Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-4156 | 1 Woliocms | 1 Woliocms | 2018-10-15 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in wolioCMS allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to member.php in a page action, related to a SELECT statement in common.php; and the (2) loginid parameter (uid variable), and possibly the (3) pwd parameter, to admin/index.php. | |||||
| CVE-2007-4157 | 1 Phpblogger | 1 Php-blogger | 2018-10-15 | 5.0 MEDIUM | N/A |
| PHPBlogger stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing an admin password hash via a direct request for data/pref.db. NOTE: this can be easily leveraged for administrative access because composing the authentication cookie only requires the password hash, not the cleartext version. | |||||
| CVE-2007-4167 | 1 Al-caricatier | 1 Al-caricatier | 2018-10-15 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in cat_viewed.php in AL-Caricatier 2.5 allows remote attackers to execute arbitrary PHP code via a URL in the CatName parameter. | |||||
| CVE-2007-4169 | 1 Vgallite | 1 Vgallite | 2018-10-15 | 7.5 HIGH | N/A |
| ** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in vgallite allow remote attackers to execute arbitrary PHP code via a URL in the (1) dirpath parameter to _functions.php or the (2) lang parameter to index.php. NOTE: CVE disputes vector 1 because the applicable include_once is located in a function that is not called on a direct request, and because $dirpath is an argument to this function. CVE disputes vector 2 because "lang" is a constant string within an include_once, not a variable. The researcher is also unreliable. | |||||
| CVE-2007-4170 | 1 Al-athkar | 1 Al-athkar | 2018-10-15 | 10.0 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in AL-Athkar 2.0 allow remote attackers to execute arbitrary PHP code via a URL in the (1) include parameter to (a) Main.php and (b) get.php and the (2) exec parameter to (c) count.php. | |||||
| CVE-2007-4171 | 1 Auracms | 1 Modul Forum Sederhana | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in komentar.php in the Forum Module for auraCMS (Modul Forum Sederhana) allows remote attackers to execute arbitrary SQL commands via the id parameter to the default URI. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2007-4173 | 1 Hunkaray Okul | 1 Portaly | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in duyuruoku.asp in Hunkaray Okul Portali 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2007-3080. | |||||
| CVE-2007-4180 | 1 Pluck | 1 Pluck | 2018-10-15 | 5.0 MEDIUM | N/A |
| ** DISPUTED ** Directory traversal vulnerability in data/inc/theme.php in Pluck 4.3, when register_globals is enabled, allows remote attackers to read arbitrary local files via a .. (dot dot) in the file parameter. NOTE: CVE and a reliable third party dispute this vulnerability because the code uses a fixed argument when invoking fputs, which cannot be used to read files. | |||||
| CVE-2007-4181 | 1 Pluck | 1 Pluck | 2018-10-15 | 6.8 MEDIUM | N/A |
| ** DISPUTED ** PHP remote file inclusion vulnerability in data/inc/theme.php in Pluck 4.3, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter. NOTE: A reliable third party disputes this vulnerability because the applicable include is within a function that does not receive the dir parameter from an HTTP request. | |||||
| CVE-2007-4182 | 1 Wikiwebweaver | 1 Wikiwebweaver | 2018-10-15 | 7.5 HIGH | N/A |
