|
284811
|
- |
|
skalinks
|
skalinks
|
Cross-site request forgery (CSRF) vulnerability in admin/admin_account.php in Skalinks 1.5 and earlier allows remote attackers to add arbitrary privileged accounts as administrators via the admin_nam…
|
CWE-352
Origin Validation Error
|
CVE-2007-5917
|
2018-10-16 06:47 |
2007-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284812
|
- |
|
ms_topsites
|
ms_topsites
|
Cross-site request forgery (CSRF) vulnerability in edit.php in the MS TopSites add-on for PHP-Nuke does not verify that the uname parameter matches the current account, which allows remote authentica…
|
CWE-352
Origin Validation Error
|
CVE-2007-5918
|
2018-10-16 06:47 |
2007-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284813
|
- |
|
mywebftp
|
mywebftp
|
MyWebFTP, possibly 5.3.2, stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain an MD5 password hash via a direct request for pass/…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-5919
|
2018-10-16 06:47 |
2007-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284814
|
- |
|
bitchx
cypress
|
bitchx
cypress
|
The modules/mdop.m in the Cypress 1.0k script for BitchX, as downloaded from a distribution site in November 2007, contains an externally introduced backdoor that e-mails sensitive information (hostn…
|
CWE-200
Information Exposure
|
CVE-2007-5922
|
2018-10-16 06:47 |
2007-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284815
|
- |
|
tetex
tug
|
tetex
texlive_2007
|
Stack-based buffer overflow in hpc.c in dvips in teTeX and TeXlive 2007 and earlier allows user-assisted attackers to execute arbitrary code via a DVI file with a long href tag.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-5935
|
2018-10-16 06:47 |
2007-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284816
|
- |
|
tetex
tug
|
tetex
texlive_2007
|
dvips in teTeX and TeXlive 2007 and earlier allows local users to obtain sensitive information and modify certain data by creating certain temporary files before they are processed by dviljk, which c…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-5936
|
2018-10-16 06:47 |
2007-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284817
|
- |
|
tetex
tug
|
tetex
texlive_2007
|
Multiple buffer overflows in dvi2xx.c in dviljk in teTeX and TeXlive 2007 and earlier might allow user-assisted attackers to execute arbitrary code via a crafted DVI input file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-5937
|
2018-10-16 06:47 |
2007-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284818
|
- |
|
simple_machines
|
simple_machines_forum
|
Simple Machines Forum (SMF) 1.1.4 allows remote attackers to read a message in private forums by using the advanced search module with the "show results as messages" option, then searching for possib…
|
CWE-16
Configuration
|
CVE-2007-5943
|
2018-10-16 06:47 |
2007-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284819
|
- |
|
mozilla
|
firefox
seamonkey
|
The jar protocol handler in Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 retrieves the inner URL regardless of its MIME type, and considers HTML documents within a jar archive to have t…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5947
|
2018-10-16 06:47 |
2007-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284820
|
- |
|
x.org
|
xserver
|
X.Org Xserver before 1.4.1 allows local users to determine the existence of arbitrary files via a filename argument in the -sp option to the X program, which produces different error messages dependi…
|
CWE-200
Information Exposure
|
CVE-2007-5958
|
2018-10-16 06:47 |
2008-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
