|
299831
|
- |
|
bti-tracker
|
bti-tracker
|
details.php in BtiTracker before 1.4.5, when torrent viewing is disabled for guests, allows remote attackers to bypass protection mechanisms via a direct request, as demonstrated by (1) reading the d…
|
CWE-287
CWE-264
Improper Authentication
Permissions, Privileges, and Access Controls
|
CVE-2007-5987
|
2017-07-29 10:33 |
2007-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299832
|
- |
|
bti-tracker
|
bti-tracker
|
blocks/shoutbox_block.php in BtiTracker 1.4.4 does not verify user accounts, which allows remote attackers to post shoutbox entries as arbitrary users via a modified nick field.
|
CWE-287
CWE-255
CWE-264
Improper Authentication
Credentials Management
Permissions, Privileges, and Access Controls
|
CVE-2007-5988
|
2017-07-29 10:33 |
2007-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299833
|
- |
|
bandersnatch
|
bandersnatch
|
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Bandersnatch 0.4 allow remote attackers to inject arbitrary web script or HTML via the (1) func or (2) date parameter, or the jid p…
|
CWE-79
Cross-site Scripting
|
CVE-2007-6001
|
2017-07-29 10:33 |
2007-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299834
|
- |
|
fenrir
|
grani
sleipnir
|
Cross-site scripting (XSS) vulnerability in Fenriru (1) Sleipnir 2.5.17 R2 and earlier and (2) Grani 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the Search fiel…
|
CWE-79
Cross-site Scripting
|
CVE-2007-6002
|
2017-07-29 10:33 |
2007-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299835
|
- |
|
thomson
|
speedtouch
|
Cross-site scripting (XSS) vulnerability in cgi/b/ic/connect in the Thomson SpeedTouch 716 with firmware 5.4.0.14 allows remote attackers to inject arbitrary web script or HTML via the url parameter.…
|
CWE-79
Cross-site Scripting
|
CVE-2007-6003
|
2017-07-29 10:33 |
2007-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299836
|
- |
|
webex_communications
|
webex_gpccontainer_activex_control
|
Unspecified vulnerability in the GpcContainer.GpcContainer.1 ActiveX control in WebEx allows remote attackers to cause a denial of service (memory access violation and crash) via (1) an invalid argum…
|
CWE-399
Resource Management Errors
|
CVE-2007-6005
|
2017-07-29 10:33 |
2007-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299837
|
- |
|
horde
|
framework
groupware_webmail_edition
horde
imp
|
IMP Webmail Client 4.1.5, Horde Application Framework 3.1.5, and Horde Groupware Webmail Edition 1.0.3 does not validate unspecified HTTP requests, which allows remote attackers to (1) delete arbitra…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-6018
|
2017-07-29 10:33 |
2008-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299838
|
- |
|
atom
|
photoblog
|
Multiple cross-site scripting (XSS) vulnerabilities in atomPhotoBlog.php in Atom PhotoBlog 1.0.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) Your Name, (2) Y…
|
NVD-CWE-Other
|
CVE-2007-3134
|
2017-07-29 10:32 |
2007-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299839
|
- |
|
opera
|
opera_browser
|
Visual truncation vulnerability in Opera 9.21 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after 34 characters, as de…
|
NVD-CWE-Other
|
CVE-2007-3142
|
2017-07-29 10:32 |
2007-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299840
|
- |
|
kde
|
konqueror
|
Visual truncation vulnerability in Konqueror 3.5.5 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after a certain numbe…
|
NVD-CWE-Other
|
CVE-2007-3143
|
2017-07-29 10:32 |
2007-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
