Search
Total
86024 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-5735 | 1 Efileman | 1 Efileman | 2018-10-15 | 5.0 MEDIUM | N/A |
| eFileMan 7.1.0.87-88 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain unspecified user information via a direct request for cgi-bin/efileman/efileman_config.pm. | |||||
| CVE-2007-5736 | 1 Seeblick | 1 Seeblick | 2018-10-15 | 6.4 MEDIUM | N/A |
| Unrestricted file upload vulnerability in upload.php in SeeBlick 1.0 Beta allows remote attackers to upload arbitrary files via unspecified vectors. NOTE: these files are stored with .html extensions, so the scope of the attack might be limited to resource consumption and possibly XSS. | |||||
| CVE-2007-5737 | 1 Ghlab | 1 Korean Ghboard | 2018-10-15 | 7.5 HIGH | N/A |
| Unrestricted file upload vulnerability in component/upload.jsp in Korean GHBoard allows remote attackers to upload arbitrary files via unspecified vectors, probably involving a direct request. | |||||
| CVE-2007-5738 | 1 Ghlab | 1 Korean Ghboard | 2018-10-15 | 6.8 MEDIUM | N/A |
| The FlashUpload component in Korean GHBoard uses a client-side protection mechanism to prevent uploading of dangerous file extensions, which allows remote attackers to bypass restrictions and upload arbitrary files via a modified copy of component/flashupload/upload.html. | |||||
| CVE-2007-5739 | 1 Ghlab | 1 Korean Ghboard | 2018-10-15 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in component/flashupload/download.jsp in the FlashUpload component in Korean GHBoard allows remote attackers to read arbitrary files via a .. (dot dot) in the name parameter. | |||||
| CVE-2007-5740 | 1 Vergenet | 1 Perdition Mail Retrieval Proxy | 2018-10-15 | 7.5 HIGH | N/A |
| The format string protection mechanism in IMAPD for Perdition Mail Retrieval Proxy 1.17 and earlier allows remote attackers to execute arbitrary code via an IMAP tag with a null byte followed by a format string specifier, which is not counted by the mechanism. | |||||
| CVE-2007-5741 | 1 Plone | 1 Plone | 2018-10-15 | 7.5 HIGH | N/A |
| Plone 2.5 through 2.5.4 and 3.0 through 3.0.2 allows remote attackers to execute arbitrary Python code via network data containing pickled objects for the (1) statusmessages or (2) linkintegrity module, which the module unpickles and executes. | |||||
| CVE-2007-5752 | 1 Agtc Websolutions | 1 Php-agtc Membership System | 2018-10-15 | 7.5 HIGH | N/A |
| adduser.php in PHP-AGTC Membership (AGTC-Membership) System 1.1a does not require authentication, which allows remote attackers to create accounts via a modified form, as demonstrated by an account with admin (userlevel 4) privileges. | |||||
| CVE-2007-5760 | 2 X.org, Xfree86 Project | 2 Xserver, Xfree86-misc | 2018-10-15 | 9.3 HIGH | N/A |
| Array index error in the XFree86-Misc extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via a PassMessage request containing a large array index. | |||||
| CVE-2007-5766 | 1 Oracle | 1 E-business Suite | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in okxLOV.jsp in Oracle E-Business Suite 11 and 12 allows remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: this is probably the same issue as CVE-2007-5527 or CVE-2007-5528, but there are insufficient details to be sure. | |||||
| CVE-2007-5771 | 1 Flatnuke3 | 1 Flatnuke3 | 2018-10-15 | 7.5 HIGH | N/A |
| Flatnuke 3 (aka FlatnuX) allows remote attackers to obtain administrative access via a myforum%00 cookie. | |||||
| CVE-2007-5772 | 1 Flatnuke3 | 1 Flatnuke3 | 2018-10-15 | 6.0 MEDIUM | N/A |
| Direct static code injection vulnerability in the download module in Flatnuke 3 allows remote authenticated administrators to inject arbitrary PHP code into a description.it.php file in a subdirectory of Download/ by saving a description and setting fneditmode to 1. NOTE: unauthenticated remote attackers can exploit this by leveraging a cookie manipulation issue. | |||||
| CVE-2007-5776 | 1 Blue-collar Productions | 1 I-gallery | 2018-10-15 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in igallery.asp in Blue-Collar Productions i-Gallery 3.4 allows remote attackers to read arbitrary files via encoded backslash sequences in the d parameter, as demonstrated by a "%5c../../%5c" sequence. | |||||
