|
259841
|
- |
|
php
|
php
|
The Component Object Model (COM) functions in PHP 5.x on Windows do not follow safe_mode and disable_functions restrictions, which allows context-dependent attackers to bypass intended limitations, a…
|
CWE-78
OS Command
|
CVE-2007-5653
|
2017-09-29 10:29 |
2007-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259842
|
- |
|
litespeed_technologies
|
litespeed_web_server
|
LiteSpeed Web Server before 3.2.4 allows remote attackers to trigger use of an arbitrary MIME type for a file via a "%00." sequence followed by a new extension, as demonstrated by reading PHP source …
|
CWE-200
Information Exposure
|
CVE-2007-5654
|
2017-09-29 10:29 |
2007-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259843
|
- |
|
adobe
|
acrobat
acrobat_reader
|
Adobe Reader and Acrobat 8.1.1 and earlier allows remote attackers to execute arbitrary code via a crafted PDF file that calls an insecure JavaScript method in the EScript.api plug-in. NOTE: this is…
|
CWE-94
Code Injection
|
CVE-2007-5663
|
2017-09-29 10:29 |
2008-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259844
|
- |
|
adobe
|
acrobat
acrobat_reader
|
Untrusted search path vulnerability in Adobe Reader and Acrobat 8.1.1 and earlier allows local users to execute arbitrary code via a malicious Security Provider library in the reader's current workin…
|
CWE-94
Code Injection
|
CVE-2007-5666
|
2017-09-29 10:29 |
2008-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259845
|
- |
|
instaguide
|
weather
|
Directory traversal vulnerability in index.php in InstaGuide Weather (aka Weather for PHP) 1.0, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files…
|
CWE-22
Path Traversal
|
CVE-2007-5674
|
2017-09-29 10:29 |
2007-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259846
|
- |
|
futurenuke
|
platinum
|
PHP remote file inclusion vulnerability in modules/Forums/favorites.php in PHP-Nuke Platinum 7.6.b.5 allows remote attackers to execute arbitrary PHP code via a URL in the nuke_bb_root_path parameter.
|
CWE-94
Code Injection
|
CVE-2007-5676
|
2017-09-29 10:29 |
2007-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259847
|
- |
|
deeemm
|
dmcms
|
SQL injection vulnerability in index.php in DeeEmm.com DM CMS 0.7.0.Beta allows remote attackers to execute arbitrary SQL commands via the id parameter in the media page (build_media_content.php). NO…
|
CWE-89
SQL Injection
|
CVE-2007-5679
|
2017-09-29 10:29 |
2007-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259848
|
- |
|
phpimage
|
php_image
|
Multiple PHP remote file inclusion vulnerabilities in PHP Image 1.2 allow remote attackers to execute arbitrary PHP code via a URL in the xarg parameter to (1) xarg_corner.php, (2) xarg_corner_bottom…
|
CWE-94
Code Injection
|
CVE-2007-5697
|
2017-09-29 10:29 |
2007-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259849
|
- |
|
eiqnetworks
|
enterprise_security_analyzer
|
Stack-based buffer overflow in eIQNetworks Enterprise Security Analyzer (ESA) 2.5 allows remote attackers to execute arbitrary code via certain data on TCP port 10616 that results in a long argument …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-5699
|
2017-09-29 10:29 |
2007-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259850
|
- |
|
sony
|
sonicstage_connect_player
|
Stack-based buffer overflow in Sony SonicStage CONNECT Player (CP) 4.3 allows remote attackers to execute arbitrary code via a long file name in an M3U file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-5709
|
2017-09-29 10:29 |
2007-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
