Julian Pawlowski : Security Vulnerabilities, CVEs,
SQL injection vulnerability in voircom.php in LulieBlog 1.02 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Max CVSS
7.5
EPSS Score
0.10%
Published
2008-01-25
Updated
2017-09-29
c2faxrecv in capi4hylafax 01.02.03 allows remote attackers to execute arbitrary commands via null (\0) and shell metacharacters in the TSI string, as demonstrated by a fax from an anonymous number.
Max CVSS
7.5
EPSS Score
1.87%
Published
2006-09-06
Updated
2011-03-08
CAPI4HylaFAX 1.3, when compiled with GENERATE_DEBUGSFFDATAFILE set, allows local users to modify arbitrary files via a symlink attack on the c2faxrecv_dbgdatafile.sff temporary file.
Max CVSS
1.2
EPSS Score
0.04%
Published
2006-03-14
Updated
2018-10-18
3 vulnerabilities found