|
285051
|
- |
|
ruby-lang
|
ruby
|
The connect method in lib/net/http.rb in the (1) Net::HTTP and (2) Net::HTTPS libraries in Ruby 1.8.5 and 1.8.6 does not verify that the commonName (CN) field in a server certificate matches the doma…
|
CWE-287
Improper Authentication
|
CVE-2007-5162
|
2018-10-16 06:41 |
2007-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285052
|
- |
|
openid
phpbb
|
openid
phpbb
|
PHP remote file inclusion vulnerability in includes/openid/Auth/OpenID/BBStore.php in phpBB Openid 0.2.0 allows remote attackers to execute arbitrary PHP code via a URL in the openid_root_path parame…
|
CWE-94
Code Injection
|
CVE-2007-5173
|
2018-10-16 06:41 |
2007-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285053
|
- |
|
smbftpd
|
smbftpd
|
Format string vulnerability in the SMBDirList function in dirlist.c in SmbFTPD 0.96 allows remote attackers to execute arbitrary code via format string specifiers in a directory name.
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2007-5184
|
2018-10-16 06:41 |
2007-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285054
|
- |
|
x-script
|
guestbook
|
Multiple SQL injection vulnerabilities in mes_add.php in x-script GuestBook 1.3a, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) name, (2) ema…
|
CWE-89
SQL Injection
|
CVE-2007-5189
|
2018-10-16 06:41 |
2007-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285055
|
- |
|
alcatel-lucent
|
omnivista
|
Multiple cross-site scripting (XSS) vulnerabilities in Alcatel OmniVista 4760 R4.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the action parameter to php-bin/We…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5190
|
2018-10-16 06:41 |
2007-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285056
|
- |
|
rpath
|
rmake
|
The Chroot server in rMake 1.0.11 creates a /dev/zero device file with read/write permissions for the rMake user and the same minor device number as /dev/port, which might allow local users to gain r…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-5194
|
2018-10-16 06:41 |
2007-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285057
|
- |
|
axis
|
2100_network_camera
2100_network_camera_firmware
|
Multiple cross-site scripting (XSS) vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware before 2.43 allow remote attackers to inject arbitrary web script or HTML via (1) parameters ass…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5212
|
2018-10-16 06:41 |
2007-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285058
|
- |
|
axis
|
2100_network_camera
2100_network_camera_firmware
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware 2.43 and earlier allow remote attackers to perform actions as administrators, as demonstr…
|
CWE-352
Origin Validation Error
|
CVE-2007-5213
|
2018-10-16 06:41 |
2007-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285059
|
- |
|
axis
|
2100_network_camera
|
Multiple cross-site scripting (XSS) vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware 2.43 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5214
|
2018-10-16 06:41 |
2007-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285060
|
- |
|
don_barnes
|
drbguestbook
|
Cross-site scripting (XSS) vulnerability in index.php in Don Barnes DRBGuestbook 1.1.13 allows remote attackers to inject arbitrary web script or HTML via the action parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2007-5218
|
2018-10-16 06:41 |
2007-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
