|
294881
|
- |
|
c97net
|
mblog
|
Directory traversal vulnerability in index.php in mBlog 1.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter in a page mode action.
|
CWE-22
Path Traversal
|
CVE-2007-6582
|
2017-09-29 10:30 |
2007-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294882
|
- |
|
1024_cms
|
1024_cms
|
SQL injection vulnerability in admin/ops/findip/ajax/search.php in 1024 CMS 1.3.1 allows remote attackers to execute arbitrary SQL commands via the ip parameter.
|
CWE-89
SQL Injection
|
CVE-2007-6583
|
2017-09-29 10:30 |
2007-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294883
|
- |
|
1024_cms
|
1024_cms
|
Multiple directory traversal vulnerabilities in 1024 CMS 1.3.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the lang parameter to pages/print/default/…
|
CWE-22
Path Traversal
|
CVE-2007-6584
|
2017-09-29 10:30 |
2007-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294884
|
- |
|
nmnnewsletter
|
nmnnewsletter
|
PHP remote file inclusion vulnerability in confirmUnsubscription.php in NmnNewsletter 1.0.7 allows remote attackers to execute arbitrary PHP code via a URL in the output parameter.
|
CWE-94
Code Injection
|
CVE-2007-6585
|
2017-09-29 10:30 |
2007-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294885
|
- |
|
niclor
|
niclor
|
SQL injection vulnerability in sezione_news.php in nicLOR-CMS allows remote attackers to execute arbitrary SQL commands via the id parameter in a sezione page action to index.php.
|
CWE-89
SQL Injection
|
CVE-2007-6586
|
2017-09-29 10:30 |
2007-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294886
|
- |
|
mozilla
|
firefox
seamonkey
|
The jar protocol handler in Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 does not update the origin domain when retrieving the inner URL parameter yields an HTTP redirect, which allows …
|
CWE-79
Cross-site Scripting
|
CVE-2007-6589
|
2017-09-29 10:30 |
2007-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294887
|
- |
|
noserub
|
noserub
|
SQL injection vulnerability in app/models/identity.php in NoseRub 0.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the username field to the login script.
|
CWE-89
SQL Injection
|
CVE-2007-6602
|
2017-09-29 10:30 |
2008-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294888
|
- |
|
hotscripts
|
hot_or_not_clone
|
Hot or Not Clone has insufficient access control for producing and reading database backups, which allows remote attackers to obtain the administrator username and password via a direct request to co…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-6603
|
2017-09-29 10:30 |
2008-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294889
|
- |
|
xcms
|
xcms
|
Multiple directory traversal vulnerabilities in index.php in XCMS 1.82 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in (1) the s parameter to the admin page or (2) th…
|
CWE-22
Path Traversal
|
CVE-2007-6604
|
2017-09-29 10:30 |
2008-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294890
|
- |
|
skyfex
|
skyfex_client
|
Buffer overflow in a certain ActiveX control in SkyFexClient.ocx 1.0.2.77 in SkyFex Client 1.0 allows remote attackers to execute arbitrary code via long strings in the first four arguments to the St…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-6605
|
2017-09-29 10:30 |
2008-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
