|
298541
|
- |
|
dotproject
|
dotproject
|
dotProject before 2.1 does not properly check privileges when invoking the Companies module, which allows remote attackers to access this module via a crafted URL. NOTE: some of these details are ob…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-5486
|
2017-07-29 10:33 |
2007-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298542
|
- |
|
asterisk
|
asterisk-addons
|
Multiple SQL injection vulnerabilities in cdr_addon_mysql in Asterisk-Addons before 1.2.8, and 1.4.x before 1.4.4, allow remote attackers to execute arbitrary SQL commands via the (1) source and (2) …
|
CWE-89
SQL Injection
|
CVE-2007-5488
|
2017-07-29 10:33 |
2007-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298543
|
- |
|
openssl
|
fips_object_module
|
The PRNG implementation for the OpenSSL FIPS Object Module 1.1.1 does not perform auto-seeding during the FIPS self-test, which generates random data that is more predictable than expected and makes …
|
CWE-310
Cryptographic Issues
|
CVE-2007-5502
|
2017-07-29 10:33 |
2007-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298544
|
- |
|
runcms
|
runcms
|
Unspecified vulnerability in newbb_plus in RunCms 1.5.2 has unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2007-5535
|
2017-07-29 10:33 |
2007-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298545
|
- |
|
cisco
|
unified_callmanager
unified_communications_manager
|
Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(2), and Unified CallManager 5.0, allow remote attackers to cause a denial of service (kernel panic) via a flood of SIP…
|
CWE-399
Resource Management Errors
|
CVE-2007-5537
|
2017-07-29 10:33 |
2007-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298546
|
- |
|
cisco
|
unified_callmanager
unified_communications_manager
|
Buffer overflow in the Centralized TFTP File Locator Service in Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(3), and Unified CallManager 5.0, allows remote attacke…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-5538
|
2017-07-29 10:33 |
2007-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298547
|
- |
|
cisco
|
unified_contact_center_enterprise
unified_contact_center_hosted
unified_icm_hosted
unified_intelligent_contact_management_enterprise
|
Unspecified vulnerability in Cisco Unified Intelligent Contact Management Enterprise (ICME), Unified ICM Hosted (ICMH), Unified Contact Center Enterprise (UCCE), Unified Contact Center Hosted (UCCH),…
|
NVD-CWE-noinfo
|
CVE-2007-5539
|
2017-07-29 10:33 |
2007-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298548
|
- |
|
opera
|
opera_browser
|
Unspecified vulnerability in Opera before 9.24, when using an "external" newsgroup or e-mail client, allows remote attackers to execute arbitrary commands via unknown vectors.
|
CWE-20
Improper Input Validation
|
CVE-2007-5541
|
2017-07-29 10:33 |
2007-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298549
|
- |
|
netgear
|
ssl312
|
Cross-site scripting (XSS) vulnerability in cgi-bin/welcome (aka the login page) in Netgear SSL312 PROSAFE SSL VPN-Concentrator 25 allows remote attackers to inject arbitrary web script or HTML via t…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5562
|
2017-07-29 10:33 |
2007-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298550
|
- |
|
galmeta
|
galmeta_post
|
PHP remote file inclusion vulnerability in _lib/fckeditor/upload_config.php in Galmeta Post 0.11 allows remote attackers to execute arbitrary PHP code via a URL in the DDS parameter.
|
CWE-94
Code Injection
|
CVE-2007-5567
|
2017-07-29 10:33 |
2007-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
