|
313371
|
- |
|
intersystems
|
cache_database
|
Multiple cross-site scripting (XSS) vulnerabilities in the sample Cache' Server Page (CSP) scripts in InterSystems Cache' allow remote attackers to inject arbitrary web script or HTML via (1) the TO …
|
NVD-CWE-Other
|
CVE-2007-0437
|
2008-09-6 06:17 |
2007-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313372
|
- |
|
redhat
|
enterprise_linux
|
The NFS client implementation in the kernel in Red Hat Enterprise Linux (RHEL) 3, when a filesystem is mounted with the noacl option, checks permissions for the open system call via vfs_permission (m…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-0004
|
2008-09-6 06:16 |
2007-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313373
|
- |
|
nec
|
multiwriter_1700c
|
The web server in the NEC MultiWriter 1700C allows remote attackers to modify the device configuration via unspecified vectors.
|
NVD-CWE-Other
|
CVE-2006-6946
|
2008-09-6 06:16 |
2007-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313374
|
- |
|
nec
|
multiwriter_1700c
|
The FTP server in the NEC MultiWriter 1700C allows remote attackers to redirect traffic to other sites (aka FTP bounce) via the PORT command, a variant of CVE-1999-0017.
|
NVD-CWE-Other
|
CVE-2006-6947
|
2008-09-6 06:16 |
2007-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313375
|
- |
|
myodbc
|
myodbc
|
MyODBC Japanese conversion edition 3.51.06, 2.50.29, and 2.50.25 allows remote attackers to cause a denial of service via a certain string in a response, which has unspecified impact on the MySQL dat…
|
NVD-CWE-Other
|
CVE-2006-6948
|
2008-09-6 06:16 |
2007-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313376
|
- |
|
headstart_solutions
|
deskpro
|
Headstart Solutions DeskPRO does not require authentication for certain files and directories associated with administrative activities, which allows remote attackers to (1) reinstall the application…
|
NVD-CWE-Other
|
CVE-2006-6973
|
2008-09-6 06:16 |
2007-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313377
|
- |
|
headstart_solutions
|
deskpro
|
Only certain files are affected, so the impact is partial for confidentiality, integrity, and availability.
|
NVD-CWE-Other
|
CVE-2006-6973
|
2008-09-6 06:16 |
2007-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313378
|
- |
|
headstart_solutions
|
deskpro
|
Headstart Solutions DeskPRO stores sensitive information under the web root with insufficient access control, which allows remote attackers to (1) list files in the includes/ directory; obtain the SQ…
|
NVD-CWE-Other
|
CVE-2006-6974
|
2008-09-6 06:16 |
2007-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313379
|
- |
|
mailenable
|
mailenable_enterprise
mailenable_standard
|
Unspecified vulnerability in a cryptographic feature in MailEnable Standard Edition before 1.93, Professional Edition before 1.73, and Enterprise Edition before 1.21 leads to "weakened authentication…
|
CWE-287
Improper Authentication
|
CVE-2006-6997
|
2008-09-6 06:16 |
2007-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313380
|
- |
|
headstart_solutions
|
deskpro
|
attachment.php in Headstart Solutions DeskPRO allows remote attackers to read all uploaded files by providing the file number in a modified id parameter.
|
CWE-200
Information Exposure
|
CVE-2006-6999
|
2008-09-6 06:16 |
2007-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
