|
284691
|
- |
|
badblue
|
badblue
|
Stack-based buffer overflow in the PassThru functionality in ext.dll in BadBlue 2.72b and earlier allows remote attackers to execute arbitrary code via a long query string.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-6377
|
2018-10-16 06:52 |
2007-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284692
|
- |
|
badblue
|
badblue
|
Directory traversal vulnerability in upload.dll in BadBlue 2.72b and earlier allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the filename parameter.
|
CWE-22
Path Traversal
|
CVE-2007-6378
|
2018-10-16 06:52 |
2007-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284693
|
- |
|
badblue
|
badblue
|
BadBlue 2.72b and earlier allows remote attackers to obtain sensitive information via an invalid browse parameter, which reveals the installation path in an error message.
|
CWE-16
Configuration
|
CVE-2007-6379
|
2018-10-16 06:52 |
2007-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284694
|
- |
|
flat_php
|
board
|
Flat PHP Board 1.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain credentials via a direct request for the usern…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-6395
|
2018-10-16 06:52 |
2007-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284695
|
- |
|
myupb
|
flat_php_board
|
Direct static code injection vulnerability in index.php in Flat PHP Board 1.2 and earlier allows remote attackers to inject arbitrary PHP code via the (1) username, (2) password, and (3) email parame…
|
CWE-94
Code Injection
|
CVE-2007-6396
|
2018-10-16 06:52 |
2007-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284696
|
- |
|
flat_php
|
board
|
Multiple directory traversal vulnerabilities in index.php in Flat PHP Board 1.2 and earlier allow remote attackers to (1) create arbitrary files via a .. (dot dot) in the username parameter when regi…
|
CWE-22
Path Traversal
|
CVE-2007-6397
|
2018-10-16 06:52 |
2007-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284697
|
- |
|
flat_php
|
board
|
Flat PHP Board 1.2 and earlier allows remote attackers to bypass authentication and obtain limited access to an arbitrary user account via the fpb_username cookie.
|
CWE-287
Improper Authentication
|
CVE-2007-6398
|
2018-10-16 06:52 |
2007-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284698
|
- |
|
myupb
|
flat_php_board
|
index.php in Flat PHP Board 1.2 and earlier allows remote authenticated users to obtain the password for the current user account by reading the password parameter value in the HTML source for the pa…
|
CWE-255
Credentials Management
|
CVE-2007-6399
|
2018-10-16 06:52 |
2007-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284699
|
- |
|
3ivx
microsoft
|
mpeg-4_codec
windows_media_player
|
Stack-based buffer overflow in mplayer2.exe in Microsoft Windows Media Player (WMP) 6.4, when used with the 3ivx 4.5.1 or 5.0.1 codec, allows remote attackers to execute arbitrary code via a certain …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-6401
|
2018-10-16 06:52 |
2007-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284700
|
- |
|
3ivx
guliverkli
|
mpeg-4_codec
media_player_classic
|
Stack-based buffer overflow in mplayerc.exe in Media Player Classic (MPC) 6.4.9, when used with the 3ivx 4.5.1 or 5.0.1 codec, allows remote attackers to execute arbitrary code via a certain .mp4 fil…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-6402
|
2018-10-16 06:52 |
2007-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
