|
261011
|
- |
|
miranda-im
|
miranda_im
|
Format string vulnerability in the ext_yahoo_contact_added function in yahoo.c in Miranda IM 0.7.1 allows remote attackers to execute arbitrary code via a Y7 Buddy Authorization packet with format st…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2007-5396
|
2017-07-29 10:33 |
2007-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261012
|
- |
|
layton_technology
|
helpbox
|
Unrestricted file upload vulnerability in uploadrequest.asp in Layton HelpBox 3.7.1 allows remote authenticated users to upload and execute arbitrary ASP files, related to not properly checking file …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-5401
|
2017-07-29 10:33 |
2008-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261013
|
- |
|
layton_technology
|
helpbox
|
Multiple SQL injection vulnerabilities in Layton HelpBox 3.7.1 allow (1) remote attackers to execute arbitrary SQL commands via the sys_request_id parameter to editrequestenduser.asp; and allow remot…
|
CWE-89
SQL Injection
|
CVE-2007-5402
|
2017-07-29 10:33 |
2008-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261014
|
- |
|
layton_technology
|
helpbox
|
Layton HelpBox 3.7.1 generates different responses depending on whether or not a username is valid in a failed login attempt, which allows remote attackers to enumerate valid usernames.
|
CWE-200
Information Exposure
|
CVE-2007-5404
|
2017-07-29 10:33 |
2008-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261015
|
- |
|
layton_technology
|
helpbox
|
Multiple cross-site scripting (XSS) vulnerabilities in Layton HelpBox 3.7.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) Forename, (2) Surname, (3) Telephone, a…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5403
|
2017-07-29 10:33 |
2008-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261016
|
- |
|
linksys
|
spa941
|
Cross-site scripting (XSS) vulnerability in the Linksys SPA941 VoIP Phone with firmware 5.1.8 allows remote attackers to inject arbitrary web script or HTML via the From header in a SIP message.
|
CWE-79
Cross-site Scripting
|
CVE-2007-5411
|
2017-07-29 10:33 |
2007-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261017
|
- |
|
php_file_sharing_system
|
php_file_sharing_system
|
Directory traversal vulnerability in index.php in PHP File Sharing System 1.5.1 allows remote attackers to list or create arbitrary directories, or delete arbitrary files, as demonstrated by listing …
|
CWE-22
Path Traversal
|
CVE-2007-5454
|
2017-07-29 10:33 |
2007-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261018
|
- |
|
itirou_maruta
mozilla
|
mouseoverdictionary
firefox
|
Cross-site scripting (XSS) vulnerability in the sidebar HTML page in the MouseoverDictionary before 0.6.2 extension for Mozilla Firefox allows remote attackers to inject arbitrary web script or HTML …
|
CWE-79
Cross-site Scripting
|
CVE-2007-5459
|
2017-07-29 10:33 |
2007-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261019
|
- |
|
sun
|
solaris
|
Unspecified vulnerability in the Sun Solaris RPC services library (librpcsvc) on Solaris 8 through 10 allows remote attackers to cause a denial of service (mountd crash) via unspecified packets to a …
|
CWE-20
Improper Input Validation
|
CVE-2007-5462
|
2017-07-29 10:33 |
2007-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261020
|
- |
|
cisco
|
call_manager
|
Cisco CallManager 5.1.1.3000-5 does not verify the Digest authentication header URI against the Request URI in SIP messages, which allows remote attackers to use sniffed Digest authentication credent…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-5468
|
2017-07-29 10:33 |
2007-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
