|
284671
|
- |
|
milliscripts
|
milliscripts
|
Cross-site scripting (XSS) vulnerability in dir.php in milliscripts Redirection allows remote attackers to inject arbitrary web script or HTML via the cat parameter in a browse action.
|
CWE-79
Cross-site Scripting
|
CVE-2007-6641
|
2018-10-16 06:55 |
2008-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284672
|
- |
|
joomla
|
joomla
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Joomla! before 1.5 RC4 allow remote attackers to (1) add a Super Admin, (2) upload an extension containing arbitrary PHP code, and (3) mo…
|
CWE-352
Origin Validation Error
|
CVE-2007-6642
|
2018-10-16 06:55 |
2008-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284673
|
- |
|
integry_systems
|
livecart
|
Multiple cross-site scripting (XSS) vulnerabilities in LiveCart 1.0.1, and possibly other versions before 1.1.0, allow remote attackers to inject arbitrary web script or HTML via (1) the return param…
|
CWE-79
Cross-site Scripting
|
CVE-2007-6646
|
2018-10-16 06:55 |
2008-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284674
|
- |
|
bitweaver
|
r2_cms
|
Unrestricted file upload vulnerability in fisheye/upload.php in Bitweaver R2 CMS allows remote attackers to upload arbitrary files by using the image/gif content type, and possibly other image and PD…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-6650
|
2018-10-16 06:55 |
2008-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284675
|
- |
|
bitweaver
|
bitweaver
|
Directory traversal vulnerability in wiki/edit.php in Bitweaver R2 CMS allows remote attackers to obtain sensitive information (script source code) via a .. (dot dot) in the suck_url parameter.
|
CWE-22
Path Traversal
|
CVE-2007-6651
|
2018-10-16 06:55 |
2008-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284676
|
- |
|
customcms
|
ccms
|
SQL injection vulnerability in admin.php/vars.php in CustomCMS (CCMS) 3.1 Demo allows remote attackers to execute arbitrary SQL commands via the p parameter in the Console page.
|
CWE-89
SQL Injection
|
CVE-2007-6658
|
2018-10-16 06:55 |
2008-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284677
|
- |
|
2z_project
|
2z_project
|
Multiple cross-site scripting (XSS) vulnerabilities in 2z project 0.9.6.1 allow remote attackers to inject arbitrary web script or HTML via the (1) contentshort or (2) contentfull parameter in an add…
|
CWE-79
Cross-site Scripting
|
CVE-2007-6659
|
2018-10-16 06:55 |
2008-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284678
|
- |
|
2z_project
|
2z_project
|
2z project 0.9.6.1 allows remote attackers to obtain sensitive information via (1) a request to index.php with an invalid template or (2) a request to the default URI with certain year and month para…
|
CWE-200
Information Exposure
|
CVE-2007-6660
|
2018-10-16 06:55 |
2008-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284679
|
- |
|
asterisk
|
asterisk_business_edition
open_source
|
Asterisk Open Source 1.2.x before 1.2.26 and 1.4.x before 1.4.16, and Business Edition B.x.x before B.2.3.6 and C.x.x before C.1.0-beta8, when using database-based registrations ("realtime") and host…
|
CWE-287
Improper Authentication
|
CVE-2007-6430
|
2018-10-16 06:54 |
2007-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284680
|
- |
|
adobe
|
pagemaker
|
Stack-based buffer overflow in AldFs32.dll in Adobe PageMaker 7.0.1 and 7.0.2 allows user-assisted remote attackers to execute arbitrary code via a malformed .PMD file, related to "Key Strings," a di…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-6432
|
2018-10-16 06:54 |
2008-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
