|
284711
|
- |
|
trend_micro
|
serverprotect
|
SpntSvc.exe daemon in Trend Micro ServerProtect 5.58 for Windows, before Security Patch 4, exposes unspecified dangerous sub-functions from StRpcSrv.dll in the DCE/RPC interface, which allows remote …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-6507
|
2018-10-16 06:54 |
2007-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284712
|
- |
|
xecms
|
xecms
|
Directory traversal vulnerability in view.php in xeCMS 1.0 allows remote attackers to read arbitrary files via a ..%2F (dot dot slash) in the list parameter.
|
CWE-22
Path Traversal
|
CVE-2007-6508
|
2018-10-16 06:54 |
2007-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284713
|
- |
|
websense
|
enterpise
|
Websense Enterprise 6.3.1 allows remote attackers to bypass content filtering by visiting http URLs with a (1) RealPlayer G2, (2) MSMSGS, or (3) StoneHttpAgent User-Agent header, which results in a N…
|
NVD-CWE-Other
|
CVE-2007-6511
|
2018-10-16 06:54 |
2007-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284714
|
- |
|
php
|
mysql_banner_exchange
|
PHP MySQL Banner Exchange 2.2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain database information via a direct request to …
|
CWE-200
CWE-264
Information Exposure
Permissions, Privileges, and Access Controls
|
CVE-2007-6512
|
2018-10-16 06:54 |
2007-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284715
|
- |
|
apache
|
http_server
|
Apache HTTP Server, when running on Linux with a document root on a Windows share mounted using smbfs, allows remote attackers to obtain unprocessed content such as source files for .php programs via…
|
CWE-200
Information Exposure
|
CVE-2007-6514
|
2018-10-16 06:54 |
2007-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284716
|
- |
|
sitescape
|
sitescape_forum_st
sitescape_forum_zx
|
support/dispatch.cgi in SiteScape Forum allows remote attackers to execute arbitrary TCL code via code separator characters in the query string.
|
CWE-94
Code Injection
|
CVE-2007-6515
|
2018-10-16 06:54 |
2007-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284717
|
- |
|
aeries
|
aeries_browser_interface
|
SQL injection vulnerability in the forget password section (LostPwd.asp) in Eagle Software Aeries Browser Interface (ABI) 3.7.9.17 allows remote attackers to execute arbitrary SQL commands via the Em…
|
CWE-89
SQL Injection
|
CVE-2007-6517
|
2018-10-16 06:54 |
2007-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284718
|
- |
|
woltlab
|
burning_board_lite
|
Multiple SQL injection vulnerabilities in search.php in WoltLab Burning Board (wBB) Lite 1.0.2 pl3e allow remote attackers to execute arbitrary SQL commands via the (1) showposts, (2) sortby, and (3)…
|
CWE-89
SQL Injection
|
CVE-2007-6518
|
2018-10-16 06:54 |
2007-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284719
|
- |
|
opera
|
opera_browser
|
Algorithmic complexity vulnerability in Opera 9.50 beta and 9.x before 9.25 allows remote attackers to cause a denial of service (CPU consumption) via a crafted bitmap (BMP) file that triggers a larg…
|
CWE-189
CWE-399
Numeric Errors
Resource Management Errors
|
CVE-2007-6523
|
2018-10-16 06:54 |
2007-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284720
|
- |
|
opera
|
opera_browser
|
Opera before 9.25 allows remote attackers to obtain potentially sensitive memory contents via a crafted bitmap (BMP) file, as demonstrated using a CANVAS element and JavaScript in an HTML document fo…
|
CWE-200
Information Exposure
|
CVE-2007-6524
|
2018-10-16 06:54 |
2007-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
