|
293931
|
- |
|
redhat
|
enterprise_linux
|
The default configuration for autofs 5 (autofs5) in some Linux distributions, such as Red Hat Enterprise Linux (RHEL) 4 and 5, does not specify the nodev mount option for the -hosts map, which allows…
|
CWE-16
Configuration
|
CVE-2007-6285
|
2017-09-29 10:29 |
2007-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293932
|
- |
|
iptel
|
serweb
|
Multiple PHP remote file inclusion vulnerabilities in SerWeb 2.0.0 dev1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) _SERWEB[configdir] parameter to load_lang…
|
CWE-94
Code Injection
|
CVE-2007-6289
|
2017-09-29 10:29 |
2007-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293933
|
- |
|
iptel
|
serweb
|
Multiple directory traversal vulnerabilities in js/get_js.php in SERWeb 2.0.0 dev1 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) mod and (2) js parameters.
|
CWE-22
Path Traversal
|
CVE-2007-6290
|
2017-09-29 10:29 |
2007-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293934
|
- |
|
mwopen
|
e-commerce
|
SQL injection vulnerability in leggi_commenti.asp in MWOpen 1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2007-6292
|
2017-09-29 10:29 |
2007-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293935
|
- |
|
xml2owl
|
xml2owl
|
Directory traversal vulnerability in filedownload.php in xml2owl 0.1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
|
CWE-22
Path Traversal
|
CVE-2007-6322
|
2017-09-29 10:29 |
2007-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293936
|
- |
|
mms_gallery
|
mms_gallery_php
|
Multiple directory traversal vulnerabilities in MMS Gallery PHP 1.0 allow remote attackers to read arbitrary files via a .. (dot dot) in the id parameter to (1) get_image.php or (2) get_file.php in m…
|
CWE-22
Path Traversal
|
CVE-2007-6323
|
2017-09-29 10:29 |
2007-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293937
|
- |
|
city_writer
|
citywriter
|
PHP remote file inclusion vulnerability in head.php in CityWriter 0.9.7 allows remote attackers to execute arbitrary PHP code via a URL in the path parameter.
|
CWE-94
Code Injection
|
CVE-2007-6324
|
2017-09-29 10:29 |
2007-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293938
|
- |
|
fastpublish
|
fastpublish_cms
|
PHP remote file inclusion vulnerability in adminbereich/designconfig.php in Fastpublish CMS 1.9999 allows remote attackers to execute arbitrary PHP code via a URL in the config[fsBase] parameter, a d…
|
CWE-94
CWE-20
Code Injection
Improper Input Validation
|
CVE-2007-6325
|
2017-09-29 10:29 |
2007-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293939
|
- |
|
sergey_lyubka
|
simple_httpd
|
Sergey Lyubka Simple HTTPD (shttpd) 1.3 on Windows allows remote attackers to cause a denial of service via a request that includes an MS-DOS device name, as demonstrated by the /aux URI.
|
CWE-20
Improper Input Validation
|
CVE-2007-6326
|
2017-09-29 10:29 |
2007-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293940
|
- |
|
avs_media
|
avsmjpegfile.dll
|
Buffer overflow in a certain ActiveX control in Online Media Technologies AVSMJPEGFILE.DLL 1.1.1.102 allows remote attackers to execute arbitrary code via a long first argument to the CreateStill met…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-6327
|
2017-09-29 10:29 |
2007-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
