|
268531
|
- |
|
microsoft
|
expression_media
|
Microsoft Expression Media stores the catalog password in cleartext in the catalog IVC file, which allows local users to obtain sensitive information and gain access to the catalog by reading the IVC…
|
CWE-310
CWE-200
Cryptographic Issues
Information Exposure
|
CVE-2007-5470
|
2008-11-15 16:01 |
2007-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268532
|
- |
|
cisco
|
ios
|
Cross-site scripting (XSS) vulnerability in Cisco IOS allows remote attackers to inject arbitrary web script or HTML, and execute IOS commands, via unspecified vectors, aka PSIRT-2022590358. NOTE: a…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5547
|
2008-11-15 16:01 |
2007-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268533
|
- |
|
cisco
|
ios
|
Multiple stack-based buffer overflows in Command EXEC in Cisco IOS allow local users to gain privileges via unspecified vectors, aka (1) PSIRT-0474975756 and (2) PSIRT-0388256465. NOTE: as of 200710…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-5548
|
2008-11-15 16:01 |
2007-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268534
|
- |
|
cisco
|
ios
|
Unspecified vulnerability in Command EXEC in Cisco IOS allows local users to bypass command restrictions and obtain sensitive information via an unspecified "variation of an IOS command" involving "t…
|
CWE-200
Information Exposure
|
CVE-2007-5549
|
2008-11-15 16:01 |
2007-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268535
|
- |
|
virtuemart
|
virtuemart
|
Unspecified vulnerability in VirtueMart before 1.0.13 allows remote attackers to execute arbitrary PHP code via unspecified vectors.
|
CWE-20
Improper Input Validation
|
CVE-2007-5563
|
2008-11-15 16:01 |
2007-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268536
|
- |
|
awrate
|
awrate
|
Multiple PHP remote file inclusion vulnerabilities in awrate 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the toroot parameter to (1) 404.php or (2) topbar.php, different vec…
|
CWE-94
Code Injection
|
CVE-2007-5599
|
2008-11-15 16:01 |
2007-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268537
|
- |
|
rnote
|
rnote
|
Multiple cross-site scripting (XSS) vulnerabilities in rnote.php in rNote 0.9.7.5 allow remote attackers to inject arbitrary web script or HTML via the (1) d or the (2) u parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2007-5648
|
2008-11-15 16:01 |
2007-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268538
|
- |
|
multixtpm
|
application_server
|
Stack-based buffer overflow in the DebugPrint function in MultiXTpm Application Server before 4.0.2d allows remote attackers to execute arbitrary code via a long string argument.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-5675
|
2008-11-15 16:01 |
2007-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268539
|
- |
|
denyhosts
|
denyhosts
|
DenyHosts 2.6 processes OpenSSH sshd "not listed in AllowUsers" log messages with an incorrect regular expression that does not match an IP address, which might allow remote attackers to avoid detect…
|
CWE-16
Configuration
|
CVE-2007-5715
|
2008-11-15 16:01 |
2007-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268540
|
- |
|
twiki
|
twiki
|
The default configuration for twiki 4.1.2 on Debian GNU/Linux, and possibly other operating systems, specifies the work area directory (cfg{RCS}{WorkAreaDir}) under the web document root, which might…
|
NVD-CWE-Other
|
CVE-2007-5193
|
2008-11-15 16:00 |
2007-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
