|
284711
|
- |
|
snitz_communications
|
snitz_forums_2000
|
SQL injection vulnerability in active.asp in Snitz Forums 2000 3.4.06 allows remote attackers to execute arbitrary SQL commands via the BuildTime parameter.
|
CWE-89
SQL Injection
|
CVE-2007-6240
|
2018-10-16 06:51 |
2007-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284712
|
- |
|
oracle
|
database_server
|
The installation process for Oracle 10g and llg uses accounts with default passwords, which allows remote attackers to obtain login access by connecting to the Listener. NOTE: at the end of the inst…
|
CWE-255
Credentials Management
|
CVE-2007-6260
|
2018-10-16 06:51 |
2007-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284713
|
- |
|
videolan
|
vlc_media_player
|
A certain ActiveX control in axvlc.dll in VideoLAN VLC 0.8.6 before 0.8.6d allows remote attackers to execute arbitrary code via crafted arguments to the (1) addTarget, (2) getVariable, or (3) setVar…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-6262
|
2018-10-16 06:51 |
2007-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284714
|
- |
|
xigla
|
absolute_news_manager.net
|
Absolute News Manager.NET 5.1 allows remote attackers to obtain sensitive information via a direct request to getpath.aspx, which reveals the installation path in an error message.
|
CWE-20
Improper Input Validation
|
CVE-2007-6271
|
2018-10-16 06:51 |
2007-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284715
|
- |
|
joomla
|
joomla
|
Multiple SQL injection vulnerabilities in index.php in Joomla! 1.5 RC3 allow remote attackers to execute arbitrary SQL commands via (1) the view parameter to the com_content component, (2) the task p…
|
CWE-89
SQL Injection
|
CVE-2007-6272
|
2018-10-16 06:51 |
2007-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284716
|
- |
|
flac
|
libflac
|
Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1 allows user-assisted remote attackers to force a client to download arbitrary files via the MIME-Type URL flag (-->) for the FLAC image file in a…
|
CWE-264
CWE-20
Permissions, Privileges, and Access Controls
Improper Input Validation
|
CVE-2007-6278
|
2018-10-16 06:51 |
2007-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284717
|
- |
|
flac
|
libflac
|
Multiple double free vulnerabilities in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via malformed (1) Seektable values or (2) …
|
CWE-399
Resource Management Errors
|
CVE-2007-6279
|
2018-10-16 06:51 |
2007-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284718
|
- |
|
flac
|
libflac
|
Multiple buffer overflows in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via large (1) Metadata Block Size, (2) VORBIS Comment…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-6277
|
2018-10-16 06:51 |
2007-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284719
|
- |
|
phpmychat
|
phpmychat
|
PHP remote file inclusion vulnerability in users_popupL.php3 in phpMyChat 0.14.5 allows remote attackers to execute arbitrary PHP code via a URL in the From parameter.
|
NVD-CWE-noinfo
CWE-94
Code Injection
|
CVE-2007-6296
|
2018-10-16 06:51 |
2007-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284720
|
- |
|
open_newsletter
|
open_newsletter
|
Cross-site scripting (XSS) vulnerability in compose.php in OpenNewsletter 2.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the type parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2007-6301
|
2018-10-16 06:51 |
2007-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
