|
256971
|
- |
|
xensource_inc
|
xen
|
Xen 3.x, possibly before 3.1.2, when running on IA64 systems, does not check the RID value for mov_to_rr, which allows a VTi domain to read memory of other domains.
|
NVD-CWE-noinfo
CWE-20
Improper Input Validation
|
CVE-2007-6207
|
2017-09-29 10:29 |
2007-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256972
|
- |
|
google
|
kml
|
Directory traversal vulnerability in region.php in KML share 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the layer parameter.
|
CWE-22
Path Traversal
|
CVE-2007-6212
|
2017-09-29 10:29 |
2007-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256973
|
- |
|
webed
|
webed
|
Multiple directory traversal vulnerabilities in mod/chat/index.php in WebED 0.0.9 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) Root and (2) Path parameters.
|
CWE-22
Path Traversal
|
CVE-2007-6213
|
2017-09-29 10:29 |
2007-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256974
|
- |
|
learnloop
|
learnloop
|
Directory traversal vulnerability in include/file_download.php in LearnLoop 2.0 beta7 allows remote attackers to read arbitrary files via a .. (dot dot) in the sFilePath parameter. NOTE: exploitatio…
|
NVD-CWE-noinfo
CWE-22
Path Traversal
|
CVE-2007-6214
|
2017-09-29 10:29 |
2007-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256975
|
- |
|
web-meetme
|
web-meetme
|
Multiple directory traversal vulnerabilities in play.php in Web-MeetMe 3.0.3 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) roomNo and possibly the (2) bookid parameter.
|
NVD-CWE-noinfo
CWE-22
Path Traversal
|
CVE-2007-6215
|
2017-09-29 10:29 |
2007-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256976
|
- |
|
phpbb
|
garage
|
SQL injection vulnerability in garage.php in phpBB Garage 1.2.0 Beta3 allows remote attackers to execute arbitrary SQL commands via the make_id parameter in a search action in browse mode.
|
CWE-89
SQL Injection
|
CVE-2007-6223
|
2017-09-29 10:29 |
2007-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256977
|
- |
|
rayzz
|
rayzz_script
|
PHP remote file inclusion vulnerability in common/classes/class_HeaderHandler.lib.php in Rayzz Script 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the CFG[site][project_path…
|
CWE-94
Code Injection
|
CVE-2007-6229
|
2017-09-29 10:29 |
2007-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256978
|
- |
|
rayzz
|
rayzz_script
|
Directory traversal vulnerability in common/classes/class_HeaderHandler.lib.php in Rayzz Script 2.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the CFG[…
|
NVD-CWE-noinfo
CWE-22
Path Traversal
|
CVE-2007-6230
|
2017-09-29 10:29 |
2007-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256979
|
- |
|
tellmatic
|
tellmatic
|
Multiple PHP remote file inclusion vulnerabilities in tellmatic 1.0.7 allow remote attackers to execute arbitrary PHP code via a URL in the tm_includepath parameter to (1) Classes.inc.php, (2) statis…
|
CWE-94
Code Injection
|
CVE-2007-6231
|
2017-09-29 10:29 |
2007-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256980
|
- |
|
ftp
|
admin
|
Cross-site scripting (XSS) vulnerability in index.php in FTP Admin 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the error parameter in an error page action.
|
CWE-79
Cross-site Scripting
|
CVE-2007-6232
|
2017-09-29 10:29 |
2007-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
