Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-4374 | 1 Rndlabs | 1 Babo Violent | 2018-10-15 | 4.0 MEDIUM | N/A |
| Babo Violent 2 2.08.00 does not validate the sender field of a chat message composed by a client, which allows remote authenticated users to spoof messages. | |||||
| CVE-2007-4375 | 1 Diskeeper | 1 Diskeeper | 2018-10-15 | 5.8 MEDIUM | N/A |
| The administrative interface (aka DkService.exe) in Diskeeper 9 Professional, 2007 Pro Premier, and probably other versions exposes a memory comparison function via RPC over TCP, which allows remote attackers to (1) obtain sensitive information (process memory contents), as demonstrated by an attack that obtains module base addresses to defeat Address Space Layout Randomization (ASLR); or (2) cause a denial of service (application crash) via an out-of-bounds address. | |||||
| CVE-2007-4376 | 1 Szymon Kosok | 1 Best Top List | 2018-10-15 | 6.8 MEDIUM | N/A |
| Unrestricted file upload vulnerability in banner-upload.php in Szymon Kosok Best Top List allows remote attackers to upload and execute arbitrary PHP files in banners/. | |||||
| CVE-2007-4378 | 1 Rndlabs | 1 Babo Violent | 2018-10-15 | 6.8 MEDIUM | N/A |
| Multiple format string vulnerabilities in Babo Violent 2 2.08.00 and earlier allow remote attackers to execute arbitrary code via format string specifiers in (1) a message or (2) certain data associated with an admin login. | |||||
| CVE-2007-4379 | 1 Rndlabs | 1 Babo Violent | 2018-10-15 | 4.3 MEDIUM | N/A |
| Babo Violent 2 2.08.00 and earlier allows remote attackers to cause a denial of service (application crash) via (1) a value greater than 0x27 for the (a) 0xca, (b) 0xcb, (c) 0xcc, (d) 0xce, (e) 0xcf, or (f) 0xd0 data ID; (2) a nonexistent map name; or (3) a UDP packet that specifies a large data size. | |||||
| CVE-2007-4382 | 1 Counterpath | 1 X-lite | 2018-10-15 | 5.0 MEDIUM | N/A |
| CounterPath X-Lite 3.0 34025, and possibly eyeBeam, allows remote attackers to cause a denial of service (device crash) via a SIP INVITE message without a Content-Type header. | |||||
| CVE-2007-4383 | 1 Trackeur | 1 Trackeur | 2018-10-15 | 6.8 MEDIUM | N/A |
| ** DISPUTED ** PHP remote file inclusion vulnerability in tracking.php in Trackeur 1 allows remote attackers to execute arbitrary PHP code via a URL in the header parameter. NOTE: CVE and a third party dispute this vulnerability because header is defined before use. The researcher is known to be unreliable. | |||||
| CVE-2007-4384 | 1 Stephane Pineau | 1 Vote | 2018-10-15 | 6.8 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in depouilg.php3 in Stephane Pineau VOTE 1c allow remote attackers to execute arbitrary PHP code via a URL in the (1) NomVote and (2) FilePalHex parameters. | |||||
| CVE-2007-4385 | 1 Owasp | 1 Stinger | 2018-10-15 | 6.8 MEDIUM | N/A |
| OWASP Stinger before 2.5 allows remote attackers to bypass input validation routines by using multipart encoded requests instead of form-urlencoded requests. NOTE: this might be used to expose vulnerabilities in applications that would otherwise be protected by the validation routines. | |||||
| CVE-2007-4387 | 1 2wire | 2 1701hg Router, 2071 Router | 2018-10-15 | 4.3 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in /xslt in 2wire 1701HG and 2071 Gateway routers, with 3.17.5 and 5.29.51 software, allows remote attackers to perform certain configuration changes as administrators. | |||||
| CVE-2007-4035 | 1 Guidance Software | 1 Encase | 2018-10-15 | 5.0 MEDIUM | N/A |
| ** DISPUTED ** Guidance Software EnCase does not properly handle (1) certain malformed MBR partition tables with many entries, which allows remote attackers to prevent logical collection of a disk image; (2) NTFS filesystems with directory loops, which allows remote attackers to prevent examination of certain directory contents; and (3) certain other malformed NTFS filesystems, which allows remote attackers to prevent examination of corrupted records. NOTE: the vendor disputes the significance of these issues, because physical collection can be used instead, because the vendor believes that relevant attackers typically do not corrupt an MBR or a filesystem, and because detection of a loop is valuable on its own. | |||||
| CVE-2007-4036 | 1 Guidance Software | 1 Encase | 2018-10-15 | 4.3 MEDIUM | N/A |
