267251
|
- |
|
agner_fog
|
aforum
|
PHP remote file inclusion vulnerability in common/errormsg.php in aForum 1.32 and possibly earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL i…
|
NVD-CWE-Other
|
CVE-2007-2634
|
2017-07-29 10:31 |
2007-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267252
|
- |
|
agner_fog
|
aforum
|
Successful exploitation requires that "register_globals" is enabled.
|
NVD-CWE-Other
|
CVE-2007-2634
|
2017-07-29 10:31 |
2007-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267253
|
- |
|
jason_frisvold
|
phptodo
|
Unspecified vulnerability in phpTodo before 0.8.1 allows remote attackers to have an unknown impact via newlines in regular expressions to (1) index.php, (2) feed.php, (3) prefs.php, and (4) todolist…
|
NVD-CWE-Other
|
CVE-2007-2636
|
2017-07-29 10:31 |
2007-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267254
|
- |
|
moinmoin
|
moinmoin
|
MoinMoin before 20070507 does not properly enforce ACLs for calendars and includes, which allows remote attackers to read certain pages via unspecified vectors.
|
NVD-CWE-Other
|
CVE-2007-2637
|
2017-07-29 10:31 |
2007-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267255
|
- |
|
heiko_stamer
|
libtmcg
|
LibTMCG before 1.1.1 does not perform a range check to avoid "trivial group generators," which allows attackers to obtain sensitive information about private cards.
|
NVD-CWE-Other
|
CVE-2007-2640
|
2017-07-29 10:31 |
2007-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267256
|
- |
|
clever_components
|
clever_database_comparer
|
Stack-based buffer overflow in the Clever Database Comparer 2.2 ActiveX control (comparerax.ocx) allows remote attackers to execute arbitrary code via a long argument to the ConnectToDatabase functio…
|
NVD-CWE-Other
|
CVE-2007-2648
|
2017-07-29 10:31 |
2007-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267257
|
- |
|
voodoo_circle
|
voodoo_circle
|
Multiple off-by-one errors in VooDoo cIRCle before 1.1.beta27 allow remote attackers to cause a denial of service (connection loss) or possibly execute arbitrary code via a (1) DNS name response of t…
|
NVD-CWE-Other
|
CVE-2007-2651
|
2017-07-29 10:31 |
2007-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267258
|
- |
|
free-sa
|
free-sa
|
Multiple unspecified vulnerabilities in Free-SA before 1.2.2 allow remote attackers to execute arbitrary code via unspecified vectors involving certain (1) sprintf and (2) vsprintf calls in (a) r_ind…
|
NVD-CWE-Other
|
CVE-2007-2652
|
2017-07-29 10:31 |
2007-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267259
|
- |
|
netwin
|
surgemail webmail
|
Unspecified vulnerability in NetWin Webmail 3.1s-1 in SurgeMail before 3.8i2 has unknown impact and remote attack vectors, possibly a format string vulnerability that allows remote code execution.
|
NVD-CWE-noinfo CWE-134
Use of Externally-Controlled Format String
|
CVE-2007-2655
|
2017-07-29 10:31 |
2007-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267260
|
- |
|
netwin
|
surgemail webmail
|
The vendor has addressed this issue through a product update:
http://netwinsite.com/cgi-bin/keycgi.exe?cmd=download&product=surgemail
|
NVD-CWE-noinfo CWE-134
Use of Externally-Controlled Format String
|
CVE-2007-2655
|
2017-07-29 10:31 |
2007-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|