|
277351
|
- |
|
francisco_burzi
|
php-nuke
|
Directory traversal vulnerability in autohtml.php in Francisco Burzi PHP-Nuke 8.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the filename parameter, a …
|
CWE-22
Path Traversal
|
CVE-2007-6376
|
2008-11-15 16:04 |
2007-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277352
|
- |
|
debian
|
debian_linux
|
The libdspam7-drv-mysql cron job in Debian GNU/Linux includes the MySQL dspam database password in a command line argument, which might allow local users to read the password by listing the process a…
|
CWE-200
Information Exposure
|
CVE-2007-6418
|
2008-11-15 16:04 |
2007-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277353
|
- |
|
flyspray
|
flyspray
|
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Flyspray 0.9.9 through 0.9.9.3 allow remote attackers to inject arbitrary web script or HTML via (1) the query string in an index a…
|
CWE-79
Cross-site Scripting
|
CVE-2007-6461
|
2008-11-15 16:04 |
2007-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277354
|
- |
|
php_real_estate_script
|
classifieds
|
Multiple cross-site scripting (XSS) vulnerabilities in the admin panel in PHP Real Estate Classifieds allow remote attackers to inject arbitrary web script or HTML via unspecified "text areas/boxes."
|
CWE-79
Cross-site Scripting
|
CVE-2007-6463
|
2008-11-15 16:04 |
2007-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277355
|
- |
|
testlink
|
testlink
|
TestLink before 1.7.1 does not enforce an unspecified authorization mechanism, which has unknown impact and attack vectors.
|
CWE-287
Improper Authentication
|
CVE-2007-6006
|
2008-11-15 16:03 |
2007-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277356
|
- |
|
acdsee
|
photo_editor
photo_manager
pro_photo_manager
|
Multiple buffer overflows in ACD products allow user-assisted remote attackers to execute arbitrary code via a long section string in a (1) XBM or (2) XPM file to (a) ID_X.apl or (b) IDE_ACDStd.apl. …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-6009
|
2008-11-15 16:03 |
2007-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277357
|
- |
|
pioneers
|
pioneers
|
Unspecified vulnerability in pioneers (formerly gnocatan) 0.11.3 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors that trigger an assert error. NOTE: this …
|
CWE-20
Improper Input Validation
|
CVE-2007-6010
|
2008-11-15 16:03 |
2007-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277358
|
- |
|
van_dyke_technologies
|
vshell
|
Unspecified vulnerability in VanDyke VShell 3.0.1 allows remote attackers to cause a denial of service via unspecified vectors. NOTE: this information is based upon a vague advisory by a vulnerabili…
|
NVD-CWE-noinfo
|
CVE-2007-6031
|
2008-11-15 16:03 |
2007-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277359
|
- |
|
ingate
|
ingate_firewall
ingate_siparator
|
Buffer overflow in libsrtp in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 has unknown impact and attack vectors. NOTE: it is not clear whether this issue crosses privilege boundaries.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-6092
|
2008-11-15 16:03 |
2007-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277360
|
- |
|
ingate
|
ingate_firewall
ingate_siparator
|
The SRTP implementation in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 allows remote attackers to cause a denial of service (kernel crash) via an RTCP index that is "much more than expect…
|
CWE-20
Improper Input Validation
|
CVE-2007-6093
|
2008-11-15 16:03 |
2007-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
