271221
|
- |
|
heimdal
|
heimdal
|
The gss_userok function in appl/ftp/ftpd/gss_userok.c in Heimdal 0.7.2 does not allocate memory for the ticketfile pointer before calling free, which allows remote attackers to have an unknown impact…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-5939
|
2008-11-15 16:02 |
2007-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271222
|
- |
|
helioscalendar
|
helios_calendar
|
Cross-site scripting (XSS) vulnerability in admin/index.php in Helios Calendar 1.2.1 Beta allows remote attackers to inject arbitrary web script or HTML via the username parameter. NOTE: the provena…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5952
|
2008-11-15 16:02 |
2007-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271223
|
- |
|
x7_group
|
x7_chat
|
Multiple cross-site scripting (XSS) vulnerabilities in X7 Chat 2.0.4, 2.0.5, and possibly other versions allow remote attackers to inject arbitrary web script or HTML via the (1) room parameter to so…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5982
|
2008-11-15 16:02 |
2007-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271224
|
- |
|
yappa-ng
|
yappa-ng
|
PHP remote file inclusion vulnerability in check_noimage.php in Fritz Berger yet another php photo album - next generation (yappa-ng) 2.3.2 allows remote attackers to execute arbitrary PHP code via a…
|
CWE-94
Code Injection
|
CVE-2007-5994
|
2008-11-15 16:02 |
2007-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271225
|
- |
|
microsoft
|
expression_media
|
Microsoft Expression Media stores the catalog password in cleartext in the catalog IVC file, which allows local users to obtain sensitive information and gain access to the catalog by reading the IVC…
|
CWE-310 CWE-200
Cryptographic Issues Information Exposure
|
CVE-2007-5470
|
2008-11-15 16:01 |
2007-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271226
|
- |
|
cisco
|
ios
|
Cross-site scripting (XSS) vulnerability in Cisco IOS allows remote attackers to inject arbitrary web script or HTML, and execute IOS commands, via unspecified vectors, aka PSIRT-2022590358. NOTE: a…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5547
|
2008-11-15 16:01 |
2007-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271227
|
- |
|
cisco
|
ios
|
Multiple stack-based buffer overflows in Command EXEC in Cisco IOS allow local users to gain privileges via unspecified vectors, aka (1) PSIRT-0474975756 and (2) PSIRT-0388256465. NOTE: as of 200710…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-5548
|
2008-11-15 16:01 |
2007-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271228
|
- |
|
cisco
|
ios
|
Unspecified vulnerability in Command EXEC in Cisco IOS allows local users to bypass command restrictions and obtain sensitive information via an unspecified "variation of an IOS command" involving "t…
|
CWE-200
Information Exposure
|
CVE-2007-5549
|
2008-11-15 16:01 |
2007-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271229
|
- |
|
virtuemart
|
virtuemart
|
Unspecified vulnerability in VirtueMart before 1.0.13 allows remote attackers to execute arbitrary PHP code via unspecified vectors.
|
CWE-20
Improper Input Validation
|
CVE-2007-5563
|
2008-11-15 16:01 |
2007-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271230
|
- |
|
awrate
|
awrate
|
Multiple PHP remote file inclusion vulnerabilities in awrate 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the toroot parameter to (1) 404.php or (2) topbar.php, different vec…
|
CWE-94
Code Injection
|
CVE-2007-5599
|
2008-11-15 16:01 |
2007-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|