|
284891
|
- |
|
sitebar
|
sitebar
|
Multiple cross-site scripting (XSS) vulnerabilities in SiteBar 3.3.8 allow remote attackers to inject arbitrary web script or HTML via (1) the lang parameter to integrator.php; (2) the token paramete…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5692
|
2018-10-16 06:46 |
2007-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284892
|
- |
|
sitebar
|
sitebar
|
Eval injection vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to execute arbitrary PHP code via the edit parameter in an upd cmd action, a…
|
CWE-94
Code Injection
|
CVE-2007-5693
|
2018-10-16 06:46 |
2007-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284893
|
- |
|
sitebar
|
sitebar
|
Absolute path traversal vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to read arbitrary files via an absolute path in the dir parameter, …
|
CWE-22
Path Traversal
|
CVE-2007-5694
|
2018-10-16 06:46 |
2007-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284894
|
- |
|
sitebar
|
sitebar
|
Open redirect vulnerability in command.php in SiteBar 3.3.8 allows remote attackers to redirect users to arbitrary web sites via a URL in the forward parameter in a Log In action.
|
CWE-59
Link Following
|
CVE-2007-5695
|
2018-10-16 06:46 |
2007-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284895
|
- |
|
phpbasic
|
phpbasic
|
PHP remote file inclusion vulnerability in includes.php in phpBasic allows remote attackers to execute arbitrary PHP code via a URL in the root parameter, possibly related to the Music module.
|
CWE-94
Code Injection
|
CVE-2007-5696
|
2018-10-16 06:46 |
2007-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284896
|
- |
|
novell
|
opensuse_swamp
|
Cross-site scripting (XSS) vulnerability in swamp/action/LoginActions (aka the login box) in the Novell OpenSUSE SWAMP Workflow Administration and Management Platform 1.x allows remote attackers to i…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5702
|
2018-10-16 06:46 |
2007-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284897
|
- |
|
rsa
|
keon_registration_authority_web_interface
|
Multiple cross-site scripting (XSS) vulnerabilities in (1) Request-spk.xuda and (2) Add-msie-request.xuda in RSA KEON Registration Authority Web Interface 1.0 allow remote attackers to inject arbitra…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5703
|
2018-10-16 06:46 |
2007-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284898
|
- |
|
codewidgets
|
online_event_registration_template
|
Multiple SQL injection vulnerabilities in CodeWidgets.com Online Event Registration Template allow remote attackers to execute arbitrary SQL commands via the (1) Email Address and (2) Password fields…
|
CWE-89
SQL Injection
|
CVE-2007-5704
|
2018-10-16 06:46 |
2007-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284899
|
- |
|
jeeblestechnology
|
jeebles_directory
|
Absolute path traversal vulnerability in download.php in Jeebles Directory 2.9.60 allows remote attackers to read arbitrary files via a full pathname in the query string. NOTE: some of these details…
|
CWE-22
Path Traversal
|
CVE-2007-5706
|
2018-10-16 06:46 |
2007-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284900
|
- |
|
wordpress
|
wordpress
|
Cross-site scripting (XSS) vulnerability in wp-admin/edit-post-rows.php in WordPress 2.3 allows remote attackers to inject arbitrary web script or HTML via the posts_columns array parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2007-5710
|
2018-10-16 06:46 |
2007-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
