|
257841
|
- |
|
zeuscms
|
zeuscms
|
SQL injection vulnerability in security.php in ZeusCMS 0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header.
|
CWE-89
SQL Injection
|
CVE-2007-6622
|
2017-09-29 10:30 |
2008-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257842
|
- |
|
zeuscms
|
zeuscms
|
Absolute path traversal vulnerability in ZeusCMS 0.3 and earlier might allow remote attackers to list arbitrary directories via a full pathname in the dir parameter.
|
CWE-22
Path Traversal
|
CVE-2007-6623
|
2017-09-29 10:30 |
2008-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257843
|
- |
|
pnphpbb
|
pnphpbb
|
Directory traversal vulnerability in printview.php in PNphpBB2 1.2i and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the phpEx parameter.
|
CWE-22
Path Traversal
|
CVE-2007-6624
|
2017-09-29 10:30 |
2008-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257844
|
- |
|
xml2owl
|
xml2owl
|
showCode.php in xml2owl 0.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the path parameter.
|
CWE-94
Code Injection
|
CVE-2007-6632
|
2017-09-29 10:30 |
2008-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257845
|
- |
|
adobe
|
flash_player
|
Multiple cross-site scripting (XSS) vulnerabilities in Adobe Flash Player allow remote attackers to inject arbitrary web script or HTML via a crafted SWF file, related to "pre-generated SWF files" an…
|
CWE-79
Cross-site Scripting
|
CVE-2007-6637
|
2017-09-29 10:30 |
2008-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257846
|
- |
|
march_networks
|
3204_dvr
|
March Networks DVR 3204 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain usernames, passwords, device names, and IP addresses …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-6638
|
2017-09-29 10:30 |
2008-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257847
|
- |
|
iptbb_team
|
iptbb
|
SQL injection vulnerability in index.php in IPTBB 0.5.4 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter in a viewdir action.
|
CWE-89
SQL Injection
|
CVE-2007-6639
|
2017-09-29 10:30 |
2008-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257848
|
- |
|
w-agora
|
w-agora
|
SQL injection vulnerability in index.php in w-Agora 4.2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cat parameter.
|
CWE-89
SQL Injection
|
CVE-2007-6647
|
2017-09-29 10:30 |
2008-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257849
|
- |
|
sanybee_gallery
|
sanybee_gallery
|
Directory traversal vulnerability in index.php in SanyBee Gallery 0.1.0 and 0.1.1 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the p param…
|
CWE-22
Path Traversal
|
CVE-2007-6648
|
2017-09-29 10:30 |
2008-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257850
|
- |
|
matpo_bilder_galerie
|
matpo_bilder_galerie
|
PHP remote file inclusion vulnerability in includes/tumbnail.php in MatPo Bilder Galerie 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter.
|
CWE-94
Code Injection
|
CVE-2007-6649
|
2017-09-29 10:30 |
2008-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
