|
284341
|
- |
|
codeigniter
|
codeigniter
|
The _sanitize_globals function in CodeIgniter 1.5.3 before 20070628 allows remote attackers to unset arbitrary global variables with unspecified impact, as demonstrated by a _SERVER cookie.
|
NVD-CWE-Other
|
CVE-2007-3706
|
2018-10-16 06:29 |
2007-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284342
|
- |
|
codeigniter
|
codeigniter
|
Directory traversal vulnerability in index.php in CodeIgniter 1.5.3 before 20070628, when enable_query_strings is true, allows remote attackers to read arbitrary files via a .. (dot dot) in the c par…
|
NVD-CWE-Other
|
CVE-2007-3707
|
2018-10-16 06:29 |
2007-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284343
|
- |
|
codeigniter
|
codeigniter
|
Cross-site scripting (XSS) vulnerability in CodeIgniter 1.5.3 before 20070626 allows remote attackers to inject arbitrary web script or HTML via (1) String.fromCharCode and (2) malformed nested tag m…
|
NVD-CWE-Other
|
CVE-2007-3708
|
2018-10-16 06:29 |
2007-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284344
|
- |
|
codeigniter
|
codeigniter
|
CRLF injection vulnerability in the redirect function in url_helper.php in CodeIgniter 1.5.3 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in an unspecified parameter, a…
|
NVD-CWE-Other
|
CVE-2007-3709
|
2018-10-16 06:29 |
2007-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284345
|
- |
|
php_comet-server
|
php_comet-server
|
PHP remote file inclusion vulnerability in example/gamedemo/inc.functions.php in PHP Comet-Server allows remote attackers to execute arbitrary PHP code via a URL in the projectPath parameter.
|
NVD-CWE-Other
|
CVE-2007-3710
|
2018-10-16 06:29 |
2007-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284346
|
- |
|
3com
|
tippingpoint_ips_tos
|
Unspecified vulnerability in TOS 2.1.x, 2.2.x before 2.2.5, and 2.5.x before 2.5.2 on TippingPoint IPS allows remote attackers to avoid detection by sending certain fragmented packets.
|
CWE-20
Improper Input Validation
|
CVE-2007-3711
|
2018-10-16 06:29 |
2007-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284347
|
- |
|
ada
|
imgsvr
|
Directory traversal vulnerability in Ada Image Server (ImgSvr) 0.6.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the template parameter to the default URI. NOTE: the proven…
|
NVD-CWE-Other
|
CVE-2007-3714
|
2018-10-16 06:29 |
2007-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284348
|
- |
|
sun
|
java_system_application_server
java_system_web_server
|
Sun Java System Application Server and Web Server 7.0 through 9.0 before 20070710 do not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attacke…
|
CWE-20
Improper Input Validation
|
CVE-2007-3715
|
2018-10-16 06:29 |
2007-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284349
|
- |
|
sun
|
jdk
jre
|
The Java XML Digital Signature implementation in Sun JDK and JRE 6 before Update 2 does not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent atta…
|
CWE-20
Improper Input Validation
|
CVE-2007-3716
|
2018-10-16 06:29 |
2007-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284350
|
- |
|
microsoft
|
data_access_components
index_server
internet_information_server
site_server
|
The Remote Data Service (RDS) DataFactory component of Microsoft Data Access Components (MDAC) in IIS 3.x and 4.x exposes unsafe methods, which allows remote attackers to execute arbitrary commands.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-1999-1011
|
2018-10-16 03:29 |
1999-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
