|
261481
|
- |
|
lantronix
|
scs3200
|
Lantronix SCS3200 does not properly handle public-key requests, which allows remote attackers to cause a denial of service (unresponsive device) via unspecified keyscan requests. NOTE: the provenanc…
|
NVD-CWE-Other
|
CVE-2007-5981
|
2017-07-29 10:33 |
2007-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261482
|
- |
|
bti-tracker
|
bti-tracker
|
Multiple cross-site scripting (XSS) vulnerabilities in BtiTracker before 1.4.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to (1) account.php, (2) moresmiles…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5985
|
2017-07-29 10:33 |
2007-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261483
|
- |
|
btiteam
|
btitracker
|
SQL injection vulnerability in include/functions.php in BtiTracker before 1.4.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2007-5986
|
2017-07-29 10:33 |
2007-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261484
|
- |
|
bti-tracker
|
bti-tracker
|
details.php in BtiTracker before 1.4.5, when torrent viewing is disabled for guests, allows remote attackers to bypass protection mechanisms via a direct request, as demonstrated by (1) reading the d…
|
CWE-287
CWE-264
Improper Authentication
Permissions, Privileges, and Access Controls
|
CVE-2007-5987
|
2017-07-29 10:33 |
2007-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261485
|
- |
|
bti-tracker
|
bti-tracker
|
blocks/shoutbox_block.php in BtiTracker 1.4.4 does not verify user accounts, which allows remote attackers to post shoutbox entries as arbitrary users via a modified nick field.
|
CWE-287
CWE-255
CWE-264
Improper Authentication
Credentials Management
Permissions, Privileges, and Access Controls
|
CVE-2007-5988
|
2017-07-29 10:33 |
2007-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261486
|
- |
|
bandersnatch
|
bandersnatch
|
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Bandersnatch 0.4 allow remote attackers to inject arbitrary web script or HTML via the (1) func or (2) date parameter, or the jid p…
|
CWE-79
Cross-site Scripting
|
CVE-2007-6001
|
2017-07-29 10:33 |
2007-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261487
|
- |
|
fenrir
|
grani
sleipnir
|
Cross-site scripting (XSS) vulnerability in Fenriru (1) Sleipnir 2.5.17 R2 and earlier and (2) Grani 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the Search fiel…
|
CWE-79
Cross-site Scripting
|
CVE-2007-6002
|
2017-07-29 10:33 |
2007-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261488
|
- |
|
thomson
|
speedtouch
|
Cross-site scripting (XSS) vulnerability in cgi/b/ic/connect in the Thomson SpeedTouch 716 with firmware 5.4.0.14 allows remote attackers to inject arbitrary web script or HTML via the url parameter.…
|
CWE-79
Cross-site Scripting
|
CVE-2007-6003
|
2017-07-29 10:33 |
2007-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261489
|
- |
|
webex_communications
|
webex_gpccontainer_activex_control
|
Unspecified vulnerability in the GpcContainer.GpcContainer.1 ActiveX control in WebEx allows remote attackers to cause a denial of service (memory access violation and crash) via (1) an invalid argum…
|
CWE-399
Resource Management Errors
|
CVE-2007-6005
|
2017-07-29 10:33 |
2007-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261490
|
- |
|
horde
|
framework
groupware_webmail_edition
horde
imp
|
IMP Webmail Client 4.1.5, Horde Application Framework 3.1.5, and Horde Groupware Webmail Edition 1.0.3 does not validate unspecified HTTP requests, which allows remote attackers to (1) delete arbitra…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-6018
|
2017-07-29 10:33 |
2008-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