| ** DISPUTED ** Guidance Software EnCase allows user-assisted remote attackers to cause a denial of service via (1) a corrupted Microsoft Exchange database, which triggers an application crash when many options are selected; (2) a corrupted NTFS filesystem, which causes the application to report "memory allocation errors;" or (3) deeply nested directories, which trigger an application crash during an Expand All action. NOTE: the vendor disputes the significance of these vectors because the user can select fewer options, there is no operational impact, or the user can do less expansion. | |||||
| CVE-2007-4037 | 1 Guidance Software | 1 Encase | 2018-10-15 | 4.3 MEDIUM | N/A |
| ** DISPUTED ** Guidance Software EnCase allows user-assisted attackers to trigger a buffer over-read and application crash via a malformed NTFS filesystem containing a modified FILE record with a certain large offset. NOTE: the vendor disputes the significance of this issue, asserting that relevant attackers typically do not corrupt a filesystem, and indicating that the relevant read operation can be disabled. | |||||
| CVE-2007-4038 | 1 Mozilla | 2 Firefox, Thunderbird | 2018-10-15 | 4.3 MEDIUM | N/A |
| Argument injection vulnerability in Mozilla Firefox before 2.0.0.5, when running on systems with Thunderbird 1.5 installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a mailto URI, which are inserted into the command line that is created when invoking Thunderbird.exe, a similar issue to CVE-2007-3670. | |||||
| CVE-2007-4047 | 1 Geoblog | 1 Geoblog | 2018-10-15 | 6.4 MEDIUM | N/A |
| geoBlog (aka BitDamaged) 1 does not require authentication for (1) deletecomment.php, (2) deleteblog.php, and (3) listcomment.php in admin/, which allows remote attackers to delete arbitrary comments, delete arbitrary blogs, and have other unspecified impact via a request with a valid id parameter. | |||||
| CVE-2007-4048 | 1 Phpsysinfo | 1 Phpsysinfo | 2018-10-15 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in phpSysInfo 2.5.4-dev and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. | |||||
| CVE-2007-4071 | 1 Tincan | 1 Webbler Cms | 2018-10-15 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in uploader/index.php in Webbler CMS before 3.1.6 allow remote attackers to inject arbitrary web script or HTML via the (1) page or (2) login parameter. | |||||
| CVE-2007-4072 | 1 Tincan | 1 Webbler Cms | 2018-10-15 | 5.0 MEDIUM | N/A |
| Webbler CMS before 3.1.6 provides the full installation path within HTML comments in certain documents, which allows remote attackers to obtain sensitive information by viewing the HTML source, as demonstrated by viewing the source generated from index.php. | |||||
| CVE-2007-4073 | 1 Tincan | 1 Webbler Cms | 2018-10-15 | 5.0 MEDIUM | N/A |
| Webbler CMS before 3.1.6 does not properly restrict use of "mail a friend" forms, which allows remote attackers to send arbitrary amounts of forged e-mail. NOTE: this could be leveraged for spam or phishing attacks. | |||||
| CVE-2007-4074 | 2 Centre For Speech Technology Research, Suse | 2 Gentoo Linux, Suse Linux | 2018-10-15 | 10.0 HIGH | N/A |
| The default configuration of Centre for Speech Technology Research (CSTR) Festival 1.95 beta (aka 2.0 beta) on Gentoo Linux, SUSE Linux, and possibly other distributions, is run locally with elevated privileges without requiring authentication, which allows local and remote attackers to execute arbitrary commands via the local daemon on port 1314, a different vulnerability than CVE-2001-0956. NOTE: this issue is local in some environments, but remote on others. | |||||
| CVE-2007-4091 | 1 Rsync | 1 Rsync | 2018-10-15 | 6.8 MEDIUM | N/A |
| Multiple off-by-one errors in the sender.c in rsync 2.6.9 might allow remote attackers to execute arbitrary code via directory names that are not properly handled when calling the f_name function. | |||||
| CVE-2007-4092 | 1 Ifoto | 1 Ifoto | 2018-10-15 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in iFoto 1.0.1 and earlier allows remote attackers to list arbitrary directories, and possibly download arbitrary photos, via a .. (dot dot) in the dir parameter. | |||||
| CVE-2007-4093 | 1 Minb | 1 Minb Is Not A Blog | 2018-10-15 | 7.8 HIGH | N/A |
| Minb Is Not a Blog (minb) stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing usernames and encrypted passwords via a direct request for db/users.db. | |||||
| CVE-2007-4094 | 1 Idevspot | 1 Phphostbot | 2018-10-15 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in library/authorize.php in IDevSpot PhpHostBot allows remote attackers to execute arbitrary PHP code via a URL in the login_form parameter, a different vector than CVE-2006-3776. | |||||
