|
283861
|
- |
|
call_center_software
|
call_center_software
|
Cross-site scripting (XSS) vulnerability in call_entry.php in Call Center Software 0,93 allows remote attackers to inject arbitrary web script or HTML via the problem_desc parameter, as demonstrated …
|
CWE-79
Cross-site Scripting
|
CVE-2007-1161
|
2018-10-17 01:36 |
2007-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283862
|
- |
|
dbscripts
|
dbimagegallery
|
Multiple PHP remote file inclusion vulnerabilities in DBImageGallery 1.2.2 allow remote attackers to execute arbitrary PHP code via a URL in the donsimg_base_path parameter to (1) attributes.php, (2)…
|
CWE-94
Code Injection
|
CVE-2007-1164
|
2018-10-17 01:36 |
2007-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283863
|
- |
|
qdig
|
qdig
|
Cross-site scripting (XSS) vulnerability in Quick Digital Image Gallery (Qdig) 1.2.9.3 and devel-20060624 allows remote attackers to inject arbitrary web script or HTML via the Qwd parameter to the t…
|
NVD-CWE-Other
|
CVE-2007-0876
|
2018-10-17 01:35 |
2007-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283864
|
- |
|
capital_request_forms
|
capital_request_forms
|
Capital Request Forms stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain database credentials via a direct request for inc/commo…
|
NVD-CWE-Other
|
CVE-2007-0880
|
2018-10-17 01:35 |
2007-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283865
|
- |
|
second_rule_llc
|
ip3_netaccess
|
Directory traversal vulnerability in portalgroups/portalgroups/getfile.cgi in IP3 NetAccess before firmware 4.1.9.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the filename …
|
NVD-CWE-Other
|
CVE-2007-0883
|
2018-10-17 01:35 |
2007-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283866
|
- |
|
rainbow_portal
|
rainbow.zen
rainbow_with_the_zen
|
Cross-site scripting (XSS) vulnerability in jira/secure/BrowseProject.jspa in Rainbow with the Zen (Rainbow.Zen) extension allows remote attackers to inject arbitrary web script or HTML via the id pa…
|
NVD-CWE-Other
|
CVE-2007-0885
|
2018-10-17 01:35 |
2007-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283867
|
- |
|
kiwi_enterprises
|
kiwi_cattools
|
Directory traversal vulnerability in the TFTP server in Kiwi CatTools before 3.2.0 beta allows remote attackers to read arbitrary files, and upload files to arbitrary locations, via ..// (dot dot) se…
|
NVD-CWE-Other
|
CVE-2007-0888
|
2018-10-17 01:35 |
2007-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283868
|
- |
|
kiwi_enterprises
|
kiwi_cattools
|
This vulnerability is addressed in the following product update:
Kiwi Enterprises, Kiwi CatTools, 3.2.0 Beta
|
NVD-CWE-Other
|
CVE-2007-0888
|
2018-10-17 01:35 |
2007-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283869
|
- |
|
kiwi_enterprises
|
kiwi_cattools
|
Kiwi CatTools before 3.2.0 beta uses weak encryption ("reversible encoding") for passwords, account names, and IP addresses in kiwidb-cattools.kdb, which might allow local users to gain sensitive inf…
|
NVD-CWE-Other
|
CVE-2007-0889
|
2018-10-17 01:35 |
2007-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283870
|
- |
|
cpanel
|
webhost_manager
|
Cross-site scripting (XSS) vulnerability in scripts/passwdmysql in cPanel WebHost Manager (WHM) 11.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the password para…
|
NVD-CWE-Other
|
CVE-2007-0890
|
2018-10-17 01:35 |
2007-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
