|
284831
|
- |
|
jeeblestechnology
|
jeebles_directory
|
Absolute path traversal vulnerability in download.php in Jeebles Directory 2.9.60 allows remote attackers to read arbitrary files via a full pathname in the query string. NOTE: some of these details…
|
CWE-22
Path Traversal
|
CVE-2007-5706
|
2018-10-16 06:46 |
2007-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284832
|
- |
|
wordpress
|
wordpress
|
Cross-site scripting (XSS) vulnerability in wp-admin/edit-post-rows.php in WordPress 2.3 allows remote attackers to inject arbitrary web script or HTML via the posts_columns array parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2007-5710
|
2018-10-16 06:46 |
2007-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284833
|
- |
|
omnistar_interactive
|
omnistar_live
|
Multiple cross-site scripting (XSS) vulnerabilities in Omnistar Live allow remote attackers to inject arbitrary web script or HTML via (1) the category_id parameter to users/kb.php, and possibly (3) …
|
CWE-79
Cross-site Scripting
|
CVE-2007-5724
|
2018-10-16 06:46 |
2007-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284834
|
- |
|
smart-shop
|
smart-shop
|
Multiple cross-site scripting (XSS) vulnerabilities in Smart-Shop allow remote attackers to inject arbitrary web script or HTML via (1) the email parameter to index.php; or the command parameter to i…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5725
|
2018-10-16 06:46 |
2007-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284835
|
- |
|
oneorzero
|
oneorzero_helpdesk
|
Incomplete blacklist vulnerability in the stripScripts function in common.php in OneOrZero Helpdesk 1.6.5.4, 1.6.4.2, and possibly other versions, allows remote attackers to conduct cross-site script…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5727
|
2018-10-16 06:46 |
2007-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284836
|
- |
|
elouai
|
force_download
|
Directory traversal vulnerability in downloadfile.php in eLouai's Force Download of media files script, as available on 20071030 and earlier, allows remote attackers to read arbitrary files via the f…
|
CWE-22
Path Traversal
|
CVE-2007-5732
|
2018-10-16 06:46 |
2007-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284837
|
- |
|
japanese_php_gallery_hosting
|
japanese_php_gallery_hosting
|
Unrestricted file upload vulnerability in upload/upload.php in Japanese PHP Gallery Hosting, when Open directory mode is enabled, allows remote attackers to upload and execute arbitrary PHP code via …
|
CWE-94
CWE-20
Code Injection
Improper Input Validation
|
CVE-2007-5733
|
2018-10-16 06:46 |
2007-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284838
|
- |
|
efileman
|
efileman
|
Unrestricted file upload vulnerability in eFileMan 7.1.0.87-88 allows remote attackers to upload arbitrary files, with "uploads/upload_file." destination filenames, via unspecified vectors to upload.…
|
CWE-20
Improper Input Validation
|
CVE-2007-5734
|
2018-10-16 06:46 |
2007-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284839
|
- |
|
efileman
|
efileman
|
eFileMan 7.1.0.87-88 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain unspecified user information via a direct request for cg…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-5735
|
2018-10-16 06:46 |
2007-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284840
|
- |
|
seeblick
|
seeblick
|
Unrestricted file upload vulnerability in upload.php in SeeBlick 1.0 Beta allows remote attackers to upload arbitrary files via unspecified vectors. NOTE: these files are stored with .html extension…
|
CWE-20
Improper Input Validation
|
CVE-2007-5736
|
2018-10-16 06:46 |
2007-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