| CVE-2007-4095 | 1 Bsm Store | 1 Dependent Forums | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in BSM Store Dependent Forums 1.02 allows remote attackers to execute arbitrary SQL commands via a Username field in an unspecified component, probably the FrmUserName parameter in login.asp. | |||||
| CVE-2007-4101 | 1 Global Centre | 1 Aplomb Poll | 2018-10-15 | 6.8 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Madoa Poll 1.1 allow remote attackers to execute arbitrary PHP code via the Madoa parameter to (1) index.php, (2) vote.php, and (3) admin.php. | |||||
| CVE-2007-4102 | 1 Sblog | 1 Sblog | 2018-10-15 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.php for sBlog 0.7.3 Beta allows remote attackers to inject arbitrary HTML and web script via a leading '"/></> sequence in the search string. | |||||
| CVE-2007-4103 | 1 Digium | 3 Asterisk, Asterisk Appliance Developer Kit, Asterisknow Pre-release | 2018-10-15 | 7.8 HIGH | N/A |
| The IAX2 channel driver (chan_iax2) in Asterisk Open 1.2.x before 1.2.23, 1.4.x before 1.4.9, and Asterisk Appliance Developer Kit before 0.6.0, when configured to allow unauthenticated calls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of calls that do not complete a 3-way handshake, which causes an ast_channel to be allocated but not released. | |||||
| CVE-2007-4105 | 1 Baidu | 1 Soba Search Bar | 2018-10-15 | 9.3 HIGH | N/A |
| A certain ActiveX control in BaiduBar.dll in Baidu Soba Search Bar 5.4 allows remote attackers to execute arbitrary code via a request containing "a link to download and a file to execute," possibly involving remote file inclusion. | |||||
| CVE-2007-4106 | 1 Codewidgets | 2 Pay Roll - Time Sheet, Punch Card | 2018-10-15 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in login.asp in CodeWidgets Pay Roll - Time Sheet and Punch Card Application With Web Interface allows remote attackers to execute arbitrary SQL commands via the Password parameter. | |||||
| CVE-2007-4108 | 1 Codewidgets | 1 Online Event Registration Template | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in sign_in.aspx in WebEvents (Online Event Registration Template) allows remote attackers to execute arbitrary SQL commands via the Password parameter. | |||||
| CVE-2007-4109 | 1 Codewidgets | 1 Online Event Registration Template | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in sign_in.aspx in WebStore (Online Store Application Template) allows remote attackers to execute arbitrary SQL commands via the Password parameter. | |||||
| CVE-2007-4110 | 1 Codewidgets | 1 Threaded Discussion Forum Application | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in sign_in.aspx in Message Board / Threaded Discussion Forum Application Template allows remote attackers to execute arbitrary SQL commands via the Password parameter. | |||||
| CVE-2007-4111 | 1 Codewidgets | 1 Real Estate Listing Website Application Template | 2018-10-15 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in the login script in Real Estate listing website application template, when logging in as user or manager, allows remote attackers to execute arbitrary SQL commands via the Password parameter. | |||||
| CVE-2007-4114 | 1 Suskunduygular | 1 Suskunduygular Uyelik Sistemi | 2018-10-15 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in unuttum.asp in SuskunDuygular Uyelik Sistemi 1.2 allow remote attackers to execute arbitrary SQL commands via the (1) kadi or (2) email parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2007-4115 | 1 Itcms | 1 Itcms | 2018-10-15 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in IT!CMS (itcms) 0.2 allow remote attackers to inject arbitrary web script or HTML via the wndtitle parameter to (1) lang-en.php, (2) menu-ed.php, or (3) titletext-ed.php. | |||||
| CVE-2007-4116 | 1 Metyus | 1 Forum Portal | 2018-10-15 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in philboard_forum.asp in Metyus Forum Portal 1.0 allows remote attackers to execute arbitrary SQL commands via the forumid parameter. NOTE: this might be related to CVE-2007-0920 or CVE-2007-3884. | |||||
| CVE-2007-4117 | 1 Platon | 1 Phpwebfilemanager | 2018-10-15 | 6.8 MEDIUM | N/A |
| ** DISPUTED ** PHP remote file inclusion vulnerability in index.php in phpWebFileManager 0.5 allows remote attackers to execute arbitrary PHP code via a URL in the PN_PathPrefix parameter. NOTE: this issue is disputed by a reliable third party, who demonstrates that PN_PathPrefix is defined before use. | |||||
