|
299701
|
- |
|
fujitsu
|
interstage_application_server
interstage_apworks
interstage_studio
|
The Tomcat 4.1-based Servlet Service in Fujitsu Interstage Application Server 7.0 through 9.0.0 and Interstage Apworks/Studio 7.0 through 9.0.0 allows remote attackers to obtain sensitive information…
|
CWE-22
Path Traversal
|
CVE-2007-5366
|
2017-07-29 10:33 |
2007-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299702
|
- |
|
ldapscripts
|
ldapscripts
|
ldapscripts 1.4 and 1.7 sends a password as a command line argument when calling some LDAP programs, which might allow local users to read the password by listing the process and its arguments, as de…
|
CWE-310
Cryptographic Issues
|
CVE-2007-5373
|
2017-07-29 10:33 |
2007-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299703
|
- |
|
cisco
|
ios
|
Stack-based buffer overflow in the Line Printer Daemon (LPD) in Cisco IOS before 12.2(18)SXF11, 12.4(16a), and 12.4(2)T6 allow remote attackers to execute arbitrary code by setting a long hostname on…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-5381
|
2017-07-29 10:33 |
2007-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299704
|
- |
|
cisco
|
wireless_lan_solution_engine
wireless_control_system
|
The conversion utility for converting CiscoWorks Wireless LAN Solution Engine (WLSE) 4.1.91.0 and earlier to Cisco Wireless Control System (WCS) creates administrator accounts with default usernames …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-5382
|
2017-07-29 10:33 |
2007-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299705
|
- |
|
miranda-im
|
miranda_im
|
Format string vulnerability in the ext_yahoo_contact_added function in yahoo.c in Miranda IM 0.7.1 allows remote attackers to execute arbitrary code via a Y7 Buddy Authorization packet with format st…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2007-5396
|
2017-07-29 10:33 |
2007-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299706
|
- |
|
layton_technology
|
helpbox
|
Unrestricted file upload vulnerability in uploadrequest.asp in Layton HelpBox 3.7.1 allows remote authenticated users to upload and execute arbitrary ASP files, related to not properly checking file …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-5401
|
2017-07-29 10:33 |
2008-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299707
|
- |
|
layton_technology
|
helpbox
|
Multiple SQL injection vulnerabilities in Layton HelpBox 3.7.1 allow (1) remote attackers to execute arbitrary SQL commands via the sys_request_id parameter to editrequestenduser.asp; and allow remot…
|
CWE-89
SQL Injection
|
CVE-2007-5402
|
2017-07-29 10:33 |
2008-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299708
|
- |
|
layton_technology
|
helpbox
|
Layton HelpBox 3.7.1 generates different responses depending on whether or not a username is valid in a failed login attempt, which allows remote attackers to enumerate valid usernames.
|
CWE-200
Information Exposure
|
CVE-2007-5404
|
2017-07-29 10:33 |
2008-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299709
|
- |
|
layton_technology
|
helpbox
|
Multiple cross-site scripting (XSS) vulnerabilities in Layton HelpBox 3.7.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) Forename, (2) Surname, (3) Telephone, a…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5403
|
2017-07-29 10:33 |
2008-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299710
|
- |
|
linksys
|
spa941
|
Cross-site scripting (XSS) vulnerability in the Linksys SPA941 VoIP Phone with firmware 5.1.8 allows remote attackers to inject arbitrary web script or HTML via the From header in a SIP message.
|
CWE-79
Cross-site Scripting
|
CVE-2007-5411
|
2017-07-29 10:33 |
2007-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
