HOMEVULNERABILITIESVENDORSSanta Cruz Operation

Santa Cruz OperationCVEs & Vulnerabilities

7 CVEs affecting Santa Cruz Operation products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

sco unix 7
CVE-2007-6232MEDIUMpoc

Cross-site scripting (XSS) vulnerability in index.php in FTP Admin 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the error parameter in an error page action.

4 Dec 2007
4.3
CVSS
CVE-2007-4938HIGHpoc

Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry value.

18 Sep 2007
7.6
CVSS
CVE-2007-2736CRITICALpoc

PHP remote file inclusion vulnerability in index.php in Achievo 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the config_atkroot parameter.

17 May 2007
10.0
CVSS
CVE-2007-1898MEDIUMpoc

formmail.php in Jetbox CMS 2.1 allows remote attackers to send arbitrary e-mails (spam) via modified recipient, _SETTINGS[allowed_email_hosts][], and subject parameters.

17 May 2007
5.8
CVSS
CVE-2007-2191MEDIUMpoc

Multiple cross-site scripting (XSS) vulnerabilities in freePBX 2.2.x allow remote attackers to inject arbitrary web script or HTML via the (1) From, (2) To, (3) Call-ID, (4) User-Agent, and unspecified other SIP protocol fields, which are stored in /var/log/asterisk/full and displayed by admin/modules/logfiles/asterisk-full-log.php.

24 Apr 2007
6.8
CVSS
CVE-2006-7034HIGH

SQL injection vulnerability in directory.php in Super Link Exchange Script 1.0 might allow remote attackers to execute arbitrary SQL queries via the cat parameter.

23 Feb 2007
7.5
CVSS
CVE-2007-1043HIGHpoc

Ezboo webstats, possibly 3.0.3, allows remote attackers to bypass authentication and gain access via a direct request to (1) update.php and (2) config.php.

21 Feb 2007
7.5
CVSS
← PrevPage 1 / 1Next →