Creative Guestbook 1.0 allows remote attackers to add an administrative account via a direct request to createadmin.php with Name, Email, and PASSWORD parameters set.
Max CVSS
7.5
EPSS Score
1.10%
Published
2007-03-16
Updated
2017-10-11
IBM DB2 UDB 8.2 before Fixpak 7 (aka fixpack 14), and DB2 9 before Fix Pack 2, on UNIX allows the "fenced" user to access certain unauthorized directories.
Max CVSS
4.4
EPSS Score
0.06%
Published
2007-03-02
Updated
2009-02-11
webSPELL 4.0, and possibly later versions, allows remote attackers to bypass authentication via a ws_auth cookie, a different vulnerability than CVE-2006-4782.
Max CVSS
10.0
EPSS Score
1.21%
Published
2007-03-02
Updated
2018-10-16
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!