| CVE-2007-4118 | 1 Jx Development | 1 Phpvoter | 2018-10-15 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in includes/functions.inc.php in phpVoter 0.6 allows remote attackers to execute arbitrary PHP code via a URL in the sitepath parameter. | |||||
| CVE-2007-4119 | 1 Berthanas Ziyaretci | 1 Defteri | 2018-10-15 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in yonetici.asp in Berthanas Ziyaretci Defteri 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) user and (2) Pass fields. | |||||
| CVE-2007-4120 | 1 Jelsoft | 1 Vbulletin | 2018-10-15 | 9.3 HIGH | N/A |
| ** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in Jelsoft vBulletin 3.6.5 allow remote attackers to execute arbitrary PHP code via a URL in the (1) classfile parameter to includes/functions.php, the (2) nextitem parameter to includes/functions_cron.php, and the (3) specialtemplates parameter to includes/functions_forumdisplay.php. NOTE: this issue is disputed by a reliable third party who states "further investigation has revealed that the application is not vulnerable to this issue." The original researcher also has a history of erroneous claims. | |||||
| CVE-2007-4121 | 1 E-commerce Solutions | 3 Auction Script, Multi-vendor E-shop Script, Shopping Cart Script | 2018-10-15 | 10.0 HIGH | N/A |
| Multiple SQL injection vulnerabilities in admin.aspx in E-Commerce Scripts Shopping Cart Script, Multi-Vendor E-Shop Script, and Auction Script allow remote attackers to execute arbitrary SQL commands via the (1) EmailAdd (Username) and (2) Pass (password) parameters. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2007-4127 | 1 Le Ralf | 1 Ralf Image Gallery | 2018-10-15 | 6.8 MEDIUM | N/A |
| ** DISPUTED ** PHP remote file inclusion vulnerability in check_entry.php in Ralf Image Gallery (RIG), aka Raphael Moll RIG Image Gallery, 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the dir_abs_src parameter. NOTE: this issue is disputed by multiple third parties, who report that the product exits if register_globals is enabled, thereby blocking exploitation. NOTE: CVE-2006-3210.a covers this issue in versions before 1.0. | |||||
| CVE-2007-4131 | 3 Gnu, Redhat, Rpath | 4 Tar, Enterprise Linux, Enterprise Linux Desktop and 1 more | 2018-10-15 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in the contains_dot_dot function in src/names.c in GNU tar allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive. | |||||
| CVE-2007-4134 | 1 Redhat | 1 Fedora | 2018-10-15 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in extract.c in star before 1.5a84 allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive. | |||||
| CVE-2007-4137 | 6 Conectiva, Gentoo, Mandrakesoft and 3 more | 8 Linux, Linux, Mandrake Linux and 5 more | 2018-10-15 | 7.5 HIGH | N/A |
| Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable. | |||||
| CVE-2007-4138 | 1 Samba | 1 Samba | 2018-10-15 | 6.9 MEDIUM | N/A |
| The Winbind nss_info extension (nsswitch/idmap_ad.c) in idmap_ad.so in Samba 3.0.25 through 3.0.25c, when the "winbind nss info" option is set to rfc2307 or sfu, grants all local users the privileges of gid 0 when the (1) RFC2307 or (2) Services for UNIX (SFU) primary group attribute is not defined. | |||||
| CVE-2007-4143 | 1 Phpcoupon | 1 Phpcoupon | 2018-10-15 | 4.0 MEDIUM | N/A |
| user.php in the Billing Control Panel in phpCoupon allows remote authenticated users to obtain Premium Member status, and possibly acquire free coupons, via a modified URL containing a certain billing parameter and REQ=auth, status=success, and custom=upgrade substrings, possibly related to PayPal transactions. | |||||
| CVE-2007-4144 | 1 Mitridat | 1 Form Processor Pro | 2018-10-15 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in sample-forms/simple-contact-form-with-preview/simple-contact-form-with-preview.html in MitriDAT eMail Form Processor Pro allows remote attackers to inject arbitrary web script or HTML via the base_path parameter, possibly related to (1) formprocessorpro.php in the PHP version of the product, and (2) formprocessorpro.pl in the Perl version of the product. | |||||
| CVE-2007-4145 | 1 Bluesky | 1 Blueskychat | 2018-10-15 | 4.3 MEDIUM | N/A |
| Heap-based buffer overflow in the BlueSkychat (BlueSkyCat) ActiveX control (V2.V2Ctrl.1) in v2.ocx 8.1.2.0 and earlier allows remote attackers to execute arbitrary code via a long string in the second argument to the ConnecttoServer method. | |||||