|
263961
|
- |
|
sisd
|
freeside
|
Cross-site scripting (XSS) vulnerability in search/cust_bill_event.cgi in Freeside 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the failed parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2007-5088
|
2017-07-29 10:33 |
2007-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263962
|
- |
|
furquim
|
chironfs
|
ChironFS before 1.0 RC7 sets user/group ownership to the mounter account instead of the creator account when files are created, which allows local users to gain privileges.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-5101
|
2017-07-29 10:33 |
2007-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263963
|
- |
|
bcoos
|
bcoos
|
SQL injection vulnerability in index.php in the Arcade module in bcoos 1.0.10 allows remote attackers to execute arbitrary SQL commands via the gid parameter in a play_game action. NOTE: the provena…
|
CWE-89
SQL Injection
|
CVE-2007-5104
|
2017-07-29 10:33 |
2007-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263964
|
- |
|
ekke_doerre
|
mods_4_xoops_contenido_ez_publish
|
Multiple PHP remote file inclusion vulnerabilities in Ekke Doerre Contenido 42VariablVersion (42VV10) in contenido_hacks in Mods 4 Xoops Contenido eZ publish (pdf4cms) allow remote attackers to execu…
|
CWE-94
Code Injection
|
CVE-2007-5115
|
2017-07-29 10:33 |
2007-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263965
|
- |
|
cisco
|
catalyst_6500
catalyst_6500_ws-svc-nam-1
catalyst_6500_ws-svc-nam-2
catalyst_6500_ws-x6380-nam
catalyst_7600
catalyst_7600_ws-svc-nam-1
catalyst_7600_ws-svc-nam-2
catalyst_7600_w…
|
Cisco Catalyst 6500 and Cisco 7600 series devices use 127/8 IP addresses for Ethernet Out-of-Band Channel (EOBC) internal communication, which might allow remote attackers to send packets to an inter…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-5134
|
2017-07-29 10:33 |
2007-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263966
|
- |
|
f-secure
|
f-secure_anti-virus
|
F-Secure Anti-Virus for Windows Servers 7.0 64-bit edition allows local users to bypass virus scanning by using the system32 directory to store a crafted (1) archive or (2) packed executable. NOTE: …
|
NVD-CWE-Other
|
CVE-2007-5143
|
2017-07-29 10:33 |
2007-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263967
|
- |
|
sun
|
java_system_access_manager
java_system_application_server
|
Sun Java System Access Manager 7.1, when installed in a Sun Java System Application Server 9.1 container, does not demand authentication after a container restart, which allows remote attackers to pe…
|
CWE-287
Improper Authentication
|
CVE-2007-5152
|
2017-07-29 10:33 |
2007-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263968
|
- |
|
sun
|
java_system_access_manager
java_system_application_server
|
Unspecified vulnerability in Sun Java System Access Manager 7.1, when installed in a Sun Java System Application Server 8.x container, allows remote attackers to execute arbitrary code via unspecifie…
|
CWE-94
Code Injection
|
CVE-2007-5153
|
2017-07-29 10:33 |
2007-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263969
|
- |
|
aimluck
|
aipo
aipo_asp
|
Session fixation vulnerability in Aipo and Aipo ASP 3.0.1.0 and earlier allows remote attackers to hijack web sessions via unspecified vectors.
|
CWE-362
Race Condition
|
CVE-2007-5154
|
2017-07-29 10:33 |
2007-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263970
|
- |
|
iceows
|
iceows
|
IceGUI.DLL in ICEOWS 4.20b invokes a function with incorrect arguments, which allows user-assisted remote attackers to execute arbitrary code via a long filename in the header of an ACE archive, whic…
|
CWE-119
CWE-20
Incorrect Access of Indexable Resource ('Range Error')
Improper Input Validation
|
CVE-2007-5155
|
2017-07-29 10:33 |
2007-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
