookie. The issues are documented in CVE-2007-1575 and cited advisories ...

7.5CVSS8AI score0.02021EPSS
Exploits0References8Affected Software1
securityvulns
securityvulns
added 2007/03/14 12:0 a.m.55 views

n.runs-SA-2007.005 - PHProjekt 5.2.0 - Cross Site Request Forgery

n.runs AG http://www.nruns.com/ security at nruns.com n.runs-SA-2007.005 14-Mar-2007 Vendor: Mayflower GmbH, http://www.mayflower.de Affected Products: PHProjekt 5.2.0 Vulnerability: Cross Site Request Forgery Risk: HIGH Vendor communication: 2006/12/31 initial notification of Mayflower 2007/01/0...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2007/03/14 12:0 a.m.50 views

n.runs-SA-2007.006 - PHProjekt 5.2.0 - Privilege escalation

n.runs AG http://www.nruns.com/ security at nruns.com n.runs-SA-2007.006 14-Mar-2007 Vendor: Mayflower GmbH, http://www.mayflower.de Affected Products: PHProjekt 5.2.0 Vulnerability: Privilege escalation Risk: HIGH Vendor communication: 2006/12/31 initial notification of Mayflower 2007/01/02...

0.1AI score
Exploits0
Rows per page
Query Builder