|
284981
|
- |
|
mozilla
|
firefox
seamonkey
|
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 can hide the window's titlebar when displaying XUL markup language documents, which makes it easier for remote attackers to conduct phishing …
|
CWE-16
Configuration
|
CVE-2007-5334
|
2018-10-16 06:42 |
2007-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284982
|
- |
|
i-systems_inc.
|
feedreader
|
Cross-zone scripting vulnerability in the internal browser in i-Systems Feedreader 3.10 allows remote attackers to inject arbitrary web script or HTML via an item in a feed, as demonstrated by a Word…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5161
|
2018-10-16 06:41 |
2007-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284983
|
- |
|
ruby-lang
|
ruby
|
The connect method in lib/net/http.rb in the (1) Net::HTTP and (2) Net::HTTPS libraries in Ruby 1.8.5 and 1.8.6 does not verify that the commonName (CN) field in a server certificate matches the doma…
|
CWE-287
Improper Authentication
|
CVE-2007-5162
|
2018-10-16 06:41 |
2007-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284984
|
- |
|
openid
phpbb
|
openid
phpbb
|
PHP remote file inclusion vulnerability in includes/openid/Auth/OpenID/BBStore.php in phpBB Openid 0.2.0 allows remote attackers to execute arbitrary PHP code via a URL in the openid_root_path parame…
|
CWE-94
Code Injection
|
CVE-2007-5173
|
2018-10-16 06:41 |
2007-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284985
|
- |
|
smbftpd
|
smbftpd
|
Format string vulnerability in the SMBDirList function in dirlist.c in SmbFTPD 0.96 allows remote attackers to execute arbitrary code via format string specifiers in a directory name.
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2007-5184
|
2018-10-16 06:41 |
2007-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284986
|
- |
|
x-script
|
guestbook
|
Multiple SQL injection vulnerabilities in mes_add.php in x-script GuestBook 1.3a, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) name, (2) ema…
|
CWE-89
SQL Injection
|
CVE-2007-5189
|
2018-10-16 06:41 |
2007-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284987
|
- |
|
alcatel-lucent
|
omnivista
|
Multiple cross-site scripting (XSS) vulnerabilities in Alcatel OmniVista 4760 R4.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the action parameter to php-bin/We…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5190
|
2018-10-16 06:41 |
2007-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284988
|
- |
|
rpath
|
rmake
|
The Chroot server in rMake 1.0.11 creates a /dev/zero device file with read/write permissions for the rMake user and the same minor device number as /dev/port, which might allow local users to gain r…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-5194
|
2018-10-16 06:41 |
2007-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284989
|
- |
|
axis
|
2100_network_camera
2100_network_camera_firmware
|
Multiple cross-site scripting (XSS) vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware before 2.43 allow remote attackers to inject arbitrary web script or HTML via (1) parameters ass…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5212
|
2018-10-16 06:41 |
2007-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284990
|
- |
|
axis
|
2100_network_camera
2100_network_camera_firmware
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware 2.43 and earlier allow remote attackers to perform actions as administrators, as demonstr…
|
CWE-352
Origin Validation Error
|
CVE-2007-5213
|
2018-10-16 06:41 |
2007-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
