|
284601
|
- |
|
netbizcity
|
faqmasterflexplus
|
Multiple SQL injection vulnerabilities in FAQMasterFlexPlus, possibly 1.5 or 1.52, allow remote attackers to execute arbitrary SQL commands via the category_id parameter to faq.php, and unspecified o…
|
CWE-89
SQL Injection
|
CVE-2007-6634
|
2018-10-16 06:55 |
2008-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284602
|
- |
|
netbizcity
|
faqmasterflexplus
|
FAQMasterFlexPlus, possibly 1.5 or 1.52, stores the admin password in cleartext in a database, which might allow context-dependent attackers to obtain the password via unspecified database access.
|
CWE-310
Cryptographic Issues
|
CVE-2007-6635
|
2018-10-16 06:55 |
2008-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284603
|
- |
|
milliscripts
|
milliscripts
|
Cross-site scripting (XSS) vulnerability in dir.php in milliscripts Redirection allows remote attackers to inject arbitrary web script or HTML via the cat parameter in a browse action.
|
CWE-79
Cross-site Scripting
|
CVE-2007-6641
|
2018-10-16 06:55 |
2008-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284604
|
- |
|
joomla
|
joomla
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Joomla! before 1.5 RC4 allow remote attackers to (1) add a Super Admin, (2) upload an extension containing arbitrary PHP code, and (3) mo…
|
CWE-352
Origin Validation Error
|
CVE-2007-6642
|
2018-10-16 06:55 |
2008-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284605
|
- |
|
integry_systems
|
livecart
|
Multiple cross-site scripting (XSS) vulnerabilities in LiveCart 1.0.1, and possibly other versions before 1.1.0, allow remote attackers to inject arbitrary web script or HTML via (1) the return param…
|
CWE-79
Cross-site Scripting
|
CVE-2007-6646
|
2018-10-16 06:55 |
2008-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284606
|
- |
|
bitweaver
|
r2_cms
|
Unrestricted file upload vulnerability in fisheye/upload.php in Bitweaver R2 CMS allows remote attackers to upload arbitrary files by using the image/gif content type, and possibly other image and PD…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-6650
|
2018-10-16 06:55 |
2008-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284607
|
- |
|
bitweaver
|
bitweaver
|
Directory traversal vulnerability in wiki/edit.php in Bitweaver R2 CMS allows remote attackers to obtain sensitive information (script source code) via a .. (dot dot) in the suck_url parameter.
|
CWE-22
Path Traversal
|
CVE-2007-6651
|
2018-10-16 06:55 |
2008-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284608
|
- |
|
customcms
|
ccms
|
SQL injection vulnerability in admin.php/vars.php in CustomCMS (CCMS) 3.1 Demo allows remote attackers to execute arbitrary SQL commands via the p parameter in the Console page.
|
CWE-89
SQL Injection
|
CVE-2007-6658
|
2018-10-16 06:55 |
2008-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284609
|
- |
|
2z_project
|
2z_project
|
Multiple cross-site scripting (XSS) vulnerabilities in 2z project 0.9.6.1 allow remote attackers to inject arbitrary web script or HTML via the (1) contentshort or (2) contentfull parameter in an add…
|
CWE-79
Cross-site Scripting
|
CVE-2007-6659
|
2018-10-16 06:55 |
2008-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284610
|
- |
|
2z_project
|
2z_project
|
2z project 0.9.6.1 allows remote attackers to obtain sensitive information via (1) a request to index.php with an invalid template or (2) a request to the default URI with certain year and month para…
|
CWE-200
Information Exposure
|
CVE-2007-6660
|
2018-10-16 06:55 |
2008-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