| Unrestricted file upload vulnerability in index.php in WikiWebWeaver 1.1 and earlier allows remote attackers to upload and execute arbitrary PHP code via an upload action specifying a filename with a double extension such as .gif.php, which is accessible from data/documents/. | |||||
| CVE-2007-4184 | 1 Joomla | 1 Joomla | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in administrator/popups/pollwindow.php in Joomla! 1.0.12 allows remote attackers to execute arbitrary SQL commands via the pollid parameter. | |||||
| CVE-2007-4185 | 1 Joomla | 1 Joomla | 2018-10-15 | 5.0 MEDIUM | N/A |
| Joomla! 1.0.12 allows remote attackers to obtain sensitive information via a direct request for (1) Stat.php (2) OutputFilter.php, (3) OutputCache.php, (4) Modifier.php, (5) Reader.php, and (6) TemplateCache.php in includes/patTemplate/patTemplate/; (7) includes/Cache/Lite/Output.php; and other unspecified components, which reveal the path in various error messages. | |||||
| CVE-2007-4186 | 1 Joomla | 1 Tour De France Pool | 2018-10-15 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in admin.tour_toto.php in the Tour de France Pool (com_tour_toto) 1.0.1 module for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | |||||
| CVE-2007-4187 | 1 Joomla | 1 Joomla | 2018-10-15 | 7.5 HIGH | N/A |
| Multiple eval injection vulnerabilities in the com_search component in Joomla! 1.5 beta before RC1 (aka Mapya) allow remote attackers to execute arbitrary PHP code via PHP sequences in the searchword parameter, related to default_results.php in (1) components/com_search/views/search/tmpl/ and (2) templates/beez/html/com_search/search/. | |||||
| CVE-2007-4191 | 1 Panda | 1 Panda Antivirus | 2018-10-15 | 6.9 MEDIUM | N/A |
| Panda Antivirus 2008 stores service executables under the product's installation directory with weak permissions, which allows local users to obtain LocalSystem privileges by modifying PAVSRV51.EXE or other unspecified files, a related issue to CVE-2006-4657. | |||||
| CVE-2007-4194 | 1 Guidance Software | 1 Encase | 2018-10-15 | 4.3 MEDIUM | N/A |
| Guidance Software EnCase 5.0 allows user-assisted remote attackers to cause a denial of service (stack memory consumption) and possibly have other unspecified impact via a malformed file, related to "EnCase's file system parsing." NOTE: this information is based upon a vague pre-advisory. It might overlap CVE-2007-4036. | |||||
| CVE-2007-4195 | 1 The Sleuth Kit | 1 The Sleuth Kit | 2018-10-15 | 4.3 MEDIUM | N/A |
| Use-after-free vulnerability in ext2fs.c in Brian Carrier The Sleuth Kit (TSK) before 2.09 allows user-assisted remote attackers to cause a denial of service (application crash) and prevent examination of certain ext2fs files via a malformed ext2fs image. | |||||
| CVE-2007-4196 | 1 Brian Carrier | 1 The Slueth Kit | 2018-10-15 | 4.3 MEDIUM | N/A |
| icat in Brian Carrier The Sleuth Kit (TSK) before 2.09 misinterprets a certain memory location as the holder of a loop iteration count, which allows user-assisted remote attackers to cause a denial of service (long loop) and prevent examination of certain NTFS files via a malformed NTFS image. | |||||
| CVE-2007-4197 | 1 Brian Carrier | 1 The Slueth Kit | 2018-10-15 | 4.3 MEDIUM | N/A |
| icat in Brian Carrier The Sleuth Kit (TSK) before 2.09 omits NULL pointer checks in certain code paths, which allows user-assisted remote attackers to cause a denial of service (NULL dereference and application crash) and prevent examination of certain NTFS files via a malformed NTFS image. | |||||
| CVE-2007-4198 | 1 Brian Carrier | 1 The Slueth Kit | 2018-10-15 | 4.3 MEDIUM | N/A |
