CVE-2007-4524

CVE-2015-2503 - Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 ...
6 years ago

CVE-2007-4524 - PHP remote file inclusion vulnerability in adisplay.php in PhPress 0.2.0 allows remote attackers to execute arbitrary PHP code via a URL in the lang parameter. ...
6 years ago

NIST Confusion Continues as Cyber Pros Complain CVE Uploads Stopped - A recent rise in software vulnerability exploits has come as the US National Vulnerability Database, the world's most comprehensive vulnerability database, experiences its most significant crisis in history. After experiencing a vulnerability ...
1 year ago Infosecurity-magazine.com

CVE-2023-4524 - ** REJECT ** CVE reject in favor of CVE-2023-40547 ...
1 year ago

CVE-2010-1677 - MHonArc 2.6.16 allows remote attackers to cause a denial of service (CPU consumption) via start tags that are placed within other start tags, as demonstrated by a <bo<bo<bo<bo<body>dy>dy>dy>dy> sequence, a different ...
7 years ago

CVE-2014-4524 - Cross-site scripting (XSS) vulnerability in classes/custom-image/media.php in the WP Easy Post Types plugin before 1.4.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the ref parameter. ...
10 years ago

CVE-2016-4524 - ABB PCM600 before 2.7 improperly stores OPC Server IEC61850 passwords in unspecified temporary circumstances, which allows local users to obtain sensitive information via unknown vectors. ...
9 years ago

CVE-2015-4524 - Unrestricted file upload vulnerability in EMC Documentum WebTop 6.7SP1 before P31, 6.7SP2 before P23, and 6.8 before P01; Documentum Administrator 6.7SP1 before P31, 6.7SP2 before P23, 7.0 before P18, 7.1 before P15, and 7.2 before P01; Documentum ...
8 years ago

CVE-2009-4524 - Cross-site scripting (XSS) vulnerability in the RealName module 6.x-1.x before 6.x-1.3 for Drupal allows remote attackers to inject arbitrary web script or HTML via a realname (aka real name) element. ...
7 years ago

CVE-2008-4524 - SQL injection vulnerability in the "Check User" feature (includes/check_user.php) in AdaptCMS Lite and AdaptCMS Pro 1.3 allows remote attackers to execute arbitrary SQL commands via the user_name parameter. ...
7 years ago

CVE-2011-4524 - Buffer overflow in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary code via a long string value in unspecified parameters. ...
1 year ago

CVE-2006-4524 - Multiple SQL injection vulnerabilities in login_verif.asp in Digiappz Freekot 1.01 allow remote attackers to execute arbitrary SQL commands via the (1) login or (2) password parameters. NOTE: some of these details are obtained from third party ...
6 years ago

CVE-2012-4524 - xlockmore before 5.43 'dclock' security bypass vulnerability ...
5 years ago

CVE-2013-4524 - Directory traversal vulnerability in repository/filesystem/lib.php in Moodle through 2.2.11, 2.3.x before 2.3.10, 2.4.x before 2.4.7, and 2.5.x before 2.5.3 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a path. ...
4 years ago

CVE-2020-4524 - IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a ...
4 years ago

CVE-2010-4524 - Cross-site scripting (XSS) vulnerability in lib/mhtxthtml.pl in MHonArc 2.6.16 allows remote attackers to inject arbitrary web script or HTML via a malformed start tag and end tag for a SCRIPT element, as demonstrated by <scr<body>ipt> ...
2 years ago

CVE-2022-4524 - A vulnerability, which was classified as problematic, was found in Roots soil Plugin up to 4.0.x. Affected is the function language_attributes of the file src/Modules/CleanUpModule.php. The manipulation of the argument language leads to cross site ...
2 years ago

CVE-2018-4524 - ** REJECT ** This candidate is unused by its CNA. ...
1 year ago

CVE-2005-4524 - Mantis 1.0.0rc3 does not properly handle "Make note private" when a bug is being resolved, which has unknown impact and attack vectors, probably related to an information leak. ...
14 years ago

CVE-2017-4524 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none ...
55 years ago Tenable.com

CVE-2024-4524 - A vulnerability, which was classified as problematic, was found in Campcodes Complete Web-Based School Management System 1.0. This affects an unknown part of the file /view/student_payment_invoice.php. The manipulation of the argument desc leads to ...
1 year ago

CVE-2025-4524 - The Madara – Responsive and modern WordPress theme for manga sites theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.2.2 via the 'template' parameter. This makes it possible for ...
3 weeks ago

CVE-2013-6078 - The default configuration of EMC RSA BSAFE Toolkits and RSA Data Protection Manager (DPM) 20130918 uses the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm, which makes it easier for context-dependent attackers to ...
10 years ago

CVE-2011-1892 - Microsoft Office Groove 2007 SP2, SharePoint Workspace 2010 Gold and SP1, Office Forms Server 2007 SP2, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Office Groove Data Bridge Server 2007 SP2, Office Groove Management ...
6 years ago

CVE-2015-0085 - Use-after-free vulnerability in Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Office 2013 Gold and SP1, Word 2013 Gold and SP1, Office 2013 RT Gold ...
6 years ago