268391
|
- |
|
contentcustomizer
|
contentcustomizer
|
dialog.php in CONTENTCustomizer 3.1mp and earlier allows remote attackers to obtain sensitive author credentials by making a request with an editauthor action, then reading the value of the newlocalp…
|
CWE-200
Information Exposure
|
CVE-2007-5816
|
2008-11-15 16:02 |
2007-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268392
|
- |
|
avaya
|
message_networking messaging_storage_server
|
Unspecified vulnerability in the administrative interface in Avaya Messaging Storage Server (MSS) 3.1 before SP1, and Message Networking (MN) 3.1, allows remote attackers to cause a denial of service…
|
NVD-CWE-noinfo CWE-20
Improper Input Validation
|
CVE-2007-5830
|
2008-11-15 16:02 |
2007-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268393
|
- |
|
ssl-explorer
|
ssl-explorer
|
Unspecified vulnerability in selectLanguage.do in SSL-Explorer before 0.2.15 allows remote attackers to inject (1) headers or (2) body data in an HTTP transaction, a different vulnerability than CVE-…
|
NVD-CWE-noinfo CWE-20
Improper Input Validation
|
CVE-2007-5832
|
2008-11-15 16:02 |
2007-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268394
|
- |
|
easygb
|
easygb
|
Directory traversal vulnerability in index.php in easyGB 2.1.1 allows remote attackers to include arbitrary files via the DatabaseType parameter. NOTE: the provenance of this information is unknown;…
|
NVD-CWE-Other
|
CVE-2007-5890
|
2008-11-15 16:02 |
2007-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268395
|
- |
|
heimdal
|
heimdal
|
The gss_userok function in appl/ftp/ftpd/gss_userok.c in Heimdal 0.7.2 does not allocate memory for the ticketfile pointer before calling free, which allows remote attackers to have an unknown impact…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-5939
|
2008-11-15 16:02 |
2007-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268396
|
- |
|
helioscalendar
|
helios_calendar
|
Cross-site scripting (XSS) vulnerability in admin/index.php in Helios Calendar 1.2.1 Beta allows remote attackers to inject arbitrary web script or HTML via the username parameter. NOTE: the provena…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5952
|
2008-11-15 16:02 |
2007-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268397
|
- |
|
x7_group
|
x7_chat
|
Multiple cross-site scripting (XSS) vulnerabilities in X7 Chat 2.0.4, 2.0.5, and possibly other versions allow remote attackers to inject arbitrary web script or HTML via the (1) room parameter to so…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5982
|
2008-11-15 16:02 |
2007-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268398
|
- |
|
yappa-ng
|
yappa-ng
|
PHP remote file inclusion vulnerability in check_noimage.php in Fritz Berger yet another php photo album - next generation (yappa-ng) 2.3.2 allows remote attackers to execute arbitrary PHP code via a…
|
CWE-94
Code Injection
|
CVE-2007-5994
|
2008-11-15 16:02 |
2007-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268399
|
- |
|
microsoft
|
expression_media
|
Microsoft Expression Media stores the catalog password in cleartext in the catalog IVC file, which allows local users to obtain sensitive information and gain access to the catalog by reading the IVC…
|
CWE-310 CWE-200
Cryptographic Issues Information Exposure
|
CVE-2007-5470
|
2008-11-15 16:01 |
2007-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268400
|
- |
|
cisco
|
ios
|
Cross-site scripting (XSS) vulnerability in Cisco IOS allows remote attackers to inject arbitrary web script or HTML, and execute IOS commands, via unspecified vectors, aka PSIRT-2022590358. NOTE: a…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5547
|
2008-11-15 16:01 |
2007-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|