271271
|
- |
|
menalto
|
gallery
|
Open redirect vulnerability in Menalto Gallery before 2.2.4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the (1) Core and (2) print modul…
|
CWE-59
Link Following
|
CVE-2007-6692
|
2008-11-15 16:06 |
2008-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271272
|
- |
|
menalto
|
gallery_webcam_module
|
Unspecified vulnerability in the WebCam module in Menalto Gallery before 2.2.4 has unknown impact and attack vectors related to a "proxied request."
|
NVD-CWE-noinfo
|
CVE-2007-6693
|
2008-11-15 16:06 |
2008-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271273
|
- |
|
webcalendar
|
webcalendar
|
Multiple cross-site scripting (XSS) vulnerabilities in WebCalendar 1.1.6 allow remote attackers to inject arbitrary web script or HTML via (1) an event description, (2) the query string to pref.php, …
|
CWE-79
Cross-site Scripting
|
CVE-2007-6696
|
2008-11-15 16:06 |
2008-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271274
|
- |
|
aol
|
ygp_piceditor_activex_control
|
Multiple buffer overflows in the AIM PicEditor 9.5.1.8 ActiveX control in YGPPicEdit.dll in AOL You've Got Pictures (YGP) Picture Editor allow remote attackers to cause a denial of service (browser c…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-6699
|
2008-11-15 16:06 |
2008-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271275
|
- |
|
ibm
|
websphere_mq
|
The WebSphere MQ XA 5.3 before FP13 and 6.0.x before 6.0.2.1 client for Windows, when running in an MTS or a COM+ environment, grants the PROCESS_DUP_HANDLE privilege to the Everyone group upon conne…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-6705
|
2008-11-15 16:06 |
2008-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271276
|
- |
|
mozilla
|
firefox
|
Mozilla Firefox allows remote attackers to cause a denial of service (crash) via crafted image, as demonstrated by the zzuf lol-firefox.gif test case.
|
NVD-CWE-noinfo
|
CVE-2007-6715
|
2008-11-15 16:06 |
2008-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271277
|
- |
|
mantis
|
mantis
|
Cross-site scripting (XSS) vulnerability in view.php in Mantis before 1.1.0 allows remote attackers to inject arbitrary web script or HTML via a filename, related to bug_report.php.
|
CWE-79
Cross-site Scripting
|
CVE-2007-6611
|
2008-11-15 16:05 |
2008-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271278
|
- |
|
atlassian
|
jira
|
Cross-site scripting (XSS) vulnerability in 500page.jsp in JIRA Enterprise Edition before 3.12.1 allows remote attackers to inject arbitrary web script or HTML, which is not properly handled when gen…
|
CWE-79
Cross-site Scripting
|
CVE-2007-6617
|
2008-11-15 16:05 |
2008-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271279
|
- |
|
atlassian
|
jira
|
JIRA Enterprise Edition before 3.12.1 allows remote attackers to delete another user's shared filter via a modified filter ID.
|
NVD-CWE-Other
|
CVE-2007-6618
|
2008-11-15 16:05 |
2008-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271280
|
- |
|
atlassian
|
jira
|
The Setup Wizard in Atlassian JIRA Enterprise Edition before 3.12.1 does not properly restrict setup attempts after setup is complete, which allows remote attackers to change the default language.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-6619
|
2008-11-15 16:05 |
2008-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|