| The fs_data_put_str function in ntfs.c in fls in Brian Carrier The Sleuth Kit (TSK) before 2.09 does not validate a certain length value, which allows user-assisted remote attackers to cause a denial of service (application crash) and prevent examination of certain NTFS files via a malformed NTFS image, which triggers a buffer over-read. | |||||
| CVE-2007-4199 | 1 Brian Carrier | 1 The Slueth Kit | 2018-10-15 | 4.3 MEDIUM | N/A |
| Brian Carrier The Sleuth Kit (TSK) before 2.09 allows user-assisted remote attackers to cause a denial of service (application crash) and prevent examination of certain NTFS files via a malformed NTFS image that triggers (1) dereference of a certain integer value by ntfs_dent.c in fls, or (2) dereference of a certain other integer value by ntfs.c in fsstat. | |||||
| CVE-2007-4200 | 1 Brian Carrier | 1 The Slueth Kit | 2018-10-15 | 4.3 MEDIUM | N/A |
| ntfs.c in fsstat in Brian Carrier The Sleuth Kit (TSK) before 2.09 interprets a certain variable as a byte count rather than a count of 32-bit integers, which allows user-assisted remote attackers to cause a denial of service (application crash) and prevent examination of certain NTFS files via a malformed NTFS image. | |||||
| CVE-2007-4201 | 1 Guidance Software | 1 Encase | 2018-10-15 | 5.0 MEDIUM | N/A |
| Guidance Software EnCase 6.2 and 6.5 does not properly handle a volume with more than 25 partitions, which might allow remote attackers to prevent examination of certain data, a related issue to CVE-2007-4035. | |||||
| CVE-2007-4202 | 1 Guidance Software | 1 Encase | 2018-10-15 | 4.3 MEDIUM | N/A |
| Guidance Software EnCase Enterprise Edition (EEE) 6 does not properly verify the identity of the acquisition target during communication with the EnCase Servlet (EEE servlet), which might allow remote attackers to spoof the disk image. | |||||
| CVE-2007-4203 | 1 Mambo | 1 Mambo Open Source | 2018-10-15 | 9.3 HIGH | N/A |
| Session fixation vulnerability in Mambo 4.6.2 CMS allows remote attackers to hijack web sessions by setting the Cookie parameter. | |||||
| CVE-2007-4205 | 2 Bluecat Networks, Linux-ha | 2 Adonis, Heartbeat | 2018-10-15 | 7.1 HIGH | N/A |
| XHA (Linux-HA) on the BlueCat Networks Adonis DNS/DHCP Appliance 5.0.2.8 allows remote attackers to cause a denial of service (heartbeat control process crash) via a UDP packet to port 694. NOTE: this may be the same as CVE-2006-3121. | |||||
| CVE-2007-4207 | 1 Kerberosdev | 1 Gallery In A Box | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin_console/index.asp in Gallery In A Box allows remote attackers to execute arbitrary SQL commands via the (1) Username or (2) Password field. NOTE: these fields might be associated with the txtUsername and txtPassword parameters. | |||||
| CVE-2007-4208 | 1 Morgan Ids | 1 Next Gen Portfolio Manager | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in Next Gen Portfolio Manager allows remote attackers to execute arbitrary SQL commands via the (1) Users_Email or (2) Users_Password parameter in an ExecuteTheLogin action. | |||||
| CVE-2007-4209 | 1 Aceboard | 1 Aceboard Forum | 2018-10-15 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Recherche.php in Aceboard forum allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2007-4212 | 1 Phpnuke | 1 Php-nuke | 2018-10-15 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Search Module in PHP-Nuke allow remote attackers to inject arbitrary web script or HTML via a trailing "<" instead of a ">" in (1) the onerror attribute of an IMG element, (2) the onload attribute of an IFRAME element, or (3) redirect users to other sites via the META tag. | |||||
