CyberSecurityBoard
Sponsor Register Login

CVE-2007-1572

SQL injection vulnerability in search.asp in JGBBS 3.0 Beta 1 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter, a different vector than CVE-2007-1440. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Publication date: Thu, 22 Mar 2007 02:19:00 +0000


Cyber News related to CVE-2007-1572

CVE-2024-40954 - In the Linux kernel, the following vulnerability has been resolved: ...
6 months ago
CVE-2015-2503 - Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 ...
6 years ago
CVE-2007-1572 - SQL injection vulnerability in search.asp in JGBBS 3.0 Beta 1 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter, a different vector than CVE-2007-1440. NOTE: the provenance of this information is unknown; ...
14 years ago
CVE-2008-2816 - SQL injection vulnerability in post.php in Oxygen (aka O2PHP Bulletin Board) 2.0 allows remote attackers to execute arbitrary SQL commands via the repquote parameter in a reply action, a different vector than CVE-2006-1572. ...
7 years ago
CVE-2015-1572 - Heap-based buffer overflow in closefs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code by causing a crafted block group descriptor to be marked as dirty. NOTE: this vulnerability exists because of an ...
7 years ago
CVE-2016-9646 - ikiwiki before 3.20161229 incorrectly called the CGI::FormBuilder->field method (similar to the CGI->param API that led to Bugzilla's CVE-2014-1572), which can be abused to lead to commit metadata forgery. ...
7 years ago
CVE-2006-6280 - SQL injection vulnerability in viewthread.php in Oxygen (O2PHP Bulletin Board) 1.1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter, a different vector than CVE-2006-1572. ...
6 years ago
CVE-2021-1572 - A vulnerability in ConfD could allow an authenticated, local attacker to execute arbitrary commands at the level of the account under which ConfD is running, which is commonly root. To exploit this vulnerability, an attacker must have a valid account ...
2 years ago
CVE-2001-1572 - The MAC module in Netfilter in Linux kernel 2.4.1 through 2.4.11, when configured to filter based on MAC addresses, allows remote attackers to bypass packet filters via small packets. ...
16 years ago
CVE-2002-1572 - Signed integer overflow in the bttv_read function in the bttv driver (bttv-driver.c) in Linux kernel before 2.4.20 has unknown impact and attack vectors. ...
16 years ago
CVE-2005-1572 - ShowOff! 1.5.4 allows remote attackers to cause a denial of service (server crash) via a malformed request to port 8083. ...
16 years ago
CVE-2003-1572 - Sun Java Media Framework (JMF) 2.1.1 through 2.1.1c allows unsigned applets to cause a denial of service (JVM crash) and read or write unauthorized memory locations via the ReadEnv class, as demonstrated by reading environment variables using ...
16 years ago
CVE-2014-1572 - The confirm_create_account function in the account-creation feature in token.cgi in Bugzilla 2.x through 4.0.x before 4.0.15, 4.1.x and 4.2.x before 4.2.11, 4.3.x and 4.4.x before 4.4.6, and 4.5.x before 4.5.6 does not specify a scalar context for ...
8 years ago
CVE-2004-1572 - AJ-Fork 167 does not restrict access to directories such as (1) data, (2) inc, (3) plugins, (4) skins, or (5) tools, which allows remote attackers to list files in those directories via a direct HTTP request. ...
7 years ago
CVE-2008-1572 - Image Capture in Apple Mac OS X before 10.5 does not properly use temporary files, which allows local users to overwrite arbitrary files, and display images that are being resized by this application. ...
7 years ago
CVE-2009-1572 - The BGP daemon (bgpd) in Quagga 0.99.11 and earlier allows remote attackers to cause a denial of service (crash) via an AS path containing ASN elements whose string representation is longer than expected, which triggers an assert error. ...
7 years ago
CVE-2010-1572 - Unspecified vulnerability in the tech support diagnostic shell in Cisco Application Extension Platform (AXP) 1.1 and 1.1.5 allows local users to obtain sensitive configuration information and gain administrator privileges via unspecified API calls. ...
7 years ago
CVE-2013-1572 - The dissect_oampdu_event_notification function in epan/dissectors/packet-slowprotocols.c in the IEEE 802.3 Slow Protocols dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle certain short lengths, which allows ...
7 years ago
CVE-1999-1572 - cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O (archive) or -F options, which creates the files with mode 0666 and allows local users to read or overwrite those ...
7 years ago
CVE-2006-1572 - SQL injection vulnerability in post.php in Oxygen 1.1.3 allows remote attackers to execute arbitrary SQL commands via the fid parameter in a newthread action. ...
6 years ago
CVE-2011-1572 - Directory traversal vulnerability in the Admin Defined Commands (ADC) feature in gitolite before 1.5.9.1 allows remote attackers to execute arbitrary commands via .. (dot dot) sequences in admin-defined commands. ...
5 years ago
CVE-2012-1572 - OpenStack Keystone: extremely long passwords can crash Keystone by exhausting stack space ...
5 years ago
CVE-2019-1572 - PAN-OS 9.0.0 may allow an unauthenticated remote user to access php files. ...
4 years ago
CVE-2016-1572 - mount.ecryptfs_private.c in eCryptfs-utils does not validate mount destination filesystem types, which allows local users to gain privileges by mounting over a nonstandard filesystem, as demonstrated by /proc/$pid. ...
3 years ago
CVE-2023-1572 - A vulnerability has been found in DataGear up to 1.11.1 and classified as problematic. This vulnerability affects unknown code of the component Plugin Handler. The manipulation leads to cross site scripting. It is possible to launch the attack on the ...
2 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)