|
293911
|
- |
|
neocrome
|
seditio
|
SQL injection vulnerability in plugins/search/search.php in Neocrome Seditio CMS 121 and earlier allows remote attackers to execute arbitrary SQL commands via the pag_sub[] parameter to plug.php.
|
CWE-89
SQL Injection
|
CVE-2007-6202
|
2017-09-29 10:29 |
2007-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293912
|
- |
|
neocrome
|
seditio
|
Successful exploitation requires that "magic_quotes_gpc" is disabled.
|
CWE-89
SQL Injection
|
CVE-2007-6202
|
2017-09-29 10:29 |
2007-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293913
|
- |
|
xensource_inc
|
xen
|
Xen 3.x, possibly before 3.1.2, when running on IA64 systems, does not check the RID value for mov_to_rr, which allows a VTi domain to read memory of other domains.
|
NVD-CWE-noinfo
CWE-20
Improper Input Validation
|
CVE-2007-6207
|
2017-09-29 10:29 |
2007-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293914
|
- |
|
google
|
kml
|
Directory traversal vulnerability in region.php in KML share 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the layer parameter.
|
CWE-22
Path Traversal
|
CVE-2007-6212
|
2017-09-29 10:29 |
2007-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293915
|
- |
|
webed
|
webed
|
Multiple directory traversal vulnerabilities in mod/chat/index.php in WebED 0.0.9 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) Root and (2) Path parameters.
|
CWE-22
Path Traversal
|
CVE-2007-6213
|
2017-09-29 10:29 |
2007-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293916
|
- |
|
learnloop
|
learnloop
|
Directory traversal vulnerability in include/file_download.php in LearnLoop 2.0 beta7 allows remote attackers to read arbitrary files via a .. (dot dot) in the sFilePath parameter. NOTE: exploitatio…
|
NVD-CWE-noinfo
CWE-22
Path Traversal
|
CVE-2007-6214
|
2017-09-29 10:29 |
2007-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293917
|
- |
|
web-meetme
|
web-meetme
|
Multiple directory traversal vulnerabilities in play.php in Web-MeetMe 3.0.3 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) roomNo and possibly the (2) bookid parameter.
|
NVD-CWE-noinfo
CWE-22
Path Traversal
|
CVE-2007-6215
|
2017-09-29 10:29 |
2007-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293918
|
- |
|
phpbb
|
garage
|
SQL injection vulnerability in garage.php in phpBB Garage 1.2.0 Beta3 allows remote attackers to execute arbitrary SQL commands via the make_id parameter in a search action in browse mode.
|
CWE-89
SQL Injection
|
CVE-2007-6223
|
2017-09-29 10:29 |
2007-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293919
|
- |
|
rayzz
|
rayzz_script
|
PHP remote file inclusion vulnerability in common/classes/class_HeaderHandler.lib.php in Rayzz Script 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the CFG[site][project_path…
|
CWE-94
Code Injection
|
CVE-2007-6229
|
2017-09-29 10:29 |
2007-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293920
|
- |
|
rayzz
|
rayzz_script
|
Directory traversal vulnerability in common/classes/class_HeaderHandler.lib.php in Rayzz Script 2.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the CFG[…
|
NVD-CWE-noinfo
CWE-22
Path Traversal
|
CVE-2007-6230
|
2017-09-29 10:29 |
2007-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