| CVE-2007-5777 | 1 Blue-collar Productions | 1 I-gallery | 2018-10-15 | 5.0 MEDIUM | N/A |
| Blue-Collar Productions i-Gallery 3.4 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a file containing a base64-encoded password via a direct request for igallery.mdb. | |||||
| CVE-2007-5778 | 1 Mobile-spy | 1 Mobile-spy | 2018-10-15 | 6.4 MEDIUM | N/A |
| Mobile Spy (1) stores login credentials in cleartext under the RetinaxStudios registry key, and (2) sends login credentials and log data over a cleartext HTTP connection, which allows attackers to obtain sensitive information by reading the registry or sniffing the network. | |||||
| CVE-2007-5780 | 1 Telematic Lab | 1 Teatro | 2018-10-15 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in pub/pub08_comments.php in teatro 1.6 allows remote attackers to execute arbitrary PHP code via a URL in the basePath parameter. | |||||
| CVE-2007-5787 | 1 Phptoys | 1 Micro Login System | 2018-10-15 | 5.0 MEDIUM | N/A |
| Micro Login System 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a file containing a password via a direct request for userpwd.txt. | |||||
| CVE-2007-5794 | 1 Nss Ldap | 1 Nss Ldap | 2018-10-15 | 4.3 MEDIUM | N/A |
| Race condition in nss_ldap, when used in applications that are linked against the pthread library and fork after a call to nss_ldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong mailboxes being returned, but other applications might also be affected. | |||||
| CVE-2007-5802 | 1 Firewolf Technologies | 1 Synergiser | 2018-10-15 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in index.php in Firewolf Technologies Synergiser 1.2 RC1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. NOTE: this can be leveraged to obtain the path by including a local PHP script with a duplicate function declaration. | |||||
| CVE-2007-5806 | 1 Ilias | 1 Ilias | 2018-10-15 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Services/Utilities/classes/class.ilUtil.php in ILIAS 3.8.3 and earlier allows remote attackers to inject arbitrary web script or HTML via attributes inside a domain-name string in the (1) mailing or (2) forum component, as demonstrated using the style and onmouseover HTML attributes. | |||||
| CVE-2007-5814 | 1 Sonicwall | 1 Ssl Vpn | 2018-10-15 | 9.3 HIGH | N/A |
| Multiple buffer overflows in the SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX control before 2.1.0.51, and 2.5.x before 2.5.0.56, allow remote attackers to execute arbitrary code via a long (1) serverAddress, (2) sessionId, (3) clientIPLower, (4) clientIPHigher, (5) userName, (6) domainName, or (7) dnsSuffix Unicode property value. NOTE: the AddRouteEntry vector is covered by CVE-2007-5603. | |||||
| CVE-2007-5815 | 1 Sonicwall | 2 Ssl Vpn2000\/4000, Ssl Vpn 200 | 2018-10-15 | 10.0 HIGH | N/A |
| Absolute path traversal vulnerability in the WebCacheCleaner ActiveX control 1.3.0.3 in SonicWall SSL-VPN 200 before 2.1, and SSL-VPN 2000/4000 before 2.5, allows remote attackers to delete arbitrary files via a full pathname in the argument to the FileDelete method. | |||||
| CVE-2007-5818 | 1 Sblog | 1 Sblog | 2018-10-15 | 7.6 HIGH | N/A |
| Cross-site request forgery (CSRF) vulnerability in blocks_edit_do.php in sBlog 0.7.3 Beta allows remote attackers to change arbitrary blocks as administrators. | |||||
| CVE-2007-5822 | 1 Scribe | 1 Scribe | 2018-10-15 | 7.5 HIGH | N/A |
| Direct static code injection vulnerability in forum.php in Ben Ng Scribe 0.2 and earlier allows remote attackers to inject arbitrary PHP code into a certain file in regged/ via the username parameter in a Register action, possibly related to the register function in forumfunctions.php. | |||||
| CVE-2007-5823 | 1 Scribe | 1 Scribe | 2018-10-15 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in forum.php in Ben Ng Scribe 0.2 and earlier allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the username parameter in a Register action. | |||||
| CVE-2007-5824 | 1 Firefly | 1 Media Server | 2018-10-15 | 7.1 HIGH | N/A |
| webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a stats method action to /xml-rpc with (1) an empty Authorization header line, which triggers a crash in the ws_decodepassword function; or (2) a header line without a ':' character, which triggers a crash in the ws_getheaders function. | |||||
