|
258051
|
- |
|
ibm
|
aix
|
Stack-based buffer overflow in the sendrmt function in bellmail in IBM AIX 5.2 and 5.3 allows local users to execute arbitrary code via a long parameter to the m command.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-4623
|
2017-09-29 10:29 |
2007-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258052
|
- |
|
algera
|
abc_estore
|
SQL injection vulnerability in index.php in ABC eStore 3.0 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
|
NVD-CWE-Other
|
CVE-2007-4627
|
2017-09-29 10:29 |
2007-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258053
|
- |
|
phpns
|
phpns
|
SQL injection vulnerability in shownews.php in phpns 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
NVD-CWE-Other
|
CVE-2007-4628
|
2017-09-29 10:29 |
2007-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258054
|
- |
|
phpbg
|
phpbg
|
Multiple PHP remote file inclusion vulnerabilities in phpBG 0.9.1 allow remote attackers to execute arbitrary PHP code via a URL in the rootdir parameter to (1) intern/admin/other/backup.php, (2) int…
|
CWE-20
Improper Input Validation
|
CVE-2007-4636
|
2017-09-29 10:29 |
2007-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258055
|
- |
|
xgb
|
xgb
|
xGB.php in xGB 2.0 does not require authentication for an admin edit action, which allows remote attackers to make unspecified changes via an unknown series of steps.
|
NVD-CWE-noinfo
|
CVE-2007-4637
|
2017-09-29 10:29 |
2007-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258056
|
- |
|
pakupaku
|
pakupaku_cms
|
Unrestricted file upload vulnerability in index.php in Pakupaku CMS 0.4 and earlier allows remote attackers to upload and execute arbitrary PHP files in uploads/ via an Uploads action.
|
CWE-94
CWE-264
Code Injection
Permissions, Privileges, and Access Controls
|
CVE-2007-4640
|
2017-09-29 10:29 |
2007-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258057
|
- |
|
pakupaku
|
pakupaku_cms
|
Directory traversal vulnerability in index.php in Pakupaku CMS 0.4 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter, as demons…
|
CWE-22
Path Traversal
|
CVE-2007-4641
|
2017-09-29 10:29 |
2007-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258058
|
- |
|
nmdeluxe
|
nmdeluxe
|
SQL injection vulnerability in index.php in NMDeluxe 2.0.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a newspost do action, a different vulnerability than CVE-2…
|
CWE-94
Code Injection
|
CVE-2007-4645
|
2017-09-29 10:29 |
2007-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258059
|
- |
|
hexamail
|
hexamail_server
|
Buffer overflow in the pop3 service in Hexamail Server 3.0.0.001 Lite allows remote attackers to cause a denial of service (daemon crash) and probably execute arbitrary code via a long USER command.
|
CWE-94
Code Injection
|
CVE-2007-4646
|
2017-09-29 10:29 |
2007-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258060
|
- |
|
2coolcode
|
our_space
|
newswire/uploadmedia.cgi in 2coolcode Our Space (Ourspace) 2.0.9 allows remote attackers to upload certain files via unspecified vectors, probably involving unrestricted functionality in uploadmedia.…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-4647
|
2017-09-29 10:29 |
2007-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
