CVE-2007-1714

Cross-site scripting (XSS) vulnerability in index.php in CcCounter 2.0 allows remote attackers to inject arbitrary web script or HTML via dir parameter.

Publication date: Wed, 28 Mar 2007 02:19:00 +0000

Cyber News related to CVE-2007-1714

CVE-2015-2503 - Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 ...
6 years ago

CVE-2007-1714 - Cross-site scripting (XSS) vulnerability in index.php in CcCounter 2.0 allows remote attackers to inject arbitrary web script or HTML via dir parameter. ...
6 years ago

CVE-2021-1714 - Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1713. ...
4 years ago

CVE-2020-1714 - A flaw was found in Keycloak before version 11.0.0, where the code base contains usages of ObjectInputStream without type checks. This flaw allows an attacker to inject arbitrarily serialized Java Objects, which would then get deserialized in a ...
3 years ago

CVE-2005-1714 - Cross-site scripting (XSS) vulnerability in NetWin SurgeMail 3.0c2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. ...
13 years ago

CVE-2012-1714 - Unspecified vulnerability in a TList 6 ActiveX control in Oracle Hyperion Financial Management 11.1.1.4 and 11.1.2.1.104 allows remote attackers to execute arbitrary code via unknown vectors. ...
12 years ago

CVE-2004-1714 - BlackICE PC Protection and Server Protection installs (1) firewall.ini, (2) blackice.ini, (3) sigs.ini and (4) protect.ini with Everyone Full Control permissions, which allows local users to cause a denial of service (crash) or modify configuration, ...
7 years ago

CVE-2009-1714 - Cross-site scripting (XSS) vulnerability in Web Inspector in WebKit in Apple Safari before 4.0 allows user-assisted remote attackers to inject arbitrary web script or HTML, and read local files, via vectors related to the improper escaping of HTML ...
7 years ago

CVE-2010-1714 - Directory traversal vulnerability in the Arcade Games (com_arcadegames) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. ...
7 years ago

CVE-2011-1714 - Cross-site scripting (XSS) vulnerability in framework/source/resource/qx/test/jsonp_primitive.php in QooxDoo 1.3 and possibly other versions, as used in eyeOS 2.2 and 2.3, and possibly other products allows remote attackers to inject arbitrary web ...
7 years ago

CVE-2013-1714 - The Web Workers implementation in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 does not properly restrict XMLHttpRequest calls, which allows ...
7 years ago

CVE-2008-1714 - SQL injection vulnerability in show.php in FaScript FaPhoto 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter. ...
7 years ago

CVE-2015-1714 - Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." ...
6 years ago

CVE-2006-1714 - CRLF injection vulnerability in index.php in Christoph Roeder phpMyForum 4.0 allows remote attackers to inject HTTP headers via hex-encoded CRLF sequences in the type parameter. ...
6 years ago

CVE-2017-1714 - IBM Notes and Domino NSD 8.5 and 9.0 could allow an authenticated local user without administrative privileges to gain System privilege. IBM X-Force ID: 134633. ...
5 years ago

CVE-2002-1714 - Microsoft Internet Explorer 5.0 through 6.0 allows remote attackers to cause a denial of service (crash) via an object of type "text/html" with the DATA field that identifies the HTML document that contains the object, which may cause ...
3 years ago

CVE-2014-1714 - The ScopedClipboardWriter::WritePickledData function in ui/base/clipboard/scoped_clipboard_writer.cc in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows does not verify a certain format value, which allows ...
1 year ago

CVE-2016-1714 - The (1) fw_cfg_write and (2) fw_cfg_read functions in hw/nvram/fw_cfg.c in QEMU before 2.4, when built with the Firmware Configuration device emulation support, allow guest OS users with the CAP_SYS_RAWIO privilege to cause a denial of service ...
2 years ago

CVE-2022-1714 - Out-of-bounds Read in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or ...
1 year ago

CVE-2019-1714 - A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 Single Sign-On (SSO) for Clientless SSL VPN (WebVPN) and AnyConnect Remote Access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower ...
1 year ago

CVE-2023-1714 - Unsafe variable extraction in bitrix/modules/main/classes/general/user_options.php in Bitrix24 22.0.300 allows remote authenticated attackers to execute arbitrary code via (1) appending arbitrary content to existing PHP files or (2) PHAR ...
1 year ago

CVE-2024-1714 - An issue exists in all supported versions of IdentityIQ Lifecycle Manager that can result if an entitlement with a value containing leading or trailing whitespace is requested by an authenticated user in an access request. ...
11 months ago

CVE-2024-20114 - In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09037038; Issue ...
3 months ago Tenable.com

CVE-2024-50293 - In the Linux kernel, the following vulnerability has been resolved: net/smc: do not leave a dangling sk pointer in __smc_create() Thanks to commit 4bbd360a5084 ("socket: Print pf->create() when it does not clear sock->sk on failure."), syzbot found ...
3 months ago Tenable.com

CVE-2013-6078 - The default configuration of EMC RSA BSAFE Toolkits and RSA Data Protection Manager (DPM) 20130918 uses the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm, which makes it easier for context-dependent attackers to ...
10 years ago

Latest Cyber News

BlackBastaGPT – A ChatGPT Powered Tool to Uncover Ransomware Group Tactics - Cyber Security News - 2 hours ago
CVE-2022-28339 - 7 hours ago
Beware: PayPal "New Address" feature abused to send phishing emails - 8 hours ago
CVE-2025-26774 - 12 hours ago
CVE-2025-26776 - 12 hours ago
CVE-2025-26973 - 12 hours ago
CVE-2025-27012 - 12 hours ago
CVE-2025-26750 - 12 hours ago
CVE-2025-26756 - 12 hours ago
CVE-2025-26757 - 12 hours ago
CVE-2025-26760 - 12 hours ago
CVE-2025-26763 - 12 hours ago
CVE-2025-26764 - 12 hours ago
Fake CS2 tournament streams used to steal crypto, Steam accounts - 13 hours ago
CVE-2024-12577 - 13 hours ago
CVE-2024-46975 - 13 hours ago
CVE-2024-47896 - 13 hours ago
CVE-2024-52939 - 13 hours ago
CVE-2025-0957 - 14 hours ago
CVE-2025-1556 - 15 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

BlackBastaGPT – A ChatGPT Powered Tool to Uncover Ransomware Group Tactics - Cyber Security News - 2 hours ago
CVE-2019-8900 - 1 day ago
CVE-2025-26622 - 1 day ago
CVE-2025-27104 - 1 day ago
CVE-2025-27105 - 1 day ago
CVE-2025-27106 - 1 day ago
CVE-2025-27108 - 1 day ago
CVE-2025-27109 - 1 day ago
CVE-2024-45674 - 1 day ago
CVE-2024-22341 - 1 day ago
CVE-2023-4261 - 1 day ago
CVE-2024-13873 - 1 day ago
CVE-2024-13899 - 1 day ago
CVE-2025-1509 - 1 day ago
CVE-2025-1510 - 1 day ago
CVE-2024-12038 - 23 hours ago
CVE-2024-12467 - 23 hours ago
CVE-2024-13474 - 23 hours ago
CVE-2024-13798 - 23 hours ago
CVE-2024-13564 - 19 hours ago