|
284911
|
- |
|
serverkit
|
shttp
|
The safe_path function in shttp before 0.0.5 allows remote attackers to conduct directory traversal attacks and read files via a combination of ".." and sub-directory specifiers that resolve to a pat…
|
CWE-22
Path Traversal
|
CVE-2007-5685
|
2018-10-16 06:45 |
2007-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284912
|
- |
|
rpath
|
rpath_linux
|
initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd dete…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-5686
|
2018-10-16 06:45 |
2007-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284913
|
- |
|
invision_power_services
phpbb
sebflipper
|
invision_power_board
phpbb
multi-forums_module
|
Multiple SQL injection vulnerabilities in directory.php in the Multi-Forums (aka Multi Host Forum Pro) module 1.3.3, for phpBB and Invision Power Board (IPB or IP.Board), allow remote attackers to ex…
|
CWE-89
SQL Injection
|
CVE-2007-5688
|
2018-10-16 06:45 |
2007-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284914
|
- |
|
alcatel-lucent
|
omnipcx
|
The Communication Server in Alcatel-Lucent OmniPCX Enterprise 7.1 and earlier caches an IP address during a TFTP request from an IP Touch phone, and uses this IP address as the destination for all su…
|
NVD-CWE-Other
|
CVE-2007-5361
|
2018-10-16 06:44 |
2007-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284915
|
- |
|
debian
openbsd
redhat
sun
ubuntu
|
debian_linux
openbsd
enterprise_linux
linux_advanced_workstation
opensolaris
solaris
ubuntu_linux
|
Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-5365
|
2018-10-16 06:44 |
2007-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284916
|
- |
|
massive_entertainment
|
world_in_conflict
|
The GetMagicNumberString function in Massive Entertainment World in Conflict 1.000 and earlier allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a string to…
|
CWE-189
Numeric Errors
|
CVE-2007-5369
|
2018-10-16 06:44 |
2007-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284917
|
- |
|
netwin
|
dnewsweb
|
Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/dnewsweb.exe in NetWin DNewsWeb (DNews News Server) 57e1 allow remote attackers to inject arbitrary web script or HTML via the (1) group…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5370
|
2018-10-16 06:44 |
2007-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284918
|
- |
|
modxcms
|
modxcms
|
Multiple SQL injection vulnerabilities in mutate_content.dynamic.php in MODx 0.9.6 allow remote attackers to execute arbitrary SQL commands via the (1) documentDirty or (2) modVariables parameter.
|
CWE-89
SQL Injection
|
CVE-2007-5371
|
2018-10-16 06:44 |
2007-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284919
|
- |
|
dws_systems_inc.
ledgersmb
|
sql-ledger
ledgersmb
|
Multiple SQL injection vulnerabilities in (a) LedgerSMB 1.0.0 through 1.2.7 and (b) DWS Systems SQL-Ledger 2.x allow remote attackers to execute arbitrary SQL commands via (1) the invoice quantity fi…
|
CWE-89
SQL Injection
|
CVE-2007-5372
|
2018-10-16 06:44 |
2007-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284920
|
- |
|
tcl_tk
|
tk_toolkit
|
Buffer overflow in the FileReadGIF function in tkImgGIF.c for Tk Toolkit 8.4.12 and earlier, and 8.3.5 and earlier, allows user-assisted attackers to cause a denial of service (segmentation fault) vi…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-5378
|
2018-10-16 06:44 |
2007-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
