|
257561
|
- |
|
deonixscripts
|
web_template_management_system
|
SQL injection vulnerability in index.php in Web Template Management System 1.3 allows remote attackers to execute arbitrary SQL commands via the id parameter in a readmore action.
|
CWE-89
SQL Injection
|
CVE-2007-5233
|
2017-09-29 10:29 |
2007-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257562
|
- |
|
sun
|
jdk
jre
|
Java Web Start in Sun JDK and JRE 6 Update 2 and earlier does not properly enforce access restrictions for untrusted applications, which allows user-assisted remote attackers to read and modify local…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-5237
|
2017-09-29 10:29 |
2007-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257563
|
- |
|
edraw
|
office_viewer_component
|
Stack-based buffer overflow in the EDraw.OfficeViewer ActiveX control in officeviewer.ocx in EDraw Office Viewer Component 5.3.220.1 and earlier allows remote attackers to execute arbitrary code via …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-5257
|
2017-09-29 10:29 |
2007-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257564
|
- |
|
iscripts
|
multicart
|
Multiple SQL injection vulnerabilities in MultiCart 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) catid parameter to categorydetail.php and the (2) ddlCategory parameter to…
|
CWE-89
SQL Injection
|
CVE-2007-5261
|
2017-09-29 10:29 |
2007-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257565
|
- |
|
trionic
|
cite_cms
|
Multiple PHP remote file inclusion vulnerabilities in Trionic Cite CMS 1.2 rev9 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the bField[bf_data] parameter to (1) inte…
|
CWE-94
Code Injection
|
CVE-2007-5271
|
2017-09-29 10:29 |
2007-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257566
|
- |
|
furkan_tastan_blog
|
furkan_tastan_blog
|
SQL injection vulnerability in kategori.asp in Furkan Tastan Blog allows remote attackers to execute arbitrary SQL commands via the id parameter in a goster kat action.
|
CWE-89
SQL Injection
|
CVE-2007-5272
|
2017-09-29 10:29 |
2007-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257567
|
- |
|
adobe
|
shockwave_player
|
The Adobe Macromedia Flash 9 plug-in allows remote attackers to cause a victim machine to establish TCP sessions with arbitrary hosts via a Flash (SWF) movie, related to lack of pinning of a hostname…
|
CWE-20
Improper Input Validation
|
CVE-2007-5275
|
2017-09-29 10:29 |
2007-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257568
|
- |
|
zomplog
|
zomplog
|
Zomplog 3.8.1 and earlier stores potentially sensitive information under the web root with insufficient access control, which allows remote attackers to download files that were uploaded by users, as…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-5278
|
2017-09-29 10:29 |
2007-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257569
|
- |
|
skadate
|
skadate_online_dating_software
|
Multiple directory traversal vulnerabilities in SkaDate 5.0 and 6.0, and possibly later versions such as 6.482, allow remote attackers to read arbitrary files via a .. (dot dot) in the view_mode para…
|
CWE-22
Path Traversal
|
CVE-2007-5299
|
2017-09-29 10:29 |
2007-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257570
|
- |
|
hp
|
hp-ux
|
Multiple cross-site scripting (XSS) vulnerabilities in HP System Management Homepage (SMH) in HP-UX B.11.11, B.11.23, and B.11.31, and SMH before 2.1.10 for Linux and Windows, allow remote attackers …
|
CWE-79
Cross-site Scripting
|
CVE-2007-5302
|
2017-09-29 10:29 |
2007-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
