|
293561
|
- |
|
nmnnewsletter
|
nmnnewsletter
|
PHP remote file inclusion vulnerability in confirmUnsubscription.php in NmnNewsletter 1.0.7 allows remote attackers to execute arbitrary PHP code via a URL in the output parameter.
|
CWE-94
Code Injection
|
CVE-2007-6585
|
2017-09-29 10:30 |
2007-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293562
|
- |
|
niclor
|
niclor
|
SQL injection vulnerability in sezione_news.php in nicLOR-CMS allows remote attackers to execute arbitrary SQL commands via the id parameter in a sezione page action to index.php.
|
CWE-89
SQL Injection
|
CVE-2007-6586
|
2017-09-29 10:30 |
2007-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293563
|
- |
|
mozilla
|
firefox
seamonkey
|
The jar protocol handler in Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 does not update the origin domain when retrieving the inner URL parameter yields an HTTP redirect, which allows …
|
CWE-79
Cross-site Scripting
|
CVE-2007-6589
|
2017-09-29 10:30 |
2007-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293564
|
- |
|
noserub
|
noserub
|
SQL injection vulnerability in app/models/identity.php in NoseRub 0.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the username field to the login script.
|
CWE-89
SQL Injection
|
CVE-2007-6602
|
2017-09-29 10:30 |
2008-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293565
|
- |
|
hotscripts
|
hot_or_not_clone
|
Hot or Not Clone has insufficient access control for producing and reading database backups, which allows remote attackers to obtain the administrator username and password via a direct request to co…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-6603
|
2017-09-29 10:30 |
2008-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293566
|
- |
|
xcms
|
xcms
|
Multiple directory traversal vulnerabilities in index.php in XCMS 1.82 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in (1) the s parameter to the admin page or (2) th…
|
CWE-22
Path Traversal
|
CVE-2007-6604
|
2017-09-29 10:30 |
2008-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293567
|
- |
|
skyfex
|
skyfex_client
|
Buffer overflow in a certain ActiveX control in SkyFexClient.ocx 1.0.2.77 in SkyFex Client 1.0 allows remote attackers to execute arbitrary code via long strings in the first four arguments to the St…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-6605
|
2017-09-29 10:30 |
2008-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293568
|
- |
|
joovili
|
joovili
|
Directory traversal vulnerability in include/images.inc.php in Joovili 2.x allows remote attackers to read arbitrary files via a .. (dot dot) in the picture parameter.
|
CWE-22
Path Traversal
|
CVE-2007-6620
|
2017-09-29 10:30 |
2008-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293569
|
- |
|
joovili
|
joovili
|
Directory traversal vulnerability in joovili.images.php in Joovili 3.0.0 through 3.0.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the picture parameter.
|
CWE-22
Path Traversal
|
CVE-2007-6621
|
2017-09-29 10:30 |
2008-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293570
|
- |
|
zeuscms
|
zeuscms
|
SQL injection vulnerability in security.php in ZeusCMS 0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header.
|
CWE-89
SQL Injection
|
CVE-2007-6622
|
2017-09-29 10:30 |
2008-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
