268231
|
- |
|
sysjail systrace todd_miller
|
sysjail systrace sudo
|
Multiple race conditions in the (1) Sudo monitor mode and (2) Sysjail policies in Systrace on NetBSD and OpenBSD allow local users to defeat system call interposition, and consequently bypass access …
|
NVD-CWE-Other
|
CVE-2007-4305
|
2008-09-6 06:27 |
2007-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268232
|
- |
|
phpmyadmin
|
phpmyadmin
|
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.10.3 allow remote attackers to inject arbitrary web script or HTML via the (1) unlim_num_rows, (2) sql_query, or (3) pos parameter …
|
NVD-CWE-Other
|
CVE-2007-4306
|
2008-09-6 06:27 |
2007-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268233
|
- |
|
ibm
|
lotus_notes
|
IBM Lotus Notes 5.x through 7.0.2 allows user-assisted remote authenticated administrators to obtain a cleartext notes.id password by setting the notes.ini (1) KFM_ShowEntropy and (2) Debug_Outfile d…
|
NVD-CWE-Other
|
CVE-2007-4309
|
2008-09-6 06:27 |
2007-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268234
|
- |
|
coppermine
|
coppermine_photo_gallery
|
SQL injection vulnerability in Coppermine Photo Gallery (CPG) before 1.4.11 allows remote attackers to execute arbitrary SQL commands via an album password cookie to an unspecified component.
|
NVD-CWE-Other
|
CVE-2007-3558
|
2008-09-6 06:26 |
2007-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268235
|
- |
|
vtiger
|
vtiger_crm
|
index.php in vtiger CRM before 5.0.3 allows remote authenticated users to obtain all users' names and e-mail addresses, and possibly change user settings, via a modified record parameter in a DetailV…
|
NVD-CWE-Other
|
CVE-2007-3598
|
2008-09-6 06:26 |
2007-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268236
|
- |
|
vtiger
|
vtiger_crm
|
The SOAP webservice in vtiger CRM before 5.0.3 does not ensure that authenticated accounts are active, which allows remote authenticated users with inactive accounts to access and modify data, as dem…
|
NVD-CWE-Other
|
CVE-2007-3602
|
2008-09-6 06:26 |
2007-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268237
|
- |
|
vtiger
|
vtiger_crm
|
index.php in vtiger CRM before 5.0.3 allows remote authenticated users to perform administrative changes to arbitrary profile settings via a certain profilePrivileges action in the Users module.
|
NVD-CWE-Other
|
CVE-2007-3616
|
2008-09-6 06:26 |
2007-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268238
|
- |
|
php_lite
|
calendar_express
|
Multiple SQL injection vulnerabilities in PHP Lite Calendar Express 2.2 allow remote attackers to execute arbitrary SQL commands via the cid parameter to (1) login.php, (2) auth.php, and (3) subscrib…
|
NVD-CWE-Other
|
CVE-2007-3627
|
2008-09-6 06:26 |
2007-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268239
|
- |
|
yahoo
|
messenger
|
Buffer overflow in Yahoo! Messenger 8.1 allows user-assisted remote authenticated users, who are listed in an address book, to execute arbitrary code via unspecified vectors, aka ZD-00000005. NOTE: …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-3638
|
2008-09-6 06:26 |
2007-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268240
|
- |
|
ibm
|
db2
|
IBM DB2 Universal Database (UDB) Administration Server (DAS) 8 before Fix Pack 16 and 9 before Fix Pack 4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary c…
|
CWE-399
Resource Management Errors
|
CVE-2007-3676
|
2008-09-6 06:26 |
2008-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|