CVE-2007-0687

SQL injection vulnerability in i-search.php in Michelle's L2J Dropcalc 4 and earlier allows remote authenticated users to execute arbitrary SQL commands via the itemid parameter.

Publication date: Sat, 03 Feb 2007 07:28:00 +0000

Cyber News related to CVE-2007-0687

CVE-2015-2503 - Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 ...
6 years ago

CVE-2007-0687 - SQL injection vulnerability in i-search.php in Michelle's L2J Dropcalc 4 and earlier allows remote authenticated users to execute arbitrary SQL commands via the itemid parameter. ...
7 years ago

CVE-2004-0782 - Integer overflow in pixbuf_create_from_xpm (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, allows remote attackers to execute arbitrary code via certain n_col and cpp values that enable a heap-based ...
1 year ago

CVE-2021-0687 - In ellipsize of Layout.java, there is a possible ANR due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: ...
2 years ago

CVE-2000-0687 - Auction Weaver CGI script 1.03 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack in the catdir parameter. ...
16 years ago

CVE-2002-0687 - The "through the web code" capability for Zope 2.0 through 2.5.1 b1 allows untrusted users to shut down the Zope server via certain headers. ...
16 years ago

CVE-2005-0687 - Format string vulnerability in Hashcash 1.16 allows remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via format string specifiers in a reply address, which is not properly handled when printing ...
16 years ago

CVE-2012-0687 - TIBCO ActiveMatrix Runtime Platform in Service Grid and Service Bus 2.x before 2.3.2 and BusinessWorks Service Engine before 5.8.2; TIBCO ActiveMatrix Platform in TIBCO Silver Fabric ActiveMatrix Service Grid Distribution 3.1.3, Service Grid and ...
12 years ago

CVE-2013-0687 - The installer routine in Schneider Electric MiCOM S1 Studio uses world-writable permissions for executable files, which allows local users to modify the service or the configuration files, and consequently gain privileges or trigger incorrect ...
11 years ago

CVE-2015-0687 - The SNMP implementation in Cisco IOS 15.1(2)SG4 on Catalyst 4500 devices, when single-switch Virtual Switching System (VSS) is configured, allows remote authenticated users to cause a denial of service (device crash) by performing SNMP polling, aka ...
9 years ago

CVE-2011-0687 - Opera before 11.01 does not properly implement Wireless Application Protocol (WAP) dropdown lists, which allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted WAP document. ...
7 years ago

CVE-2009-0687 - The pf_test_rule function in OpenBSD Packet Filter (PF), as used in OpenBSD 4.2 through 4.5, NetBSD 5.0 before RC3, MirOS 10 and earlier, and MidnightBSD 0.3-current allows remote attackers to cause a denial of service (panic) via crafted IP packets ...
7 years ago

CVE-2001-0687 - Broker FTP server 5.9.5 for Windows NT and 9x allows a remote attacker to retrieve privileged web server system information by (1) issuing a CD command (CD C:) followed by the LS command, (2) specifying arbitrary paths in the UNC format ...
7 years ago

CVE-2008-0687 - Cross-site scripting (XSS) vulnerability in siteadmin/editor_files/includes/load_message.php in the Youtube Clone Script allows remote attackers to inject arbitrary web script or HTML via the lang[please_wait] parameter. ...
6 years ago

CVE-2006-0687 - process.php in DocMGR 0.54.2 does not initialize the $siteModInfo variable when a direct request is made, which allows remote attackers to include arbitrary local files or possibly remote files via a modified includeModule and siteModInfo variable. ...
6 years ago

CVE-1999-0687 - The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands. ...
6 years ago

CVE-2018-0687 - Cross-site scripting vulnerability in Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. ...
6 years ago

CVE-2017-0687 - A denial of service vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35583675. ...
5 years ago

CVE-2020-0687 - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. ...
3 years ago

CVE-2022-0687 - The Amelia WordPress plugin before 1.0.47 stores image blobs into actual files whose extension is controlled by the user, which may lead to PHP backdoors being uploaded onto the site. This vulnerability can be exploited by logged-in users with the ...
2 years ago

CVE-2016-0687 - Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the Hotspot sub-component. ...
2 years ago

CVE-2004-0687 - Multiple stack-based buffer overflows in (1) xpmParseColors in parse.c, (2) ParseAndPutPixels in create.c, and (3) ParsePixels in parse.c for libXpm before 6.8.1 allow remote attackers to execute arbitrary code via a malformed XPM image file. ...
2 years ago

CVE-2023-0687 - A vulnerability was found in GNU C Library 2.38. It has been declared as critical. This vulnerability affects the function __monstartup of the file gmon.c of the component Call Graph Monitor. The manipulation leads to buffer overflow. It is ...
11 months ago

CVE-2003-0687 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate has been revoked by its Candidate Numbering Authority (CNA) because it was internally assigned to a problem that was not reachable (the affected routine was ...
55 years ago Tenable.com

CVE-2024-0687 - The Restrict User Access – Ultimate Membership & Content Protection plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.5 via API. This makes it possible for unauthenticated attackers to obtain the ...
10 months ago

Latest Cyber News

CVE-2025-24982 - 1 day ago
CVE-2025-22475 - 1 day ago
CVE-2025-1003 - 1 day ago
CVE-2025-0148 - 1 day ago
CVE-2025-24957 - 1 day ago
CVE-2025-24958 - 1 day ago
CVE-2025-22129 - 1 day ago
CVE-2025-23210 - 1 day ago
CVE-2025-24029 - 1 day ago
CVE-2025-24371 - 1 day ago
CVE-2025-24901 - 1 day ago
CVE-2025-24902 - 1 day ago
CVE-2025-24905 - 1 day ago
CVE-2025-24906 - 1 day ago
CVE-2024-35177 - 1 day ago
CVE-2024-47770 - 1 day ago
CVE-2025-24960 - 1 day ago
CVE-2025-24961 - 1 day ago
CVE-2025-24962 - 1 day ago
CVE-2025-22918 - 1 day ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

CVE-2024-20141 - 2 days ago
CVE-2024-20142 - 2 days ago
CVE-2024-20147 - 2 days ago
CVE-2025-20631 - 2 days ago
CVE-2025-20632 - 2 days ago
CVE-2025-20633 - 2 days ago
CVE-2025-20634 - 2 days ago
CVE-2025-20635 - 2 days ago
CVE-2025-20636 - 2 days ago
CVE-2025-20637 - 2 days ago
CVE-2025-20638 - 2 days ago
CVE-2025-20639 - 2 days ago
CVE-2025-20640 - 2 days ago
CVE-2025-20641 - 2 days ago
CVE-2025-20642 - 2 days ago
CVE-2025-20643 - 2 days ago
CVE-2025-25062 - 2 days ago
CVE-2025-25063 - 2 days ago
CVE-2024-57966 - 2 days ago
CVE-2024-13347 - 1 day ago