|
256991
|
- |
|
iptel
|
serweb
|
Multiple directory traversal vulnerabilities in js/get_js.php in SERWeb 2.0.0 dev1 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) mod and (2) js parameters.
|
CWE-22
Path Traversal
|
CVE-2007-6290
|
2017-09-29 10:29 |
2007-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256992
|
- |
|
mwopen
|
e-commerce
|
SQL injection vulnerability in leggi_commenti.asp in MWOpen 1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2007-6292
|
2017-09-29 10:29 |
2007-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256993
|
- |
|
xml2owl
|
xml2owl
|
Directory traversal vulnerability in filedownload.php in xml2owl 0.1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
|
CWE-22
Path Traversal
|
CVE-2007-6322
|
2017-09-29 10:29 |
2007-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256994
|
- |
|
mms_gallery
|
mms_gallery_php
|
Multiple directory traversal vulnerabilities in MMS Gallery PHP 1.0 allow remote attackers to read arbitrary files via a .. (dot dot) in the id parameter to (1) get_image.php or (2) get_file.php in m…
|
CWE-22
Path Traversal
|
CVE-2007-6323
|
2017-09-29 10:29 |
2007-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256995
|
- |
|
city_writer
|
citywriter
|
PHP remote file inclusion vulnerability in head.php in CityWriter 0.9.7 allows remote attackers to execute arbitrary PHP code via a URL in the path parameter.
|
CWE-94
Code Injection
|
CVE-2007-6324
|
2017-09-29 10:29 |
2007-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256996
|
- |
|
fastpublish
|
fastpublish_cms
|
PHP remote file inclusion vulnerability in adminbereich/designconfig.php in Fastpublish CMS 1.9999 allows remote attackers to execute arbitrary PHP code via a URL in the config[fsBase] parameter, a d…
|
CWE-94
CWE-20
Code Injection
Improper Input Validation
|
CVE-2007-6325
|
2017-09-29 10:29 |
2007-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256997
|
- |
|
sergey_lyubka
|
simple_httpd
|
Sergey Lyubka Simple HTTPD (shttpd) 1.3 on Windows allows remote attackers to cause a denial of service via a request that includes an MS-DOS device name, as demonstrated by the /aux URI.
|
CWE-20
Improper Input Validation
|
CVE-2007-6326
|
2017-09-29 10:29 |
2007-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256998
|
- |
|
avs_media
|
avsmjpegfile.dll
|
Buffer overflow in a certain ActiveX control in Online Media Technologies AVSMJPEGFILE.DLL 1.1.1.102 allows remote attackers to execute arbitrary code via a long first argument to the CreateStill met…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-6327
|
2017-09-29 10:29 |
2007-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256999
|
- |
|
clam_anti-virus
|
clamav
|
Integer overflow in libclamav in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MEW packed PE file, which triggers a heap-based buffer overflow.
|
CWE-189
Numeric Errors
|
CVE-2007-6335
|
2017-09-29 10:29 |
2007-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257000
|
- |
|
mcms
|
easy_web_make
|
Directory traversal vulnerability in modules/cms/index.php in Mcms Easy Web Make 1.3, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the template parameter.
|
CWE-22
Path Traversal
|
CVE-2007-6344
|
2017-09-29 10:29 |
2007-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