| CVE-2007-5825 | 1 Firefly | 1 Media Server | 2018-10-15 | 7.5 HIGH | N/A |
| Format string vulnerability in the ws_addarg function in webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to execute arbitrary code via a stats method action to /xml-rpc with format string specifiers in the (1) username or (2) password portion of base64-encoded data on the "Authorization: Basic" HTTP header line. | |||||
| CVE-2007-5828 | 1 Django Project | 1 Django | 2018-10-15 | 6.8 MEDIUM | N/A |
| ** DISPUTED ** Cross-site request forgery (CSRF) vulnerability in the admin panel in Django 0.96 allows remote attackers to change passwords of arbitrary users via a request to admin/auth/user/1/password/. NOTE: this issue has been disputed by Debian, since product documentation includes a recommendation for a CSRF protection module that is included with the product. However, CVE considers this an issue because the default configuration does not use this module. | |||||
| CVE-2007-5833 | 1 Bosdev | 1 Bosmarket Business Directory System | 2018-10-15 | 3.5 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in BosDev BosMarket Business Directory System allow remote authenticated users to inject arbitrary web script or HTML via (1) user info (account details) or (2) a post. | |||||
| CVE-2007-5834 | 1 Bosdev | 1 Bosnews | 2018-10-15 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in BosDev BosNews 4 allows remote attackers to inject arbitrary web script or HTML via a SCRIPT element in a news post. | |||||
| CVE-2007-5835 | 1 Bosdev | 1 Bosnews | 2018-10-15 | 5.0 MEDIUM | N/A |
| Install.php in BosDev BosNews 4 and 5 does not require authentication for replacing an existing product installation or creating a new admin account, which allows remote attackers to cause a denial of service (overwritten files) and possibly obtain administrative access. | |||||
| CVE-2007-5846 | 1 Net-snmp | 1 Net-snmp | 2018-10-15 | 7.8 HIGH | N/A |
| The SNMP agent (snmp_agent.c) in net-snmp before 5.4.1 allows remote attackers to cause a denial of service (CPU and memory consumption) via a GETBULK request with a large max-repeaters value. | |||||
| CVE-2007-5848 | 1 Apple | 1 Mac Os X | 2018-10-15 | 7.2 HIGH | N/A |
| Buffer overflow in CUPS in Apple Mac OS X 10.4.11 allows local admin users to execute arbitrary code via a crafted URI to the CUPS service. | |||||
| CVE-2007-5863 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2018-10-15 | 9.3 HIGH | N/A |
| Software Update in Apple Mac OS X 10.5.1 allows remote attackers to execute arbitrary commands via a man-in-the-middle (MITM) attack between the client and the server, using a modified distribution definition file with the "allow-external-scripts" option. | |||||
| CVE-2007-5889 | 1 Idmos | 1 Idmos | 2018-10-15 | 10.0 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in IDMOS 1.0 Alpha (aka Phoenix) allow remote attackers to execute arbitrary PHP code via a URL in the site_absolute_path parameter to (1) admin.php, (2) menu_add.php, and (3) menu_operation.php in administrator/, different vectors than CVE-2007-5294. | |||||
| CVE-2007-5897 | 1 Oracle | 1 Database Server | 2018-10-15 | 8.5 HIGH | N/A |
| Buffer overflow in MDSYS.SDO_CS in Oracle Database Server 8iR3, 9iR1, 9iR2 up to 9.2.0.6, and 10gR1 up to 10.1.0.4 allows remote authenticated users to cause a denial of service (crash) and execute arbitrary code via the TRANSFORM function. NOTE: this issue might already be covered by CVE-2007-5515, CVE-2007-5509, or CVE-2007-5505, but there are insufficient details to be sure. | |||||
| CVE-2007-5898 | 1 Php | 1 Php | 2018-10-15 | 6.4 MEDIUM | N/A |
| The (1) htmlentities and (2) htmlspecialchars functions in PHP before 5.2.5 accept partial multibyte sequences, which has unknown impact and attack vectors, a different issue than CVE-2006-5465. | |||||
| CVE-2007-5899 | 1 Php | 1 Php | 2018-10-15 | 4.3 MEDIUM | N/A |
| The output_add_rewrite_var function in PHP before 5.2.5 rewrites local forms in which the ACTION attribute references a non-local URL, which allows remote attackers to obtain potentially sensitive information by reading the requests for this URL, as demonstrated by a rewritten form containing a local session ID. | |||||
