|
284641
|
- |
|
totalplayer
|
totalplayer
|
TotalPlayer 3.0 allows user-assisted remote attackers to cause a denial of service (application crash) via a large .m3u file. NOTE: this might be a duplicate of CVE-2006-6288.
|
CWE-20
Improper Input Validation
|
CVE-2007-6558
|
2018-10-16 06:55 |
2007-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284642
|
- |
|
logaholic
|
logaholic
|
Multiple SQL injection vulnerabilities in Logaholic before 2.0 RC8 allow remote attackers to execute arbitrary SQL commands via (1) the from parameter to index.php or (2) the page parameter to update…
|
CWE-89
SQL Injection
|
CVE-2007-6559
|
2018-10-16 06:55 |
2007-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284643
|
- |
|
logaholic
|
logaholic
|
Multiple cross-site scripting (XSS) vulnerabilities in Logaholic before 2.0 RC8 allow remote attackers to inject arbitrary web script or HTML via (1) the newconfname parameter to profiles.php or (2) …
|
CWE-79
Cross-site Scripting
|
CVE-2007-6560
|
2018-10-16 06:55 |
2007-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284644
|
- |
|
pdflib
|
pdflib
|
Multiple stack-based buffer overflows in PDFLib allow user-assisted remote attackers to execute arbitrary code via a long filename argument to the PDF_load_image function that results in an overflow …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-6561
|
2018-10-16 06:55 |
2007-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284645
|
- |
|
blakord
|
blakord_portal
|
Multiple SQL injection vulnerabilities in Blakord Portal 1.3.A Beta and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter to an arbitrary component.
|
CWE-89
SQL Injection
|
CVE-2007-6565
|
2018-10-16 06:55 |
2007-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284646
|
- |
|
xzero_scripts
|
xzero_community_classifieds
|
SQL injection vulnerability in post.php in XZero Community Classifieds 4.95.11 and earlier allows remote attackers to execute arbitrary SQL commands via the subcatid parameter to index.php.
|
CWE-89
SQL Injection
|
CVE-2007-6566
|
2018-10-16 06:55 |
2007-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284647
|
- |
|
xzero_scripts
|
xzero_community_classifieds
|
Directory traversal vulnerability in index.php in XZero Community Classifieds 4.95.11 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pagena…
|
CWE-22
Path Traversal
|
CVE-2007-6567
|
2018-10-16 06:55 |
2007-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284648
|
- |
|
qksoft
|
qk_smtp_server_3
|
QK SMTP Server 3 allows remote attackers to cause a denial of service (daemon crash) via a long (1) HELO, (2) MAIL FROM, or (3) RCPT TO command; or (4) a long string in the message sent after the DAT…
|
CWE-20
Improper Input Validation
|
CVE-2007-6573
|
2018-10-16 06:55 |
2007-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284649
|
- |
|
dokeos
|
open_source_learning_and_knowledge_management
open_source_learning_and_knowledge_management_tool
|
Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.4 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the origin parameter to work/work.php in a displa…
|
CWE-79
Cross-site Scripting
|
CVE-2007-6574
|
2018-10-16 06:55 |
2007-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284650
|
- |
|
kde
|
konqueror
|
KDE Konqueror 3.5.5 and 3.95.00, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regards the certificate as also accepted for all domain names in sub…
|
NVD-CWE-Other
|
CVE-2007-6591
|
2018-10-16 06:55 |
2007-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
