|
261421
|
- |
|
phpmyadmin
|
phpmyadmin
|
SQL injection vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to execute arbitrary SQL commands via the db parameter.
|
CWE-89
SQL Injection
|
CVE-2007-5976
|
2017-07-29 10:33 |
2007-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261422
|
- |
|
phpmyadmin
|
phpmyadmin
|
Cross-site scripting (XSS) vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to inject arbitrary web script or HTML via a …
|
CWE-79
Cross-site Scripting
|
CVE-2007-5977
|
2017-07-29 10:33 |
2007-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261423
|
- |
|
lantronix
|
scs3200
|
Lantronix SCS3200 does not properly handle public-key requests, which allows remote attackers to cause a denial of service (unresponsive device) via unspecified keyscan requests. NOTE: the provenanc…
|
NVD-CWE-Other
|
CVE-2007-5981
|
2017-07-29 10:33 |
2007-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261424
|
- |
|
bti-tracker
|
bti-tracker
|
Multiple cross-site scripting (XSS) vulnerabilities in BtiTracker before 1.4.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to (1) account.php, (2) moresmiles…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5985
|
2017-07-29 10:33 |
2007-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261425
|
- |
|
btiteam
|
btitracker
|
SQL injection vulnerability in include/functions.php in BtiTracker before 1.4.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2007-5986
|
2017-07-29 10:33 |
2007-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261426
|
- |
|
bti-tracker
|
bti-tracker
|
details.php in BtiTracker before 1.4.5, when torrent viewing is disabled for guests, allows remote attackers to bypass protection mechanisms via a direct request, as demonstrated by (1) reading the d…
|
CWE-287
CWE-264
Improper Authentication
Permissions, Privileges, and Access Controls
|
CVE-2007-5987
|
2017-07-29 10:33 |
2007-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261427
|
- |
|
bti-tracker
|
bti-tracker
|
blocks/shoutbox_block.php in BtiTracker 1.4.4 does not verify user accounts, which allows remote attackers to post shoutbox entries as arbitrary users via a modified nick field.
|
CWE-287
CWE-255
CWE-264
Improper Authentication
Credentials Management
Permissions, Privileges, and Access Controls
|
CVE-2007-5988
|
2017-07-29 10:33 |
2007-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261428
|
- |
|
bandersnatch
|
bandersnatch
|
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Bandersnatch 0.4 allow remote attackers to inject arbitrary web script or HTML via the (1) func or (2) date parameter, or the jid p…
|
CWE-79
Cross-site Scripting
|
CVE-2007-6001
|
2017-07-29 10:33 |
2007-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261429
|
- |
|
fenrir
|
grani
sleipnir
|
Cross-site scripting (XSS) vulnerability in Fenriru (1) Sleipnir 2.5.17 R2 and earlier and (2) Grani 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the Search fiel…
|
CWE-79
Cross-site Scripting
|
CVE-2007-6002
|
2017-07-29 10:33 |
2007-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261430
|
- |
|
thomson
|
speedtouch
|
Cross-site scripting (XSS) vulnerability in cgi/b/ic/connect in the Thomson SpeedTouch 716 with firmware 5.4.0.14 allows remote attackers to inject arbitrary web script or HTML via the url parameter.…
|
CWE-79
Cross-site Scripting
|
CVE-2007-6003
|
2017-07-29 10:33 |
2007-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