| CVE-2007-4213 | 2 Palm, Treo | 5 Palm Os, 650, 680 and 2 more | 2018-10-15 | 7.1 HIGH | N/A |
| Palm OS on Treo 650, 680, 700p, and 755p Smart phones allows remote attackers to cause a denial of service (device reset or hang) via a flood of large ICMP echo requests. NOTE: this is probably a different vulnerability than CVE-2003-0293. | |||||
| CVE-2007-4216 | 1 Checkpoint | 1 Zonealarm | 2018-10-15 | 7.2 HIGH | N/A |
| vsdatant.sys 6.5.737.0 in Check Point Zone Labs ZoneAlarm before 7.0.362 allows local users to gain privileges via a crafted Interrupt Request Packet (Irp) in a METHOD_NEITHER (1) IOCTL 0x8400000F or (2) IOCTL 0x84000013 request, which can be used to overwrite arbitrary memory locations. | |||||
| CVE-2007-4218 | 1 Trend Micro | 1 Serverprotect | 2018-10-15 | 10.0 HIGH | N/A |
| Multiple buffer overflows in the ServerProtect service (SpntSvc.exe) in Trend Micro ServerProtect for Windows before 5.58 Security Patch 4 allow remote attackers to execute arbitrary code via certain RPC requests to certain TCP ports that are processed by the (1) RPCFN_ENG_NewManualScan, (2) RPCFN_ENG_TimedNewManualScan, and (3) RPCFN_SetComputerName functions in (a) StRpcSrv.dll; the (4) RPCFN_CMON_SetSvcImpersonateUser and (5) RPCFN_OldCMON_SetSvcImpersonateUser functions in (b) Stcommon.dll; the (6) RPCFN_ENG_TakeActionOnAFile and (7) RPCFN_ENG_AddTaskExportLogItem functions in (c) Eng50.dll; the (8) NTF_SetPagerNotifyConfig function in (d) Notification.dll; or the (9) RPCFN_CopyAUSrc function in the (e) ServerProtect Agent service. | |||||
| CVE-2007-4224 | 1 Kde | 1 Konqueror | 2018-10-15 | 4.3 MEDIUM | N/A |
| KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar by calling setInterval with a small interval and changing the window.location property. | |||||
| CVE-2007-3907 | 1 Ledgersmb | 1 Ledgersmb | 2018-10-15 | 10.0 HIGH | N/A |
| Unspecified vulnerability in login.pl in LedgerSMB 1.2.0 through 1.2.6 allows remote attackers to bypass authentication and perform certain actions as an arbitrary user via unspecified vectors involving a URL with a redirect parameter value, along with a callback parameter containing an escaped URL that specifies the action. | |||||
| CVE-2007-3908 | 1 Hp | 2 Cluster Object Manager, Serviceguard | 2018-10-15 | 4.6 MEDIUM | N/A |
| Unspecified vulnerability in HP ServiceGuard for Linux for Red Hat Enterprise Linux (RHEL) 2.1 SG A.11.14.04 through A.11.14.06; RHEL 3.0 SG A.11.16.04 through A.11.16.10; and ServiceGuard Cluster Object Manager B.03.01.02 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2007-0980. | |||||
| CVE-2007-3911 | 1 Bakbone | 1 Netvault Reporter | 2018-10-15 | 10.0 HIGH | N/A |
| Multiple heap-based buffer overflows in (1) clsscheduler.exe (aka scheduler client) and (2) srvscheduler.exe (aka scheduler server) in BakBone NetVault Reporter 3.5 before Update4 allow remote attackers to execute arbitrary code via long filename arguments in HTTP requests. | |||||
| CVE-2007-3942 | 1 Simple Machines | 1 Simple Machines Forum | 2018-10-15 | 5.8 MEDIUM | N/A |
| ** DISPUTED ** Directory traversal vulnerability in index.php in Simple Machines Forum (SMF) 1.1.3 allows remote attackers to include local files via unspecified vectors related to the sourcedir parameter or the actionArray hash. NOTE: CVE and multiple third parties dispute this vulnerability because both sourcedir and actionArray are defined before use. | |||||
| CVE-2007-3945 | 2 Linux, Rsbac | 2 Linux Kernel, Rule Set Based Access Control | 2018-10-15 | 6.4 MEDIUM | N/A |
