|
257011
|
- |
|
texas_imperial_software
|
wftpd_pro_explorer
|
Heap-based buffer overflow in Texas Imperial Software WFTPD Pro Explorer 1.0 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-6473
|
2017-09-29 10:29 |
2007-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257012
|
- |
|
gf_3xplorer
|
gf_3xplorer
|
Multiple cross-site scripting (XSS) vulnerabilities in GF-3XPLORER 2.4 allow remote attackers to inject arbitrary web script or HTML via the newdir parameter to index_3x.php, and unspecified other ve…
|
CWE-79
Cross-site Scripting
|
CVE-2007-6474
|
2017-09-29 10:29 |
2007-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257013
|
- |
|
gf_3xplorer
|
gf_3xplorer
|
Multiple directory traversal vulnerabilities in GF-3XPLORER 2.4 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang_sel parameter to (1) updater.php and…
|
CWE-22
Path Traversal
|
CVE-2007-6475
|
2017-09-29 10:29 |
2007-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257014
|
- |
|
gf_3xplorer
|
gf_3xplorer
|
GF-3XPLORER 2.4 allows remote attackers to obtain configuration information via a direct request to explorer/phpinfo.php, which calls the phpinfo function.
|
CWE-200
Information Exposure
|
CVE-2007-6476
|
2017-09-29 10:29 |
2007-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257015
|
- |
|
dokeos
|
dokeos
|
Unrestricted file upload vulnerability in the "My productions" component for main/auth/profile.php (aka the "My profile" page) in Dokeos 1.8.4 allows remote authenticated users to upload and execute …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-6479
|
2017-09-29 10:29 |
2007-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257016
|
- |
|
falcon
|
series_one_cms
|
Multiple PHP remote file inclusion vulnerabilities in Falcon Series One CMS 1.4.3 allow remote attackers to execute arbitrary PHP code via a URL in (1) the dir[classes] parameter to sitemap.xml.php o…
|
CWE-20
Improper Input Validation
|
CVE-2007-6488
|
2017-09-29 10:29 |
2007-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257017
|
- |
|
falcon
|
series_one_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in Falcon Series One CMS 1.4.3 allow remote attackers to inject arbitrary web script or HTML via the (1) gb_mail, (2) gb_name, and (3) gb_text para…
|
NVD-CWE-Other
|
CVE-2007-6489
|
2017-09-29 10:29 |
2007-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257018
|
- |
|
falcon
|
series_one_cms
|
Cross-site request forgery (CSRF) vulnerability in Falcon Series One CMS 1.4.3 allows remote attackers to change a password via a certain changepass action to index.php.
|
CWE-352
Origin Validation Error
|
CVE-2007-6490
|
2017-09-29 10:29 |
2007-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257019
|
- |
|
sun
|
solaris
|
Solaris 9, with Solaris Auditing enabled and certain patches for sshd installed, can generate audit records with an audit-ID of 0 even when the user logging into ssh is not root, which makes it easie…
|
CWE-16
Configuration
|
CVE-2007-6505
|
2017-09-29 10:29 |
2007-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257020
|
- |
|
agares_media
|
arcadem
|
PHP remote file inclusion vulnerability in admin/frontpage_right.php in Arcadem LE 2.04 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the loadadminpage parameter.
|
CWE-94
Code Injection
|
CVE-2007-6542
|
2017-09-29 10:29 |
2007-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
