|
266941
|
- |
|
avaya
|
ip_soft_phone
|
Multiple buffer overflows in unspecified ActiveX controls in COM objects in Avaya IP Softphone R5.2 before SP3, and R6.0, allow remote attackers to execute arbitrary code via unspecified vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-3286
|
2008-11-15 15:52 |
2007-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266942
|
- |
|
xunlei
|
web_thunderbolt
|
The ThunderServer.webThunder.1 ActiveX control in xunlei Web Thunderbolt 1.7.3.109 allows remote attackers to download arbitrary files and conduct other unauthorized actions by invoking dangerous met…
|
NVD-CWE-Other
|
CVE-2007-3296
|
2008-11-15 15:52 |
2007-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266943
|
- |
|
iptel
|
serweb
|
Multiple PHP remote file inclusion vulnerabilities in SerWeb 0.9.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the _SERWEB[serwebdir] parameter to (1) html/load_apu.…
|
NVD-CWE-Other
|
CVE-2007-3359
|
2008-11-15 15:52 |
2007-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266944
|
- |
|
iptel
|
serweb
|
Successful exploitation requires that "register_globals" is enabled.
|
NVD-CWE-Other
|
CVE-2007-3359
|
2008-11-15 15:52 |
2007-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266945
|
- |
|
ibm
|
websphere_application_server
|
The web container in IBM WebSphere Application Server (WAS) before 6.0.2.21, and 6.1.x before 6.1.0.9, sends response data intended for a different request in certain circumstances after a closed con…
|
NVD-CWE-Other
|
CVE-2007-3397
|
2008-11-15 15:52 |
2007-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266946
|
- |
|
web-app.org
|
webapp
|
Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/cgi-lib/search.pl in web-app.org WebAPP before 0.9.9.7 allow remote attackers to inject arbitrary web script or HTML via a search string…
|
NVD-CWE-Other
|
CVE-2007-3417
|
2008-11-15 15:52 |
2007-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266947
|
- |
|
web-app.org
|
webapp
|
The displaypost function in cgi-bin/cgi-lib/forum_display.pl in web-app.org WebAPP before 0.9.9.7 does not display usernames in conjunction with real names, which makes it easier for remote authentic…
|
NVD-CWE-Other
|
CVE-2007-3418
|
2008-11-15 15:52 |
2007-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266948
|
- |
|
web-app.org
|
webapp
|
The editprofile3 function in cgi-bin/cgi-lib/user.pl in web-app.org WebAPP before 0.9.9.7 does not properly check the (1) themes.dat, (2) languages.dat, (3) profession.dat, (4) gen.dat, (5) marstat.d…
|
NVD-CWE-Other
|
CVE-2007-3419
|
2008-11-15 15:52 |
2007-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266949
|
- |
|
web-app.org
|
webapp
|
The Random Cookie Password functionality in the loaduser function in cgi-bin/cgi-lib/subs.pl in web-app.org WebAPP before 0.9.9.7 does not clear the (1) username, (2) password, (3) usertheme, and (4)…
|
NVD-CWE-Other
|
CVE-2007-3420
|
2008-11-15 15:52 |
2007-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266950
|
- |
|
web-app.org
|
webapp
|
The (1) login, (2) admin profile edit, (3) reminder, (4) edit profile, (5) profile view, (6) gallery view, (7) gallery comment, and (8) gallery feedback capabilities in web-app.org WebAPP before 0.9.…
|
NVD-CWE-Other
|
CVE-2007-3421
|
2008-11-15 15:52 |
2007-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
