|
257491
|
- |
|
sisfo_kampus
|
sisfo_kampus
|
Directory traversal vulnerability in dwoprn.php in Sisfo Kampus 2006 (Semarang 3) allows remote attackers to read arbitrary files via the f parameter.
|
CWE-22
Path Traversal
|
CVE-2007-4895
|
2017-09-29 10:29 |
2007-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257492
|
- |
|
ultra_shareware
|
ultra_crypto_component
|
Absolute path traversal vulnerability in a certain ActiveX control in CryptoX.dll 2.0 and earlier in the Ultra Crypto Component allows remote attackers to write to arbitrary files via a full pathname…
|
CWE-22
Path Traversal
|
CVE-2007-4902
|
2017-09-29 10:29 |
2007-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257493
|
- |
|
ultra_shareware
|
ultra_crypto_component
|
Multiple buffer overflows in a certain ActiveX control in CryptoX.dll 2.0 and earlier in the Ultra Crypto Component allow remote attackers to execute arbitrary code via (1) a long string in the first…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-4903
|
2017-09-29 10:29 |
2007-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257494
|
- |
|
auracms
|
auracms
|
Unrestricted file upload vulnerability in mod/contak.php in AuraCMS 2.1 allows remote attackers to upload and execute arbitrary PHP files via the image parameter, which places a file under files/.
|
CWE-20
Improper Input Validation
|
CVE-2007-4905
|
2017-09-29 10:29 |
2007-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257495
|
- |
|
qualiteam
|
x-cart
|
Multiple PHP remote file inclusion vulnerabilities in X-Cart allow remote attackers to execute arbitrary PHP code via a URL in the xcart_dir parameter to (1) config.php, (2) prepare.php, (3) smarty.p…
|
CWE-94
Code Injection
|
CVE-2007-4907
|
2017-09-29 10:29 |
2007-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257496
|
- |
|
auracms
|
auracms
|
Directory traversal vulnerability in index.php in AuraCMS 2.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pilih parameter.
|
CWE-22
Path Traversal
|
CVE-2007-4908
|
2017-09-29 10:29 |
2007-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257497
|
- |
|
cowon_america
|
jetcast_server
|
JSMP3OGGWt.dll in JetCast Server 2.0.0.4308 allows remote attackers to cause a denial of service (daemon crash) via a long .mp3 URI to TCP port 8000. NOTE: some of these details are obtained from th…
|
CWE-20
Improper Input Validation
|
CVE-2007-4911
|
2017-09-29 10:29 |
2007-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257498
|
- |
|
jblog
|
jblog
|
Multiple SQL injection vulnerabilities in JBlog 1.0 allow (1) remote attackers to execute arbitrary SQL commands via the id parameter to index.php, and allow (2) remote authenticated administrators t…
|
CWE-89
SQL Injection
|
CVE-2007-4919
|
2017-09-29 10:29 |
2007-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257499
|
- |
|
php_webquest
|
php_webquest
|
SQL injection vulnerability in soporte_derecha_w.php in PHP Webquest 2.5 and earlier allows remote attackers to execute arbitrary SQL commands via the id_actividad parameter.
|
CWE-89
SQL Injection
|
CVE-2007-4920
|
2017-09-29 10:29 |
2007-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257500
|
- |
|
ajax
|
file_browser
|
PHP remote file inclusion vulnerability in _includes/settings.inc.php in Ajax File Browser 3 Beta allows remote attackers to execute arbitrary PHP code via a URL in the approot parameter.
|
CWE-94
Code Injection
|
CVE-2007-4921
|
2017-09-29 10:29 |
2007-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
