|
298931
|
- |
|
hitachi
|
cosminexus_application_server
cosminexus_collaboration_portal
cosminexus_developer
cosminexus_erp_integrator
cosminexus_opentp1_web_front-end_set
electronic_form_workflow
groupmax_c…
|
The session failover function in Cosminexus Component Container in Cosminexus 6, 6.7, and 7 before 20070731, as used in multiple Hitachi products, can use session data for the wrong user under unspec…
|
NVD-CWE-Other
|
CVE-2007-4124
|
2017-07-29 10:32 |
2007-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298932
|
- |
|
wordpress
|
wordpress
|
Cross-site scripting (XSS) vulnerability in the Temporary Uploads editing functionality (wp-admin/includes/upload.php) in WordPress 2.2.1, allows remote attackers to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2007-4139
|
2017-07-29 10:32 |
2007-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298933
|
- |
|
openrat
|
openrat_cms
|
OpenRat CMS 0.8-beta1 and earlier allows remote attackers to obtain sensitive information via a request containing an XSS sequence in the action parameter to index.php, which reveals the path in an e…
|
NVD-CWE-Other
|
CVE-2007-4141
|
2017-07-29 10:32 |
2007-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298934
|
- |
|
ibm
|
lotus_sametime
|
Cross-site scripting (XSS) vulnerability in IBM Lotus Sametime Server 7.5.1 before 20070731 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a crafted …
|
NVD-CWE-Other
|
CVE-2007-4142
|
2017-07-29 10:32 |
2007-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298935
|
- |
|
wordpress
|
wordpress
|
Multiple cross-site scripting (XSS) vulnerabilities in WordPress 2.2.1 allow remote authenticated administrators to inject arbitrary web script or HTML via (1) the Options Database Table in the Admin…
|
NVD-CWE-Other
|
CVE-2007-4153
|
2017-07-29 10:32 |
2007-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298936
|
- |
|
wordpress
|
wordpress
|
SQL injection vulnerability in options.php in WordPress 2.2.1 allows remote authenticated administrators to execute arbitrary SQL commands via the page_options parameter to (1) options-general.php, (…
|
NVD-CWE-Other
|
CVE-2007-4154
|
2017-07-29 10:32 |
2007-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298937
|
- |
|
sun
|
java_system_web_server
|
CRLF injection vulnerability in the redirect feature in Sun Java System Web Server 6.1 and 7.0 before 20070802, when the redirect Server Application Function (SAF) uses the url-prefix parameter and e…
|
NVD-CWE-Other
|
CVE-2007-4164
|
2017-07-29 10:32 |
2007-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298938
|
- |
|
wordpress
|
unamed_theme
unamed_theme_se
|
Cross-site scripting (XSS) vulnerability in index.php in the Unnamed theme 1.217, and Special Edition (SE) 1.02, before 20070804 for WordPress allows remote attackers to inject arbitrary web script o…
|
NVD-CWE-Other
|
CVE-2007-4166
|
2017-07-29 10:32 |
2007-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298939
|
- |
|
open_webmail
|
open_webmail
|
Multiple cross-site scripting (XSS) vulnerabilities in Open Webmail (OWM) 2.52 20060831 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) searchtype, (2) longpage,…
|
CWE-79
Cross-site Scripting
|
CVE-2007-4172
|
2017-07-29 10:32 |
2007-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298940
|
- |
|
tor
|
tor
|
Tor before 0.1.2.16, when ControlPort is enabled, does not properly restrict commands to localhost port 9051, which allows remote attackers to modify the torrc configuration file, compromise anonymit…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-4174
|
2017-07-29 10:32 |
2007-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
