CVE-2007-4895

Directory traversal vulnerability in dwoprn.php in Sisfo Kampus 2006 (Semarang 3) allows remote attackers to read arbitrary files via the f parameter.

Publication date: Fri, 14 Sep 2007 23:17:00 +0000

Cyber News related to CVE-2007-4895

CVE-2015-2503 - Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 ...
6 years ago

CVE-2007-4895 - Directory traversal vulnerability in dwoprn.php in Sisfo Kampus 2006 (Semarang 3) allows remote attackers to read arbitrary files via the f parameter. ...
7 years ago

CVE-2012-4896 - Heap-based buffer overflow in SumatraPDF before 2.1 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2012-4895. ...
4 years ago

CVE-2012-4895 - Heap-based buffer overflow in SumatraPDF before 2.1 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2012-4896. ...
4 years ago

CVE-2011-4895 - Tor before 0.2.2.34, when configured as a bridge, sets up circuits through a process different from the process used by a client, which makes it easier for remote attackers to enumerate bridges by observing circuit building. ...
13 years ago

CVE-2005-4895 - Multiple integer overflows in TCMalloc (tcmalloc.cc) in gperftools before 0.4 make it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, which causes less memory to be allocated ...
1 year ago

CVE-2014-4895 - The Herpin Time Radio (aka com.herpin.time.radio) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. ...
10 years ago

CVE-2016-4895 - SetsucoCMS all versions allows remote authenticated attackers to conduct code injection attacks via unspecified vectors. ...
7 years ago

CVE-2010-4895 - Cross-site scripting (XSS) vulnerability in core/showsite.php in chillyCMS 1.1.3 allows remote attackers to inject arbitrary web script or HTML via the name parameter (aka the username field). NOTE: some of these details are obtained from third ...
7 years ago

CVE-2008-4895 - SQL injection vulnerability in tr.php in YourFreeWorld Downline Builder allows remote attackers to execute arbitrary SQL commands via the id parameter. ...
7 years ago

CVE-2018-4895 - An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. The vulnerability is caused by the computation that writes data past the end of the ...
6 years ago

CVE-2006-4895 - IDevSpot NexieAffiliate 1.9 and earlier allows remote attackers to delete arbitrary affiliates via a modified id parameter to delete.php. ...
6 years ago

CVE-2017-4895 - Airwatch Agent for Android contains a vulnerability that may allow a device to bypass root detection. Successful exploitation of this issue may result in an enrolled device having unrestricted access over local Airwatch security controls and data. ...
5 years ago

CVE-2009-4895 - Race condition in the tty_fasync function in drivers/char/tty_io.c in the Linux kernel before 2.6.32.6 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via unknown ...
4 years ago

CVE-2020-4895 - IBM Emptoris Strategic Supply Management 10.1.0, 10.1.1, and 10.1.3 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially ...
4 years ago

CVE-2015-4895 - Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB. ...
2 years ago

CVE-2022-4895 - Improper Certificate Validation vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Analytics probe component), Hitachi Ops Center Analyzer on Linux (Analyzer probe component) allows Man in the Middle Attack.This issue affects Hitachi ...
1 year ago

CVE-2022-1616 - Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution ...
1 year ago

CVE-2023-4895 - An issue has been discovered in GitLab EE affecting all versions starting from 12.0 to 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. This vulnerability allows for bypassing the 'group ip ...
4 months ago

CVE-2024-4895 - The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the CSV import functionality in all versions up to, and including, 3.4.2.12 due to insufficient ...
8 months ago

CVE-2013-6078 - The default configuration of EMC RSA BSAFE Toolkits and RSA Data Protection Manager (DPM) 20130918 uses the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm, which makes it easier for context-dependent attackers to ...
10 years ago

CVE-2011-1892 - Microsoft Office Groove 2007 SP2, SharePoint Workspace 2010 Gold and SP1, Office Forms Server 2007 SP2, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Office Groove Data Bridge Server 2007 SP2, Office Groove Management ...
6 years ago

CVE-2015-0085 - Use-after-free vulnerability in Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Office 2013 Gold and SP1, Word 2013 Gold and SP1, Office 2013 RT Gold ...
6 years ago

CVE-2016-0012 - Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Visio 2013 SP1, ...
6 years ago

CVE-2007-4246 - Unspecified vulnerability, possibly a buffer overflow, in Justsystem Ichitaro 2007 and earlier allows remote attackers to execute arbitrary code via a modified document, as actively exploited in August 2007 by malware such as Tarodrop.D (Tarodrop.Q), ...
7 years ago

Latest Cyber News

Google Chrome disables uBlock Origin for some in Manifest v3 rollout - 6 hours ago
CVE-2025-25282 - 6 hours ago
CVE-2025-1555 - 6 hours ago
Hackers drained $1.4 billion of cryptocurrency from Bybit exchange, CEO confirms | The Record from Recorded Future News - 7 hours ago
Auto-Generated Password Vulnerability In Sitevision Leaks Signing Key - 8 hours ago
CVE-2025-25604 - 8 hours ago
CVE-2025-25605 - 8 hours ago
CVE-2025-25767 - 8 hours ago
CVE-2025-25768 - 8 hours ago
CVE-2025-25769 - 8 hours ago
CVE-2025-25770 - 8 hours ago
CVE-2025-25772 - 8 hours ago
CVE-2020-19248 - 8 hours ago
SpyLend Android malware downloaded 100,000 times from Google Play - 8 hours ago
CVE-2025-25876 - 9 hours ago
CVE-2025-25877 - 9 hours ago
CVE-2025-25878 - 9 hours ago
CVE-2025-25765 - 9 hours ago
CVE-2025-25766 - 9 hours ago
CVE-2025-25875 - 9 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

CVE-2025-25958 - 1 day ago
CVE-2025-25960 - 1 day ago
CVE-2024-54756 - 1 day ago
CVE-2024-7131 - 1 day ago
CVE-2025-22973 - 1 day ago
CVE-2025-25662 - 1 day ago
CVE-2025-25663 - 1 day ago
CVE-2025-25664 - 1 day ago
CVE-2025-25667 - 1 day ago
CVE-2025-25668 - 1 day ago
CVE-2025-25674 - 1 day ago
CVE-2025-25675 - 1 day ago
CVE-2025-25676 - 1 day ago
CVE-2025-25678 - 1 day ago
CVE-2025-25679 - 1 day ago
CVE-2025-25957 - 1 day ago
CVE-2025-27088 - 1 day ago
CVE-2025-27100 - 1 day ago
CVE-2025-1001 - 1 day ago
CVE-2024-13235 - 23 hours ago