269911
|
- |
|
ibm
|
lotus_notes
|
IBM Lotus Notes 5.x through 7.0.2 allows user-assisted remote authenticated administrators to obtain a cleartext notes.id password by setting the notes.ini (1) KFM_ShowEntropy and (2) Debug_Outfile d…
|
NVD-CWE-Other
|
CVE-2007-4309
|
2008-09-6 06:27 |
2007-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
269912
|
- |
|
coppermine
|
coppermine_photo_gallery
|
SQL injection vulnerability in Coppermine Photo Gallery (CPG) before 1.4.11 allows remote attackers to execute arbitrary SQL commands via an album password cookie to an unspecified component.
|
NVD-CWE-Other
|
CVE-2007-3558
|
2008-09-6 06:26 |
2007-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
269913
|
- |
|
vtiger
|
vtiger_crm
|
index.php in vtiger CRM before 5.0.3 allows remote authenticated users to obtain all users' names and e-mail addresses, and possibly change user settings, via a modified record parameter in a DetailV…
|
NVD-CWE-Other
|
CVE-2007-3598
|
2008-09-6 06:26 |
2007-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
269914
|
- |
|
vtiger
|
vtiger_crm
|
The SOAP webservice in vtiger CRM before 5.0.3 does not ensure that authenticated accounts are active, which allows remote authenticated users with inactive accounts to access and modify data, as dem…
|
NVD-CWE-Other
|
CVE-2007-3602
|
2008-09-6 06:26 |
2007-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
269915
|
- |
|
vtiger
|
vtiger_crm
|
index.php in vtiger CRM before 5.0.3 allows remote authenticated users to perform administrative changes to arbitrary profile settings via a certain profilePrivileges action in the Users module.
|
NVD-CWE-Other
|
CVE-2007-3616
|
2008-09-6 06:26 |
2007-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
269916
|
- |
|
php_lite
|
calendar_express
|
Multiple SQL injection vulnerabilities in PHP Lite Calendar Express 2.2 allow remote attackers to execute arbitrary SQL commands via the cid parameter to (1) login.php, (2) auth.php, and (3) subscrib…
|
NVD-CWE-Other
|
CVE-2007-3627
|
2008-09-6 06:26 |
2007-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
269917
|
- |
|
yahoo
|
messenger
|
Buffer overflow in Yahoo! Messenger 8.1 allows user-assisted remote authenticated users, who are listed in an address book, to execute arbitrary code via unspecified vectors, aka ZD-00000005. NOTE: …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-3638
|
2008-09-6 06:26 |
2007-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
269918
|
- |
|
ibm
|
db2
|
IBM DB2 Universal Database (UDB) Administration Server (DAS) 8 before Fix Pack 16 and 9 before Fix Pack 4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary c…
|
CWE-399
Resource Management Errors
|
CVE-2007-3676
|
2008-09-6 06:26 |
2008-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
269919
|
- |
|
gobi_and_helma
|
gobi
|
Cross-site scripting (XSS) vulnerability in Gobi as of 20070711, built on Helma, allows remote attackers to inject arbitrary web script or HTML via the q parameter to the search function.
|
NVD-CWE-Other
|
CVE-2007-3693
|
2008-09-6 06:26 |
2007-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
269920
|
- |
|
konst
|
centericq
|
Multiple buffer overflows in Konst CenterICQ 4.9.11 through 4.21 allow remote attackers to execute arbitrary code via unspecified vectors. NOTE: the provenance of this information is unknown; the det…
|
NVD-CWE-Other
|
CVE-2007-3713
|
2008-09-6 06:26 |
2007-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|