272881
|
- |
|
securecomputing
|
securityreporter
|
file.cgi in Secure Computing SecurityReporter (aka Network Security Analyzer) before 4.6.3 allows remote attackers to bypass authentication via a name parameter ending with a "%00.gif" sequence. NOTE…
|
CWE-287
Improper Authentication
|
CVE-2007-4043
|
2008-09-5 13:00 |
2007-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
272882
|
- |
|
bitdefender
|
antivirus internet_security total_security
|
Unspecified vulnerability in BitDefender allows attackers to execute arbitrary code via unspecified vectors, aka EEYEB-20071024. NOTE: as of 20071029, the only disclosure is a vague pre-advisory wit…
|
NVD-CWE-noinfo
|
CVE-2007-5775
|
2008-09-5 13:00 |
2007-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
272883
|
- |
|
contentcustomizer
|
contentcustomizer
|
dialog.php in CONTENTCustomizer 3.1mp and earlier allows remote attackers to perform certain privileged actions via a (1) del, (2) delbackup, (3) res, or (4) ren action. NOTE: this issue can be leve…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5817
|
2008-09-5 13:00 |
2007-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
272884
|
- |
|
openbase_international_ltd
|
openbase
|
Directory traversal vulnerability in OpenBase 10.0.5 and earlier allows remote authenticated users to create files with arbitrary contents via a .. (dot dot) in the first argument to the GlobalLog st…
|
CWE-22
Path Traversal
|
CVE-2007-5927
|
2008-09-5 13:00 |
2007-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
272885
|
- |
|
openbase_international_ltd
|
openbase
|
OpenBase 10.0.5 and earlier allows remote authenticated users to trigger a free of an arbitrary memory location via long strings in a SELECT statement. NOTE: this might be a buffer overflow, but it …
|
NVD-CWE-noinfo CWE-119 CWE-20
Incorrect Access of Indexable Resource ('Range Error') Improper Input Validation
|
CVE-2007-5928
|
2008-09-5 13:00 |
2007-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
272886
|
- |
|
jlmforo_system
|
jlmforo_system
|
Cross-site scripting (XSS) vulnerability in buscador.php in JLMForo System allows remote attackers to inject arbitrary web script or HTML via the clave parameter. NOTE: the provenance of this inform…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5954
|
2008-09-5 13:00 |
2007-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
272887
|
- |
|
fsp
|
c_library
|
Multiple off-by-one errors in fsplib.c in fsplib before 0.8 allow attackers to cause a denial of service via unspecified vectors involving the (1) name and (2) d_name entry attributes.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2006-7221
|
2008-09-5 13:00 |
2007-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
272888
|
- |
|
ubuntu
|
linux_kernel
|
The skge driver 1.5 in Linux kernel 2.6.15 on Ubuntu does not properly use the spin_lock and spin_unlock functions, which allows remote attackers to cause a denial of service (machine crash) via a fl…
|
CWE-399
Resource Management Errors
|
CVE-2006-7229
|
2008-09-5 13:00 |
2007-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
272889
|
- |
|
futuresoft
|
tftp_server_2000
|
Multiple stack-based buffer overflows in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allow remote attackers to execute arbitrary code via a long (1) filename or (2) transfer mode string in a Re…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2005-1812
|
2008-09-5 13:00 |
2005-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
272890
|
- |
|
futuresoft
|
tftp_server_2000
|
Directory traversal vulnerability in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allows remote attackers to read arbitrary files via a TFTP GET request containing (1) "../" (dot dot slash) or (…
|
CWE-22
Path Traversal
|
CVE-2005-1813
|
2008-09-5 13:00 |
2005-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|