|
299611
|
- |
|
speedtech
|
stphplibrary
|
Multiple PHP remote file inclusion vulnerabilities in SpeedTech PHP Library (STPHPLibrary) 0.8.0 allow remote attackers to execute arbitrary PHP code via a URL in the (1) db_conf or (2) ADODB_DIR par…
|
CWE-94
CWE-20
Code Injection
Improper Input Validation
|
CVE-2007-4738
|
2017-07-29 10:33 |
2007-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299612
|
- |
|
joomla
mambo
|
akobook
mambo_site_server
|
Multiple cross-site scripting (XSS) vulnerabilities in the AkoBook 3.42 and earlier component (com_akobook) for Mambo allow remote attackers to inject arbitrary web script or HTML via Javascript even…
|
CWE-79
Cross-site Scripting
|
CVE-2007-4745
|
2017-07-29 10:33 |
2007-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299613
|
- |
|
cisco
|
video_surveillance_ip_gateway_encoder_decoder
video_surveillance_sp_isp_decoder_software
video_surveillance_sp_isp
|
The Cisco Video Surveillance IP Gateway Encoder/Decoder (Standalone and Module) firmware 1.8.1 and earlier, Video Surveillance SP/ISP Decoder Software firmware 1.11.0 and earlier, and the Video Surve…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-4746
|
2017-07-29 10:33 |
2007-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299614
|
- |
|
cisco
|
video_surveillance_ip_gateway_encoder_decoder
video_surveillance_sp_isp_decoder_software
video_surveillance_sp_isp
|
The telnet service in Cisco Video Surveillance IP Gateway Encoder/Decoder (Standalone and Module) firmware 1.8.1 and earlier, Video Surveillance SP/ISP Decoder Software firmware 1.11.0 and earlier, a…
|
CWE-287
Improper Authentication
|
CVE-2007-4747
|
2017-07-29 10:33 |
2007-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299615
|
- |
|
thomson
|
st_2030_sip_phone
|
The Thomson ST 2030 SIP phone with software 1.52.1 allows remote attackers to cause a denial of service (device hang) via (1) an empty SIP message or (2) a SIP INVITE message with a malformed To head…
|
NVD-CWE-Other
|
CVE-2007-4753
|
2017-07-29 10:33 |
2007-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299616
|
- |
|
hitachi
|
ucosminexus_application_server_enterprise
ucosminexus_application_server_standard
ucosminexus_developer_standard
ucosminexus_service_platform
|
The javadoc tool in Cosminexus Developer's Kit for Java in Cosminexus 7 and 7.5 can generate HTML documents that contain cross-site scripting (XSS) vulnerabilities, which allows remote attackers to i…
|
CWE-79
Cross-site Scripting
|
CVE-2007-4760
|
2017-07-29 10:33 |
2007-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299617
|
- |
|
pawfaliki
|
pawfaliki
|
Directory traversal vulnerability in pawfaliki.php in Pawfaliki 0.5.1 allows remote attackers to list arbitrary files via a .. (dot dot) in the page parameter. NOTE: the provenance of this informati…
|
CWE-22
Path Traversal
|
CVE-2007-4764
|
2017-07-29 10:33 |
2007-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299618
|
- |
|
joomla
|
joomla
|
Multiple SQL injection vulnerabilities in the content component (com_content) in Joomla! 1.5 Beta1, Beta2, and RC1 allow remote attackers to execute arbitrary SQL commands via the filter parameter in…
|
CWE-89
SQL Injection
|
CVE-2007-4778
|
2017-07-29 10:33 |
2007-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299619
|
- |
|
sophos
|
scanning_engine
sophos_anti-virus
|
The virus detection engine in Sophos Anti-Virus before 2.49.0 does not properly process malformed (1) CAB, (2) LZH, and (3) RAR files with modified headers, which might allow remote attackers to bypa…
|
CWE-20
Improper Input Validation
|
CVE-2007-4787
|
2017-07-29 10:33 |
2007-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299620
|
- |
|
cisco
|
content_switching_module_with_ssl
content_switching_modules
|
Cisco Content Switching Modules (CSM) 4.2 before 4.2.3a, and Cisco Content Switching Module with SSL (CSM-S) 2.1 before 2.1.2a, allow remote attackers to cause a denial of service (CPU consumption or…
|
NVD-CWE-noinfo
|
CVE-2007-4788
|
2017-07-29 10:33 |
2007-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
