|
261181
|
- |
|
hp
|
instant_support
|
The DownloadFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to force a download of an arbitrary fi…
|
NVD-CWE-noinfo
|
CVE-2007-5608
|
2017-07-29 10:33 |
2008-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261182
|
- |
|
hp
|
instant_support
|
The DeleteSingleFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to delete an arbitrary file via a …
|
NVD-CWE-noinfo
|
CVE-2007-5610
|
2017-07-29 10:33 |
2008-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261183
|
- |
|
ibm
|
director
|
CIM Server in IBM Director 5.20.1 and earlier allows remote attackers to cause a denial of service (CPU consumption, connection slot exhaustion, and daemon crash) via a large number of idle connectio…
|
CWE-399
Resource Management Errors
|
CVE-2007-5612
|
2017-07-29 10:33 |
2007-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261184
|
- |
|
drupal
|
asin_field_module
drupal
e-commerce_module
fullname_field_for_cck
invite_module
node_relativity_module
pathauto_module
paypal_node_module
token_module
ubercart_module
|
Multiple cross-site scripting (XSS) vulnerabilities in the Token module before 4.7.x-1.5, and 5.x before 5.x-1.9, for Drupal; as used by the ASIN Field, e-Commerce, Fullname field for CCK, Invite, No…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5621
|
2017-07-29 10:33 |
2007-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261185
|
- |
|
nagios
|
nagios
|
Cross-site scripting (XSS) vulnerability in Nagios 2.x before 2.10 allows remote attackers to inject arbitrary web script or HTML via unknown vectors to unspecified CGI scripts.
|
CWE-79
Cross-site Scripting
|
CVE-2007-5624
|
2017-07-29 10:33 |
2007-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261186
|
- |
|
candypress
|
candypress_store
|
Cross-site scripting (XSS) vulnerability in admin/logon.asp in ShoppingTree CandyPress Store 4.1 allows remote attackers to inject arbitrary web script or HTML via the msg parameter, a different vect…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5629
|
2017-07-29 10:33 |
2007-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261187
|
- |
|
almico
|
speedfan
|
Speedfan.sys in Alfredo Milani Comparetti SpeedFan 4.33, when used on Microsoft Windows Vista x64, allows local users to read or write arbitrary MSRs, and gain privileges and load unsigned drivers, v…
|
NVD-CWE-Other
|
CVE-2007-5633
|
2017-07-29 10:33 |
2007-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261188
|
- |
|
almico
|
speedfan
|
Speedfan.sys in Alfredo Milani Comparetti SpeedFan 4.33, when used on Microsoft Windows Vista x64, does not properly check a buffer during an IOCTL 0x9c402420 call, which allows local users to cause …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-5634
|
2017-07-29 10:33 |
2007-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261189
|
- |
|
socketkb
|
socketkb
|
Multiple cross-site scripting (XSS) vulnerabilities in SocketKB 1.1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) art_id or (2) node parameter in an article action to th…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5647
|
2017-07-29 10:33 |
2007-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261190
|
- |
|
socketmail
|
socketmail
|
Cross-site scripting (XSS) vulnerability in lostpwd.php in Creative Digital Resources SocketMail 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the lost_id parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2007-5649
|
2017-07-29 10:33 |
2007-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
