|
284641
|
- |
|
hosting_controller
|
hosting_controller
|
Unspecified vulnerability in IIS/iibind.asp in Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to change the headers of arbitrary hosts via an unspecified parameter.
|
NVD-CWE-noinfo
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-6504
|
2018-10-16 06:54 |
2007-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284642
|
- |
|
hp
|
software_update
|
The HPRulesEngine.ContentCollection.1 ActiveX Control in RulesEngine.dll for HP Software Update 4.000.005.007 and earlier, including 3.0.8.4, allows remote attackers to (1) overwrite and corrupt arbi…
|
NVD-CWE-Other
|
CVE-2007-6506
|
2018-10-16 06:54 |
2007-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284643
|
- |
|
trend_micro
|
serverprotect
|
SpntSvc.exe daemon in Trend Micro ServerProtect 5.58 for Windows, before Security Patch 4, exposes unspecified dangerous sub-functions from StRpcSrv.dll in the DCE/RPC interface, which allows remote …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-6507
|
2018-10-16 06:54 |
2007-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284644
|
- |
|
xecms
|
xecms
|
Directory traversal vulnerability in view.php in xeCMS 1.0 allows remote attackers to read arbitrary files via a ..%2F (dot dot slash) in the list parameter.
|
CWE-22
Path Traversal
|
CVE-2007-6508
|
2018-10-16 06:54 |
2007-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284645
|
- |
|
websense
|
enterpise
|
Websense Enterprise 6.3.1 allows remote attackers to bypass content filtering by visiting http URLs with a (1) RealPlayer G2, (2) MSMSGS, or (3) StoneHttpAgent User-Agent header, which results in a N…
|
NVD-CWE-Other
|
CVE-2007-6511
|
2018-10-16 06:54 |
2007-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284646
|
- |
|
php
|
mysql_banner_exchange
|
PHP MySQL Banner Exchange 2.2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain database information via a direct request to …
|
CWE-200
CWE-264
Information Exposure
Permissions, Privileges, and Access Controls
|
CVE-2007-6512
|
2018-10-16 06:54 |
2007-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284647
|
- |
|
apache
|
http_server
|
Apache HTTP Server, when running on Linux with a document root on a Windows share mounted using smbfs, allows remote attackers to obtain unprocessed content such as source files for .php programs via…
|
CWE-200
Information Exposure
|
CVE-2007-6514
|
2018-10-16 06:54 |
2007-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284648
|
- |
|
sitescape
|
sitescape_forum_st
sitescape_forum_zx
|
support/dispatch.cgi in SiteScape Forum allows remote attackers to execute arbitrary TCL code via code separator characters in the query string.
|
CWE-94
Code Injection
|
CVE-2007-6515
|
2018-10-16 06:54 |
2007-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284649
|
- |
|
aeries
|
aeries_browser_interface
|
SQL injection vulnerability in the forget password section (LostPwd.asp) in Eagle Software Aeries Browser Interface (ABI) 3.7.9.17 allows remote attackers to execute arbitrary SQL commands via the Em…
|
CWE-89
SQL Injection
|
CVE-2007-6517
|
2018-10-16 06:54 |
2007-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284650
|
- |
|
woltlab
|
burning_board_lite
|
Multiple SQL injection vulnerabilities in search.php in WoltLab Burning Board (wBB) Lite 1.0.2 pl3e allow remote attackers to execute arbitrary SQL commands via the (1) showposts, (2) sortby, and (3)…
|
CWE-89
SQL Injection
|
CVE-2007-6518
|
2018-10-16 06:54 |
2007-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
