|
299851
|
- |
|
ibm
|
websphere_application_server
|
Multiple cross-site request forgery (CSRF) vulnerabilities in uddigui/navigateTree.do in the UDDI user console in IBM WebSphere Application Server (WAS) before 6.1.0 Fix Pack 13 (6.1.0.13) allow remo…
|
CWE-352
Origin Validation Error
|
CVE-2007-5799
|
2017-07-29 10:33 |
2007-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299852
|
- |
|
nagios
|
nagios
|
Multiple cross-site scripting (XSS) vulnerabilities in CGI programs in Nagios before 2.12 might allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issu…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5803
|
2017-07-29 10:33 |
2008-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299853
|
- |
|
ibm
|
aix
|
cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument to the "-p" option to swcons, which allows local users in the system group to create or overwrite an arbitrary file, and enable w…
|
NVD-CWE-Other
|
CVE-2007-5804
|
2017-07-29 10:33 |
2007-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299854
|
- |
|
ibm
|
aix
|
cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument to the "-p" option to swcons, which allows local users in the system group to create an arbitrary file, and enable world writabil…
|
CWE-59
Link Following
|
CVE-2007-5805
|
2017-07-29 10:33 |
2007-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299855
|
- |
|
hitachi
|
groupmax_collaboration_portal
groupmax_collaboration_web_client
ucosminexus_collaboration_portal
|
Unspecified vulnerability in the Groupmax Collaboration - Schedule component in Hitachi Groupmax Collaboration Portal 07-30 through 07-30-/F and 07-32 through 07-32-/C, uCosminexus Collaboration Port…
|
NVD-CWE-noinfo
|
CVE-2007-5808
|
2017-07-29 10:33 |
2007-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299856
|
- |
|
ibm
|
tivoli_continuous_data_protection_for_files
|
IBM Tivoli Continuous Data Protection for Files (CDP) 3.1.0 uses weak permissions (unrestricted write) for the Central Admin Global download directory, which allows local users to place arbitrary fil…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-5819
|
2017-07-29 10:33 |
2007-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299857
|
- |
|
iscsitarget
|
iscsitarget
|
iSCSI Enterprise Target (iscsitarget) 0.4.15 uses weak permissions for /etc/ietd.conf, which allows local users to obtain passwords.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-5827
|
2017-07-29 10:33 |
2007-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299858
|
- |
|
symantec
|
norton_antivirus
norton_internet_security
|
The Disk Mount scanner in Symantec AntiVirus for Macintosh 9.x and 10.x, Norton AntiVirus for Macintosh 10.0 and 10.1, and Norton Internet Security for Macintosh 3.x, uses a directory with weak permi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-5829
|
2017-07-29 10:33 |
2007-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299859
|
- |
|
afcommerce
|
afcommerce
|
SQL injection vulnerability in Amazing Flash AFCommerce allows remote attackers to execute arbitrary SQL commands via the firstname parameter to an unspecified component, a different issue than CVE-2…
|
CWE-89
SQL Injection
|
CVE-2007-5836
|
2017-07-29 10:33 |
2007-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299860
|
- |
|
yarssr
|
yarssr
|
GUI.pm in yarssr 0.2.2, when Gnome default URL handling is disabled, allows remote attackers to execute arbitrary commands via shell metacharacters in a link element in a feed.
|
CWE-94
Code Injection
|
CVE-2007-5837
|
2017-07-29 10:33 |
2007-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
