264901
|
- |
|
tug
|
texlive_2007
|
feynmf.pl in feynmf 1.08, as used in TeXLive 2007, allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on the feynmf$$.pl temporary file.
|
CWE-59
Link Following
|
CVE-2007-5940
|
2011-03-8 12:01 |
2007-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264902
|
- |
|
ibm
|
websphere_application_server
|
Cross-site scripting (XSS) vulnerability in Servlet Engine / Web Container in IBM WebSphere Application Server (WAS) 5.1.1.4 through 5.1.1.16 allows remote attackers to inject arbitrary web script or…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5944
|
2011-03-8 12:01 |
2007-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264903
|
- |
|
script-fun
|
sf-shoutbox
|
Multiple cross-site scripting (XSS) vulnerabilities in main.php in SF-Shoutbox 1.2.1 through 1.4 allow remote attackers to inject arbitrary web script or HTML via the (1) nick (aka Name) and (2) shou…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5948
|
2011-03-8 12:01 |
2007-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264904
|
- |
|
e-vendejo
|
0.2
|
SQL injection vulnerability in articles.php in E-Vendejo 0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2007-5951
|
2011-03-8 12:01 |
2007-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264905
|
- |
|
really_simple_caldav_store
|
really_simple_caldav_store
|
Unspecified vulnerability in Really Simple CalDAV Store (RSCDS) before 0.9.0 allows attackers to obtain sensitive information via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2007-5953
|
2011-03-8 12:01 |
2007-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264906
|
- |
|
trolltech
|
qsslsocket
|
QSslSocket in Trolltech Qt 4.3.0 through 4.3.2 does not properly verify SSL certificates, which might make it easier for remote attackers to trick a user into accepting an invalid server certificate …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-5965
|
2011-03-8 12:01 |
2008-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264907
|
- |
|
symantec
|
backup_exec_for_windows_server
|
The PVATLCalendar.PVCalendar.1 ActiveX control in pvcalendar.ocx in the scheduler component in the Media Server in Symantec Backup Exec for Windows Server (BEWS) 11d 11.0.6235 and 11.0.7170, and 12.0…
|
CWE-20
Improper Input Validation
|
CVE-2007-6017
|
2011-03-8 12:01 |
2008-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264908
|
- |
|
ibm
|
db2_universal_database
|
Unspecified vulnerability in (1) DB2WATCH and (2) DB2FREEZE in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2007-6045
|
2011-03-8 12:01 |
2007-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264909
|
- |
|
ibm
|
db2_universal_database
|
Unspecified vulnerability in unspecified setuid programs in IBM DB2 UDB 9.1 before Fixpak 4 allows local users to have an unknown impact.
|
NVD-CWE-noinfo
|
CVE-2007-6046
|
2011-03-8 12:01 |
2007-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264910
|
- |
|
ibm
|
db2_universal_database
|
Unspecified vulnerability in the DB2DART tool in IBM DB2 UDB 9.1 before Fixpak 4 allows attackers to execute arbitrary commands as the DB2 instance owner, related to invocation of TPUT by DB2DART.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-6047
|
2011-03-8 12:01 |
2007-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|