|
284551
|
- |
|
instantsoftwares
|
dating_site
|
SQL injection vulnerability in login_form.asp in Instant Softwares Dating Site allows remote attackers to execute arbitrary SQL commands via the Password parameter, a different product than CVE-2006-…
|
CWE-89
SQL Injection
|
CVE-2007-6671
|
2018-10-16 06:56 |
2008-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284552
|
- |
|
uber_uploader
|
uber_uploader
|
The default configuration of Uber Uploader (UU) 5.3.6 and earlier does not block uploads of (1) .html, (2) .asp, and other possibly dangerous extensions, which allows remote attackers to use these ex…
|
CWE-16
Configuration
|
CVE-2007-6676
|
2018-10-16 06:56 |
2008-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284553
|
- |
|
sdl
|
sdl_image
|
Buffer overflow in the LWZReadByte function in IMG_gif.c in SDL_image before 1.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a cr…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-6697
|
2018-10-16 06:56 |
2008-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284554
|
- |
|
openldap
|
openldap
|
The BDB backend for slapd in OpenLDAP before 2.3.36 allows remote authenticated users to cause a denial of service (crash) via a potentially-successful modify operation with the NOOP control set to c…
|
CWE-399
Resource Management Errors
|
CVE-2007-6698
|
2018-10-16 06:56 |
2008-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284555
|
- |
|
f5
|
firepass_4100
|
Multiple cross-site scripting (XSS) vulnerabilities in F5 FirePass 4100 SSL VPN 5.4.1 through 5.5.2 and 6.0 through 6.0.1, when pre-logon sequences are enabled, allow remote attackers to inject arbit…
|
CWE-79
Cross-site Scripting
|
CVE-2007-6704
|
2018-10-16 06:56 |
2008-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284556
|
- |
|
linksys
|
wag54gs
|
Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware allow remote attackers to inject arbitrary web script or HTM…
|
CWE-79
Cross-site Scripting
|
CVE-2007-6707
|
2018-10-16 06:56 |
2008-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284557
|
- |
|
linksys
|
wag54gs
|
Multiple cross-site request forgery (CSRF) vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware allow remote attackers to perform actions as administ…
|
CWE-352
Origin Validation Error
|
CVE-2007-6708
|
2018-10-16 06:56 |
2008-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284558
|
- |
|
linksys
|
wag54gs
|
The Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware has "admin" as its default password for the "admin" account, which makes it easier for remote attackers to obtain a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-6709
|
2018-10-16 06:56 |
2008-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284559
|
- |
|
tiki
|
tikiwiki_cms\/groupware
|
Directory traversal vulnerability in tiki-listmovies.php in TikiWiki before 1.9.9 allows remote attackers to read arbitrary files via a .. (dot dot) and modified filename in the movie parameter.
|
CWE-22
Path Traversal
|
CVE-2007-6528
|
2018-10-16 06:55 |
2007-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284560
|
- |
|
inmatrix
|
zoom_player
|
Buffer overflow in Zoom Player 6.00 beta 2 and earlier allows user-assisted remote attackers to execute arbitrary code via an HTTP link to a PLS file in a crafted ZPL file, which causes an overflow i…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-6533
|
2018-10-16 06:55 |
2007-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
