|
271361
|
- |
|
ssreader
|
ultra_star_reader
|
Buffer overflow in the register function in Ultra Star Reader ActiveX control in SSReader allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild. NOTE: t…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-5807
|
2008-11-15 16:02 |
2007-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271362
|
- |
|
contentcustomizer
|
contentcustomizer
|
dialog.php in CONTENTCustomizer 3.1mp and earlier allows remote attackers to obtain sensitive author credentials by making a request with an editauthor action, then reading the value of the newlocalp…
|
CWE-200
Information Exposure
|
CVE-2007-5816
|
2008-11-15 16:02 |
2007-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271363
|
- |
|
avaya
|
message_networking
messaging_storage_server
|
Unspecified vulnerability in the administrative interface in Avaya Messaging Storage Server (MSS) 3.1 before SP1, and Message Networking (MN) 3.1, allows remote attackers to cause a denial of service…
|
NVD-CWE-noinfo
CWE-20
Improper Input Validation
|
CVE-2007-5830
|
2008-11-15 16:02 |
2007-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271364
|
- |
|
ssl-explorer
|
ssl-explorer
|
Unspecified vulnerability in selectLanguage.do in SSL-Explorer before 0.2.15 allows remote attackers to inject (1) headers or (2) body data in an HTTP transaction, a different vulnerability than CVE-…
|
NVD-CWE-noinfo
CWE-20
Improper Input Validation
|
CVE-2007-5832
|
2008-11-15 16:02 |
2007-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271365
|
- |
|
easygb
|
easygb
|
Directory traversal vulnerability in index.php in easyGB 2.1.1 allows remote attackers to include arbitrary files via the DatabaseType parameter. NOTE: the provenance of this information is unknown;…
|
NVD-CWE-Other
|
CVE-2007-5890
|
2008-11-15 16:02 |
2007-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271366
|
- |
|
heimdal
|
heimdal
|
The gss_userok function in appl/ftp/ftpd/gss_userok.c in Heimdal 0.7.2 does not allocate memory for the ticketfile pointer before calling free, which allows remote attackers to have an unknown impact…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-5939
|
2008-11-15 16:02 |
2007-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271367
|
- |
|
helioscalendar
|
helios_calendar
|
Cross-site scripting (XSS) vulnerability in admin/index.php in Helios Calendar 1.2.1 Beta allows remote attackers to inject arbitrary web script or HTML via the username parameter. NOTE: the provena…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5952
|
2008-11-15 16:02 |
2007-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271368
|
- |
|
x7_group
|
x7_chat
|
Multiple cross-site scripting (XSS) vulnerabilities in X7 Chat 2.0.4, 2.0.5, and possibly other versions allow remote attackers to inject arbitrary web script or HTML via the (1) room parameter to so…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5982
|
2008-11-15 16:02 |
2007-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271369
|
- |
|
yappa-ng
|
yappa-ng
|
PHP remote file inclusion vulnerability in check_noimage.php in Fritz Berger yet another php photo album - next generation (yappa-ng) 2.3.2 allows remote attackers to execute arbitrary PHP code via a…
|
CWE-94
Code Injection
|
CVE-2007-5994
|
2008-11-15 16:02 |
2007-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271370
|
- |
|
microsoft
|
expression_media
|
Microsoft Expression Media stores the catalog password in cleartext in the catalog IVC file, which allows local users to obtain sensitive information and gain access to the catalog by reading the IVC…
|
CWE-310
CWE-200
Cryptographic Issues
Information Exposure
|
CVE-2007-5470
|
2008-11-15 16:01 |
2007-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
