|
299171
|
- |
|
jason_frisvold
|
phptodo
|
Unspecified vulnerability in phpTodo before 0.8.1 allows remote attackers to have an unknown impact via newlines in regular expressions to (1) index.php, (2) feed.php, (3) prefs.php, and (4) todolist…
|
NVD-CWE-Other
|
CVE-2007-2636
|
2017-07-29 10:31 |
2007-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299172
|
- |
|
moinmoin
|
moinmoin
|
MoinMoin before 20070507 does not properly enforce ACLs for calendars and includes, which allows remote attackers to read certain pages via unspecified vectors.
|
NVD-CWE-Other
|
CVE-2007-2637
|
2017-07-29 10:31 |
2007-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299173
|
- |
|
heiko_stamer
|
libtmcg
|
LibTMCG before 1.1.1 does not perform a range check to avoid "trivial group generators," which allows attackers to obtain sensitive information about private cards.
|
NVD-CWE-Other
|
CVE-2007-2640
|
2017-07-29 10:31 |
2007-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299174
|
- |
|
clever_components
|
clever_database_comparer
|
Stack-based buffer overflow in the Clever Database Comparer 2.2 ActiveX control (comparerax.ocx) allows remote attackers to execute arbitrary code via a long argument to the ConnectToDatabase functio…
|
NVD-CWE-Other
|
CVE-2007-2648
|
2017-07-29 10:31 |
2007-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299175
|
- |
|
voodoo_circle
|
voodoo_circle
|
Multiple off-by-one errors in VooDoo cIRCle before 1.1.beta27 allow remote attackers to cause a denial of service (connection loss) or possibly execute arbitrary code via a (1) DNS name response of t…
|
NVD-CWE-Other
|
CVE-2007-2651
|
2017-07-29 10:31 |
2007-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299176
|
- |
|
free-sa
|
free-sa
|
Multiple unspecified vulnerabilities in Free-SA before 1.2.2 allow remote attackers to execute arbitrary code via unspecified vectors involving certain (1) sprintf and (2) vsprintf calls in (a) r_ind…
|
NVD-CWE-Other
|
CVE-2007-2652
|
2017-07-29 10:31 |
2007-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299177
|
- |
|
netwin
|
surgemail
webmail
|
Unspecified vulnerability in NetWin Webmail 3.1s-1 in SurgeMail before 3.8i2 has unknown impact and remote attack vectors, possibly a format string vulnerability that allows remote code execution.
|
NVD-CWE-noinfo
CWE-134
Use of Externally-Controlled Format String
|
CVE-2007-2655
|
2017-07-29 10:31 |
2007-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299178
|
- |
|
netwin
|
surgemail
webmail
|
The vendor has addressed this issue through a product update:
http://netwinsite.com/cgi-bin/keycgi.exe?cmd=download&product=surgemail
|
NVD-CWE-noinfo
CWE-134
Use of Externally-Controlled Format String
|
CVE-2007-2655
|
2017-07-29 10:31 |
2007-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299179
|
- |
|
globalmegacorp
|
phpchain
|
Multiple cross-site scripting (XSS) vulnerabilities in PHPChain 1.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the catid parameter to (1) settings.php or (2) cat.ph…
|
NVD-CWE-Other
|
CVE-2007-2669
|
2017-07-29 10:31 |
2007-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299180
|
- |
|
globalmegacorp
|
phpchain
|
PHPChain 1.0 and earlier allows remote attackers to obtain the installation path via invalid values of the catid parameter to (1) settings.php or (2) cat.php, as demonstrated by XSS manipulations.
|
NVD-CWE-Other
|
CVE-2007-2670
|
2017-07-29 10:31 |
2007-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
