268251
|
- |
|
simple_php_scripts_gallery
|
simple_php_scripts_gallery
|
PHP file inclusion vulnerability in index.php in Ivan Peevski gallery 0.3 in Simple PHP Scripts (sphp) allows remote attackers to execute arbitrary PHP code via a UNC share pathname or a local file p…
|
NVD-CWE-Other
|
CVE-2007-2679
|
2008-09-6 06:23 |
2007-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268252
|
- |
|
phpwiki
|
phpwiki
|
Unrestricted file upload vulnerability in the UpLoad feature (lib/plugin/UpLoad.php) in PhpWiki 1.3.11p1 allows remote attackers to upload arbitrary PHP files with a double extension, as demonstrated…
|
NVD-CWE-Other
|
CVE-2007-2025
|
2008-09-6 06:22 |
2007-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268253
|
- |
|
actionpoll
|
actionpoll
|
PHP remote file inclusion vulnerability in db/PollDB.php in Robert Ladstaetter ActionPoll 1.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG_DATAREADERWRITER paramete…
|
NVD-CWE-Other
|
CVE-2007-2065
|
2008-09-6 06:22 |
2007-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268254
|
- |
|
usebb
|
usebb
|
UseBB before 1.0.6 allows remote attackers to obtain sensitive information via a request with unspecified GET or POST parameters to an unspecified script, which reveals the path in an error message.
|
NVD-CWE-Other
|
CVE-2007-2066
|
2008-09-6 06:22 |
2007-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268255
|
- |
|
crea-book
|
crea-book
|
Multiple SQL injection vulnerabilities in Crea-Book 1.0, and possibly earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) pseudo or (2) pa…
|
NVD-CWE-Other
|
CVE-2007-2314
|
2008-09-6 06:22 |
2007-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268256
|
- |
|
ibm
|
lotus_notes
|
Cross-site scripting (XSS) vulnerability in the Active Content Filter feature in Domino Web Access (DWA) in IBM Lotus Notes before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to inject arb…
|
NVD-CWE-Other
|
CVE-2007-1941
|
2008-09-6 06:21 |
2007-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268257
|
- |
|
exv2
|
content_management_system
|
Multiple cross-site scripting (XSS) vulnerabilities in eXV2 CMS 2.0.4.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the set_lang parameter to (1) archive.php, (2) ar…
|
NVD-CWE-Other
|
CVE-2007-1965
|
2008-09-6 06:21 |
2007-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268258
|
- |
|
avaya
|
s8710 s8300 s8500 s8700
|
Cross-site scripting (XSS) vulnerability in the login page in Avaya Communications Manager (CM) S87XX, S8500, and S8300 products before 3.1.3 allows remote attackers to inject arbitrary web script or…
|
NVD-CWE-Other
|
CVE-2007-1367
|
2008-09-6 06:20 |
2007-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268259
|
- |
|
php
|
php
|
The wddx_deserialize function in wddx.c 1.119.2.10.2.12 and 1.119.2.10.2.13 in PHP 5, as modified in CVS on 20070224 and fixed on 20070304, calls strlcpy where strlcat was intended and uses improper …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-1381
|
2008-09-6 06:20 |
2007-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268260
|
- |
|
php
|
php
|
This vulnerability impacts PHP CVS as of 2007-02-24
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-1381
|
2008-09-6 06:20 |
2007-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|