| Rule Set Based Access Control (RSBAC) before 1.3.5 does not properly use the Linux Kernel Crypto API for the Linux kernel 2.6.x, which allows context-dependent attackers to bypass authentication controls via unspecified vectors, possibly involving User Management password hashing and unchecked function return codes. | |||||
| CVE-2007-3946 | 1 Lighttpd | 1 Lighttpd | 2018-10-15 | 6.4 MEDIUM | N/A |
| mod_auth (http_auth.c) in lighttpd before 1.4.16 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors involving (1) a memory leak, (2) use of md5-sess without a cnonce, (3) base64 encoded strings, and (4) trailing whitespace in the Auth-Digest header. | |||||
| CVE-2007-3947 | 1 Lighttpd | 1 Lighttpd | 2018-10-15 | 5.8 MEDIUM | N/A |
| request.c in lighttpd 1.4.15 allows remote attackers to cause a denial of service (daemon crash) by sending an HTTP request with duplicate headers, as demonstrated by a request containing two Location header lines, which results in a segmentation fault. | |||||
| CVE-2007-3948 | 1 Lighttpd | 1 Lighttpd | 2018-10-15 | 4.3 MEDIUM | N/A |
| connections.c in lighttpd before 1.4.16 might accept more connections than the configured maximum, which allows remote attackers to cause a denial of service (failed assertion) via a large number of connection attempts. | |||||
| CVE-2007-3949 | 1 Lighttpd | 1 Lighttpd | 2018-10-15 | 8.3 HIGH | N/A |
| mod_access.c in lighttpd 1.4.15 ignores trailing / (slash) characters in the URL, which allows remote attackers to bypass url.access-deny settings. | |||||
| CVE-2007-3950 | 1 Lighttpd | 1 Lighttpd | 2018-10-15 | 4.3 MEDIUM | N/A |
| lighttpd 1.4.15, when run on 32 bit platforms, allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors involving the use of incompatible format specifiers in certain debugging messages in the (1) mod_scgi, (2) mod_fastcgi, and (3) mod_webdav modules. | |||||
| CVE-2007-3951 | 1 Norman | 1 Norman Virus Control | 2018-10-15 | 7.5 HIGH | N/A |
| Multiple buffer overflows in Norman Antivirus 5.90 allow remote attackers to execute arbitrary code via a crafted (1) ACE or (2) LZH file, resulting from an "integer cast around." | |||||
| CVE-2007-3952 | 1 Norman | 1 Normon Antivirus | 2018-10-15 | 7.5 HIGH | N/A |
| The OLE2 parsing in Norman Antivirus before 5.91.02 allows remote attackers to bypass the malware detection via a crafted DOC file, resulting from an "integer cast around". | |||||
| CVE-2007-3953 | 1 Norman | 1 Norman Virus Control | 2018-10-15 | 4.3 MEDIUM | N/A |
| The OLE2 parsing in Norman Antivirus before 5.91.02 allows remote attackers to cause a denial of service via a crafted DOC file that triggers a divide-by-zero error. | |||||
| CVE-2007-3963 | 1 Usebb | 1 Usebb | 2018-10-15 | 9.3 HIGH | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in UseBB 1.0.7, and possibly other 1.0.x versions, allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO (PHP_SELF) to (1) upgrade-0-2-3.php, (2) upgrade-0-3.php, or (3) upgrade-0-4.php in install/, a different vulnerability than CVE-2005-4193. | |||||
| CVE-2007-3966 | 1 Iexpress | 1 Munch Pro | 2018-10-15 | 5.0 MEDIUM | N/A |
| SQL injection vulnerability in Munch Pro allows remote attackers to execute arbitrary SQL commands via the login field to /admin, a different vulnerability than CVE-2006-5880. | |||||
| CVE-2007-3969 | 1 Panda | 1 Panda Antivirus | 2018-10-15 | 9.3 HIGH | N/A |
| Buffer overflow in Panda Antivirus before 20070720 allows remote attackers to execute arbitrary code via a crafted EXE file, resulting from an "Integer Cast Around." | |||||