|
283991
|
- |
|
phpmyadmin
|
phpmyadmin
|
Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.1 and earlier, when Microsoft Internet Explorer 6 is used, allows remote attackers to inject arbitrary web script or HTML via a javascript: …
|
NVD-CWE-Other
|
CVE-2007-0341
|
2018-10-17 01:32 |
2007-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283992
|
- |
|
cvstrac
|
cvstrac
|
The is_eow function in format.c in CVSTrac before 2.0.1 does not properly check for the "'" (quote) character, which allows remote authenticated users to execute limited SQL injection attacks and cau…
|
NVD-CWE-Other
|
CVE-2007-0347
|
2018-10-17 01:32 |
2007-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283993
|
- |
|
cvstrac
|
cvstrac
|
An SQL injection via this technique is somewhat limited as is_eow() bails on whitespace. So while one _can_ do an SQL injection, one is limited to SQL queries containing only characters which get pas…
|
NVD-CWE-Other
|
CVE-2007-0347
|
2018-10-17 01:32 |
2007-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283994
|
- |
|
cvstrac
|
cvstrac
|
The DoS vulnerability exists because the is_eow() function in "format.c" does NOT just check the FIRST character of the supplied string for an End-Of-Word terminating character, but instead iterates …
|
NVD-CWE-Other
|
CVE-2007-0347
|
2018-10-17 01:32 |
2007-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283995
|
- |
|
cvstrac
|
cvstrac
|
Successful remote unauthenticated exploit requires that CVSTrac is explicitly configured to allow anonymous users to add tickets (it is not by default).
|
NVD-CWE-Other
|
CVE-2007-0347
|
2018-10-17 01:32 |
2007-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283996
|
- |
|
interactual_technologies
intervideo
roxio
|
interactual_player
windvd
cineplayer
|
Stack-based buffer overflow in the IASystemInfo.dll ActiveX control in (1) InterActual Player 2.60.12.0717, (2) Roxio CinePlayer 3.2, (3) WinDVD 7.0.27.172, and possibly other products, allows remote…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-0348
|
2018-10-17 01:32 |
2007-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283997
|
- |
|
nicecoder
|
indexu
|
Directory traversal vulnerability in upgrade.php in nicecoder.com INDEXU 5.x allows remote attackers to include arbitrary local files via a .. (dot dot) in the gateway parameter.
|
NVD-CWE-Other
|
CVE-2007-0349
|
2018-10-17 01:32 |
2007-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283998
|
- |
|
zonelabs
|
zonealarm
|
Microsoft Windows XP and Windows Server 2003 do not properly handle user logoff, which might allow local users to gain the privileges of a previous system user, possibly related to user profile unloa…
|
NVD-CWE-Other
|
CVE-2007-0351
|
2018-10-17 01:32 |
2007-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283999
|
- |
|
microsoft
|
html_help_workshop
|
Stack-based buffer overflow in Microsoft Help Workshop 4.03.0002 allows user-assisted remote attackers to execute arbitrary code via a crafted .cnt file composed of lines that begin with an integer f…
|
NVD-CWE-Other
|
CVE-2007-0352
|
2018-10-17 01:32 |
2007-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284000
|
- |
|
mywebland
|
mybloggie
|
Cross-site scripting (XSS) vulnerability in (1) index.php and (2) login.php in myBloggie 2.1.5 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO string.
|
NVD-CWE-Other
|
CVE-2007-0353
|
2018-10-17 01:32 |
2007-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
