|
299731
|
- |
|
galmeta
|
galmeta_post
|
PHP remote file inclusion vulnerability in _lib/fckeditor/upload_config.php in Galmeta Post 0.11 allows remote attackers to execute arbitrary PHP code via a URL in the DDS parameter.
|
CWE-94
Code Injection
|
CVE-2007-5567
|
2017-07-29 10:33 |
2007-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299732
|
- |
|
treble_designs
|
1024_cms
|
Cross-site request forgery (CSRF) vulnerability in 1024 CMS 1.2.5 allows remote attackers to perform some actions as administrators, as demonstrated by (1) an unspecified action that creates a file c…
|
CWE-352
Origin Validation Error
|
CVE-2007-5575
|
2017-07-29 10:33 |
2007-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299733
|
- |
|
secureideas
|
basic_analysis_and_security_engine
|
Basic Analysis and Security Engine (BASE) before 1.3.8 sends a redirect to the web browser but does not exit, which allows remote attackers to bypass authentication via (1) base_main.php, (2) base_qr…
|
CWE-287
Improper Authentication
|
CVE-2007-5578
|
2017-07-29 10:33 |
2007-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299734
|
- |
|
pligg
|
pligg_cms
|
login.php in Pligg CMS 9.5 uses a guessable confirmation code when resetting a forgotten password, which allows remote attackers with knowledge of a username to reset that user's password by calculat…
|
CWE-255
Credentials Management
|
CVE-2007-5579
|
2017-07-29 10:33 |
2007-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299735
|
- |
|
cisco
|
unified_meetingplace
|
Multiple cross-site scripting (XSS) vulnerabilities in mpweb/scripts/mpx.dll in Cisco Unified MeetingPlace 5.4 and earlier and 6.0 allow remote attackers to inject arbitrary web script or HTML via th…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5581
|
2017-07-29 10:33 |
2007-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299736
|
- |
|
cisco
|
firewall_services_module
|
Unspecified vulnerability in Cisco Firewall Services Module (FWSM) 3.2(3) allows remote attackers to cause a denial of service (device reload) via crafted "data in the control-plane path with Layer 7…
|
NVD-CWE-Other
|
CVE-2007-5584
|
2017-07-29 10:33 |
2007-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299737
|
- |
|
mnogosearch
|
mnogosearch
|
Cross-site scripting (XSS) vulnerability in mnoGoSearch before 3.2.43 allows remote attackers to inject arbitrary web script or HTML via the t parameter in search.cgi, as reachable from search.htm-di…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5588
|
2017-07-29 10:33 |
2007-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299738
|
- |
|
miranda-im
|
miranda
|
Multiple buffer overflows in Miranda before 0.7.1 allow remote attackers to execute arbitrary code via unspecified vectors involving (1) IRC options, (2) Jabber forms, and unspecified aspects of the …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-5590
|
2017-07-29 10:33 |
2007-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299739
|
- |
|
realnetworks
|
realplayer
|
Stack-based buffer overflow in the Database Component in MPAMedia.dll in RealNetworks RealPlayer 10.5 and 11 beta, and earlier versions including 10, RealOne Player, and RealOne Player 2, allows remo…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-5601
|
2017-07-29 10:33 |
2007-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299740
|
- |
|
hp
|
instant_support
|
Buffer overflow in the ExtractCab function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary …
|
NVD-CWE-noinfo
CWE-94
Code Injection
|
CVE-2007-5604
|
2017-07-29 10:33 |
2008-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
