|
284881
|
- |
|
wwwisis
|
wwwisis
|
Directory traversal vulnerability in wxis.exe in WWWISIS 7.1 allows local users to read arbitrary files via a .. (dot dot) in the IsisScript parameter to iah.
|
CWE-22
Path Traversal
|
CVE-2007-5484
|
2018-10-16 06:45 |
2007-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284882
|
- |
|
sitebar
|
sitebar
|
Static code injection vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to execute arbitrary PHP code via the value parameter.
|
CWE-94
Code Injection
|
CVE-2007-5492
|
2018-10-16 06:45 |
2007-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284883
|
- |
|
sitebar
|
sitebar
|
Refer to:
http://sitebar.org/downloads.php and
http://teamforge.net/viewcvs/viewcvs.cgi/tags/release-3.3.9/doc/history.txt?view=markup for patch information.
|
CWE-94
Code Injection
|
CVE-2007-5492
|
2018-10-16 06:45 |
2007-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284884
|
- |
|
microsoft
|
windows_mobile
|
The SMS handler for Windows Mobile 2005 Pocket PC Phone edition allows attackers to hide the sender field of an SMS message via a malformed WAP PUSH message that causes the PDU to be incorrectly deco…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-5493
|
2018-10-16 06:45 |
2007-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284885
|
- |
|
oracle
|
database_server
|
Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+ and 10.1.0.5 unknown impact and remote attack vectors, related to (1) Import (DB01) and (2) Advanced Queuing (DB25). NOTE: as of 2007…
|
NVD-CWE-noinfo
|
CVE-2007-5504
|
2018-10-16 06:45 |
2007-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284886
|
- |
|
oracle
|
database_server
|
The Core RDBMS component in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote attackers to cause a denial of service (CPU consumption) via a crafted type 6 Data packe…
|
CWE-399
Resource Management Errors
|
CVE-2007-5506
|
2018-10-16 06:45 |
2007-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284887
|
- |
|
oracle
|
database_server
|
The GIOP service in TNS Listener in the Oracle Net Services component in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote attackers to cause a denial of service (cra…
|
CWE-119
CWE-20
Incorrect Access of Indexable Resource ('Range Error')
Improper Input Validation
|
CVE-2007-5507
|
2018-10-16 06:45 |
2007-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284888
|
- |
|
oracle
|
database_server
|
Multiple SQL injection vulnerabilities in the CTXSYS Intermedia application for the Oracle Text component (CTX_DOC) in Oracle Database 10.1.0.5 and 10.2.0.3 allow remote authenticated users to execut…
|
CWE-89
SQL Injection
|
CVE-2007-5508
|
2018-10-16 06:45 |
2007-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284889
|
- |
|
oracle
|
database_server
|
SQL injection vulnerability in Workspace Manager for Oracle Database before OWM 10.2.0.4.1, OWM 10.1.0.8.0, and OWM 9.2.0.8.0 allows attackers to execute arbitrary SQL commands via the FINDRICSET pro…
|
CWE-89
SQL Injection
|
CVE-2007-5511
|
2018-10-16 06:45 |
2007-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284890
|
- |
|
oracle
|
database_server
|
The XML DB (XMLDB) component in Oracle Database 9.2.0.8, 9.2.0.8DV, and 10.1.0.5 generates incorrect audit entries in the USERID column in which (1) long usernames are trimmed to 5 characters, or (2)…
|
NVD-CWE-Other
|
CVE-2007-5513
|
2018-10-16 06:45 |
2007-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
