|
260941
|
- |
|
freewebshop
|
freewebshop
|
Unspecified vulnerability in customer.php in FreeWebshop.org 2.2.5, 2.2.6 and 2.2.7WIP1/2 allows remote attackers to gain administrator privileges via unknown vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-6711
|
2017-08-8 10:29 |
2008-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260942
|
- |
|
flip4mac
|
flip4mac_wmv
|
Unspecified vulnerability in Flip4Mac WMV before 2.2.0.49 has unknown impact and attack vectors related to malformed WMV files.
|
NVD-CWE-noinfo
|
CVE-2007-6713
|
2017-08-8 10:29 |
2008-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260943
|
- |
|
civica_software
|
civica
|
SQL injection vulnerability in display.asp in Civica Software Civica allows remote attackers to execute arbitrary SQL commands via the Entry parameter. NOTE: the provenance of this information is un…
|
CWE-89
SQL Injection
|
CVE-2006-7231
|
2017-08-8 10:29 |
2006-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260944
|
- |
|
ignite_realtime
|
openfire
|
Cross-site scripting (XSS) vulnerability in the login form (login.jsp) of the admin console in Openfire (formerly Wildfire) 2.6.0, and possibly other versions before 3.5.3, allows remote attackers to…
|
CWE-79
Cross-site Scripting
|
CVE-2006-7233
|
2017-08-8 10:29 |
2006-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260945
|
- |
|
5e5
|
teamtek_universal_ftp_server
|
Teamtek Universal FTP Server 1.0.50 allows remote attackers to cause a denial of service (daemon crash or hang) via (1) multiple STOR (aka PUT) commands, or an MKD command followed by (2) a '*' argum…
|
CWE-20
Improper Input Validation
|
CVE-2006-7235
|
2017-08-8 10:29 |
2008-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260946
|
- |
|
cups
|
cups
|
Multiple stack-based buffer overflows in the phpcups PHP module for CUPS 1.1.23rc1 might allow context-dependent attackers to execute arbitrary code via vectors that result in long function parameter…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2005-4873
|
2017-08-8 10:29 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260947
|
- |
|
mozilla
|
mozilla
|
The XMLHttpRequest object in Mozilla 1.7.8 supports the HTTP TRACE method, which allows remote attackers to obtain (1) proxy authentication passwords via a request with a "Max-Forwards: 0" header or …
|
CWE-94
Code Injection
|
CVE-2005-4874
|
2017-08-8 10:29 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260948
|
- |
|
typo3
|
typo3
|
TYPO3 3.8.0 and earlier allows remote attackers to obtain sensitive information via a direct request to misc/phpcheck/, which invokes the phpinfo function and prints values of unspecified environment…
|
CWE-200
Information Exposure
|
CVE-2005-4875
|
2017-08-8 10:29 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260949
|
- |
|
ignite_realtime
|
openfire
|
Cross-site scripting (XSS) vulnerability in the login form (login.jsp) of the admin console in Openfire (formerly Wildfire) 2.2.2, and possibly other versions before 2.3.0 Beta 2, allows remote attac…
|
CWE-79
Cross-site Scripting
|
CVE-2005-4876
|
2017-08-8 10:29 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260950
|
- |
|
ignite_realtime
|
openfire
|
Cross-site scripting (XSS) vulnerability in the login form (login.jsp) of the admin console in Openfire (formerly Wildfire) 2.3.0 Beta 2 allows remote attackers to inject arbitrary web script or HTML…
|
CWE-79
Cross-site Scripting
|
CVE-2005-4877
|
2017-08-8 10:29 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