| CVE-2007-5463 | 1 Viart | 1 Shop | 2018-10-15 | 5.0 MEDIUM | N/A |
| ideal_process.php in the iDEAL payment module in ViArt Shop 3.3 beta and earlier might allow remote attackers to obtain the pathname for certificate and key files via an "iDEAL transaction", possibly involving fopen error messages for nonexistent files, a different issue than CVE-2007-5364. NOTE: this can be leveraged for reading certificate or key files if an installation places these files under the web document root. | |||||
| CVE-2007-5464 | 1 Lfs | 1 Live For Speed | 2018-10-15 | 6.5 MEDIUM | N/A |
| Stack-based buffer overflow in Live for Speed 0.5X10 and earlier allows remote authenticated users to cause a denial of service (client crash) and possibly execute arbitrary code via a long skin name. | |||||
| CVE-2007-5474 | 2 Atheros, Linksys | 2 Ar5416-ac1e Chipset, Wrt350n | 2018-10-15 | 6.3 MEDIUM | N/A |
| The driver for the Linksys WRT350N Wi-Fi access point with firmware 2.00.17 on the Atheros AR5416-AC1E chipset does not properly parse the Atheros vendor-specific information element in an association request, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via an Atheros information element with an invalid length, as demonstrated by an element that is too long. | |||||
| CVE-2007-5475 | 2 Linksys, Marvell | 2 Wap4400n, 88w8361p-bem Chipset | 2018-10-15 | 6.8 MEDIUM | N/A |
| Multiple buffer overflows in the Marvell wireless driver, as used in Linksys WAP4400N Wi-Fi access point with firmware 1.2.17 on the Marvell 88W8361P-BEM1 chipset, and other products, allow remote 802.11-authenticated users to cause a denial of service (wireless access point crash) and possibly execute arbitrary code via an association request with long (1) rates, (2) extended rates, and unspecified other information elements. | |||||
| CVE-2007-5478 | 1 Nabh Information Systems | 1 Stringbeans Portal | 2018-10-15 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in projects in Nabh Stringbeans Portal (sbportal) 3.2 allows remote attackers to inject arbitrary web script or HTML via the project_name parameter. | |||||
| CVE-2007-5479 | 1 Xcomputer | 1 Xcomputer | 2018-10-15 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Search.asp in Xcomputer allows remote attackers to inject arbitrary web script or HTML via the EXPS parameter. | |||||
| CVE-2007-5484 | 1 Wwwisis | 1 Wwwisis | 2018-10-15 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in wxis.exe in WWWISIS 7.1 allows local users to read arbitrary files via a .. (dot dot) in the IsisScript parameter to iah. | |||||
| CVE-2007-5492 | 1 Sitebar | 1 Sitebar | 2018-10-15 | 4.6 MEDIUM | N/A |
| Static code injection vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to execute arbitrary PHP code via the value parameter. | |||||
| CVE-2007-5493 | 1 Microsoft | 1 Windows Mobile | 2018-10-15 | 4.3 MEDIUM | N/A |
| The SMS handler for Windows Mobile 2005 Pocket PC Phone edition allows attackers to hide the sender field of an SMS message via a malformed WAP PUSH message that causes the PDU to be incorrectly decoded. | |||||
| CVE-2007-5497 | 1 Ext2 Filesystems Utilities | 1 E2fsprogs | 2018-10-15 | 5.8 MEDIUM | N/A |
| Multiple integer overflows in libext2fs in e2fsprogs before 1.40.3 allow user-assisted remote attackers to execute arbitrary code via a crafted filesystem image. | |||||
| CVE-2007-5503 | 1 Redhat | 1 Cairo | 2018-10-15 | 6.8 MEDIUM | N/A |
| Multiple integer overflows in Cairo before 1.4.12 might allow remote attackers to execute arbitrary code, as demonstrated using a crafted PNG image with large width and height values, which is not properly handled by the read_png function. | |||||
| CVE-2007-5504 | 1 Oracle | 1 Database Server | 2018-10-15 | 6.5 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+ and 10.1.0.5 unknown impact and remote attack vectors, related to (1) Import (DB01) and (2) Advanced Queuing (DB25). NOTE: as of 20071108, Oracle has not disputed reliable researcher claims that DB25 is for a buffer overflow in the DBLINK_INFO procedure in the DBMS_AQADM_SYS package. | |||||