|
285111
|
- |
|
quirm
|
saxon
|
SQL injection vulnerability in example.php in SAXON 5.4 allows remote attackers to execute arbitrary SQL commands via the template parameter.
|
CWE-89
SQL Injection
|
CVE-2007-4863
|
2018-10-16 06:38 |
2007-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285112
|
- |
|
simplenews
|
simplenews
|
SimpNews 2.41.03 allows remote attackers to obtain sensitive information via (1) an invalid lang parameter to admin/index.php; or a direct request to (2) admin/dbg_infos.php, (3) admin/heading.php, o…
|
NVD-CWE-Other
|
CVE-2007-4872
|
2018-10-16 06:38 |
2007-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285113
|
- |
|
simplenews
|
simplenews
|
SimpNews 2.41.03 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download arbitrary .inc files via a direct request, as demonstrated…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-4873
|
2018-10-16 06:38 |
2007-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285114
|
- |
|
boesch-it
|
simpnews
|
Multiple cross-site scripting (XSS) vulnerabilities in SimpNews 2.41.03 allow remote attackers to inject arbitrary web script or HTML via the (1) l_username parameter to admin/layout2b.php, and the (…
|
CWE-79
Cross-site Scripting
|
CVE-2007-4874
|
2018-10-16 06:38 |
2007-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285115
|
- |
|
psi-labs
|
social_networking_script_psisns
|
SQL injection vulnerability in profile/myprofile.php in psi-labs.com social networking script (psisns), probably 1.0, allows remote attackers to execute arbitrary SQL commands via the u parameter.
|
CWE-89
SQL Injection
|
CVE-2007-4881
|
2018-10-16 06:38 |
2007-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285116
|
- |
|
php
|
php
|
The dl function in PHP 5.2.4 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long string in the library parameter. NOTE: there are limited usage…
|
CWE-20
Improper Input Validation
|
CVE-2007-4887
|
2018-10-16 06:38 |
2007-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285117
|
- |
|
php
|
mysql_extension
php
|
The MySQL extension in PHP 5.2.4 and earlier allows remote attackers to bypass safe_mode and open_basedir restrictions via the MySQL (1) LOAD_FILE, (2) INTO DUMPFILE, and (3) INTO OUTFILE functions, …
|
NVD-CWE-Other
|
CVE-2007-4889
|
2018-10-16 06:38 |
2007-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285118
|
- |
|
toms-seiten.at
|
toms_gastenbuch
|
Multiple cross-site scripting (XSS) vulnerabilities in admin/header.php in Toms Gaestebuch 1.01 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) lang[adminseite],…
|
CWE-79
Cross-site Scripting
|
CVE-2007-4896
|
2018-10-16 06:38 |
2007-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285119
|
- |
|
ekiga
|
ekiga
|
pwlib, as used by Ekiga 2.0.5 and possibly other products, allows remote attackers to cause a denial of service (application crash) via a long argument to the PString::vsprintf function, related to a…
|
CWE-399
Resource Management Errors
|
CVE-2007-4897
|
2018-10-16 06:38 |
2007-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285120
|
- |
|
berkeley
|
boinc_forum
|
Multiple cross-site scripting (XSS) vulnerabilities in Boinc Forum 5.10.20 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to forum_forum.php, or th…
|
CWE-79
Cross-site Scripting
|
CVE-2007-4899
|
2018-10-16 06:38 |
2007-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
