|
285121
|
- |
|
simpgb
|
simpgb
|
Multiple cross-site scripting (XSS) vulnerabilities in SimpGB 1.46.02 allow remote attackers to inject arbitrary web script or HTML via (1) the l_username parameter to the default URI under admin/ or…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5127
|
2018-10-16 06:40 |
2007-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285122
|
- |
|
boesch-it
php
|
simpnews
php
|
SimpNews 2.41.03 on Windows, when PHP before 5.0.0 is used, allows remote attackers to obtain sensitive information via an certain link_date parameter to events.php, which reveals the path in an erro…
|
CWE-20
Improper Input Validation
|
CVE-2007-5128
|
2018-10-16 06:40 |
2007-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285123
|
- |
|
boesch-it
|
simpgb
|
SimpGB 1.46.02 stores sensitive information under the web root with insufficient access control, which allows remote attackers to (1) obtain sensitive configuration information via a direct request f…
|
CWE-200
Information Exposure
|
CVE-2007-5129
|
2018-10-16 06:40 |
2007-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285124
|
- |
|
boesch-it
|
simpgb
|
SimpGB 1.46.02 allows remote attackers to obtain sensitive information via (1) an invalid lang parameter to admin/index.php or (2) a direct request to admin/trailer.php, which reveals the path in var…
|
CWE-20
Improper Input Validation
|
CVE-2007-5130
|
2018-10-16 06:40 |
2007-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285125
|
- |
|
interspire
|
activekb_nx
|
SQL injection vulnerability in index.php in Interspire ActiveKB NX 2.x allows remote attackers to execute arbitrary SQL commands via the catId parameter in a browse action. NOTE: it was separately r…
|
CWE-89
SQL Injection
|
CVE-2007-5131
|
2018-10-16 06:40 |
2007-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285126
|
- |
|
openssl
|
openssl
|
Off-by-one error in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that trigger…
|
CWE-189
Numeric Errors
|
CVE-2007-5135
|
2018-10-16 06:40 |
2007-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285127
|
- |
|
sitex
|
sitex_cms
|
SQL injection vulnerability in search.php in SiteX CMS 0.7.3 Beta allows remote attackers to execute arbitrary SQL commands via the search parameter.
|
CWE-89
SQL Injection
|
CVE-2007-5141
|
2018-10-16 06:40 |
2007-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285128
|
- |
|
north_country_public_radio
|
public_media_manager
|
PHP remote file inclusion vulnerability in NewsCMS/news/newstopic_inc.php in North Country Public Radio Public Media Manager (PMM) 1.3 allows remote attackers to execute arbitrary PHP code via a URL …
|
CWE-94
Code Injection
|
CVE-2007-5149
|
2018-10-16 06:40 |
2007-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285129
|
- |
|
nukescripts
|
nukesentinel
|
SQL injection vulnerability in the is_god function in includes/nukesentinel.php in NukeSentinel 2.5.11 allows remote attackers to execute arbitrary SQL commands via base64-encoded data in an admin co…
|
CWE-89
SQL Injection
|
CVE-2007-5150
|
2018-10-16 06:40 |
2007-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285130
|
- |
|
nukescripts
|
nukesentinel
|
SQL injection vulnerability in the abget_admin function in includes/nukesentinel.php in NukeSentinel 2.5.12 allows remote attackers to execute arbitrary SQL commands via base64-encoded data in an adm…
|
CWE-89
SQL Injection
|
CVE-2007-5151
|
2018-10-16 06:40 |
2007-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
