|
308011
|
- |
|
openads
|
openads
|
CRLF injection vulnerability in www/delivery/ck.php in Openads 2.3 (aka Max Media Manager, MMM) before 0.3.31-alpha-pr3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP respo…
|
NVD-CWE-Other
|
CVE-2007-2047
|
2011-03-8 11:53 |
2007-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308012
|
- |
|
bftpd
|
bftpd
|
Buffer overflow in the parsecmd function in bftpd before 1.8 has unknown impact and attack vectors related to the confstr variable.
|
NVD-CWE-Other
|
CVE-2007-2051
|
2011-03-8 11:53 |
2007-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308013
|
- |
|
open-gorotto
|
open-gorotto
|
Multiple cross-site scripting (XSS) vulnerabilities in Open-gorotto 2.0a 2006/02/08 edition, 2006/03/19 edition, and 2006/04/07 edition before 20070416 allow remote attackers to inject arbitrary web …
|
NVD-CWE-Other
|
CVE-2007-2071
|
2011-03-8 11:53 |
2007-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308014
|
- |
|
limesoft
|
limesoft_guestbook
|
Direct static code injection vulnerability in index.php in Limesoft Guestbook (LS Simple Guestbook) allows remote attackers to inject arbitrary PHP code into posts.txt via the name parameter. NOTE: …
|
NVD-CWE-Other
|
CVE-2007-2092
|
2011-03-8 11:53 |
2007-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308015
|
- |
|
rha7_downloads
|
rha7_downloads
|
SQL injection vulnerability in visit.php in the Rha7 Downloads (rha7downloads) 1.0 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter, a different vector…
|
NVD-CWE-Other
|
CVE-2007-2107
|
2011-03-8 11:53 |
2007-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308016
|
- |
|
minigal
|
minigal
|
The imagecomments function in classes.php in MiniGal b13 allow remote attackers to inject arbitrary PHP code into a file in the thumbs/ directory via the (1) name or (2) email parameter. NOTE: the p…
|
NVD-CWE-Other
|
CVE-2007-2146
|
2011-03-8 11:53 |
2007-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308017
|
- |
|
drupal
|
database_administration_module
|
Multiple cross-site scripting (XSS) vulnerabilities in the Database Administration (dba) module 4.6.x-*, and before 4.7.x-1.2 in the 4.7.x-1.* series, for Drupal allow remote attackers to inject arbi…
|
NVD-CWE-Other
|
CVE-2007-2159
|
2011-03-8 11:53 |
2007-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308018
|
- |
|
drupal
|
database_administration_module
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Database Administration (dba) module 4.6.x-*, and before 4.7.x-1.2 in the 4.7.x-1.* series, for Drupal allow remote attackers to perf…
|
NVD-CWE-Other
|
CVE-2007-2160
|
2011-03-8 11:53 |
2007-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308019
|
- |
|
microgaming
|
download_helper_activex_control
|
Stack-based buffer overflow in the Microgaming Download Helper ActiveX control (dlhelper.dll) before 7.2.0.19, and the WebHandler Class control, allows remote attackers to execute arbitrary code via …
|
NVD-CWE-Other
|
CVE-2007-2177
|
2011-03-8 11:53 |
2007-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308020
|
- |
|
lan_management_system
|
lan_management_system
|
Cross-site scripting (XSS) vulnerability in LAN Management System (LMS) before 1.6.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, probably involving the OD …
|
NVD-CWE-Other
|
CVE-2007-2198
|
2011-03-8 11:53 |
2007-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
