|
284901
|
- |
|
omnistar_interactive
|
omnistar_live
|
Multiple cross-site scripting (XSS) vulnerabilities in Omnistar Live allow remote attackers to inject arbitrary web script or HTML via (1) the category_id parameter to users/kb.php, and possibly (3) …
|
CWE-79
Cross-site Scripting
|
CVE-2007-5724
|
2018-10-16 06:46 |
2007-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284902
|
- |
|
smart-shop
|
smart-shop
|
Multiple cross-site scripting (XSS) vulnerabilities in Smart-Shop allow remote attackers to inject arbitrary web script or HTML via (1) the email parameter to index.php; or the command parameter to i…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5725
|
2018-10-16 06:46 |
2007-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284903
|
- |
|
oneorzero
|
oneorzero_helpdesk
|
Incomplete blacklist vulnerability in the stripScripts function in common.php in OneOrZero Helpdesk 1.6.5.4, 1.6.4.2, and possibly other versions, allows remote attackers to conduct cross-site script…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5727
|
2018-10-16 06:46 |
2007-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284904
|
- |
|
elouai
|
force_download
|
Directory traversal vulnerability in downloadfile.php in eLouai's Force Download of media files script, as available on 20071030 and earlier, allows remote attackers to read arbitrary files via the f…
|
CWE-22
Path Traversal
|
CVE-2007-5732
|
2018-10-16 06:46 |
2007-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284905
|
- |
|
japanese_php_gallery_hosting
|
japanese_php_gallery_hosting
|
Unrestricted file upload vulnerability in upload/upload.php in Japanese PHP Gallery Hosting, when Open directory mode is enabled, allows remote attackers to upload and execute arbitrary PHP code via …
|
CWE-94
CWE-20
Code Injection
Improper Input Validation
|
CVE-2007-5733
|
2018-10-16 06:46 |
2007-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284906
|
- |
|
efileman
|
efileman
|
Unrestricted file upload vulnerability in eFileMan 7.1.0.87-88 allows remote attackers to upload arbitrary files, with "uploads/upload_file." destination filenames, via unspecified vectors to upload.…
|
CWE-20
Improper Input Validation
|
CVE-2007-5734
|
2018-10-16 06:46 |
2007-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284907
|
- |
|
efileman
|
efileman
|
eFileMan 7.1.0.87-88 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain unspecified user information via a direct request for cg…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-5735
|
2018-10-16 06:46 |
2007-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284908
|
- |
|
seeblick
|
seeblick
|
Unrestricted file upload vulnerability in upload.php in SeeBlick 1.0 Beta allows remote attackers to upload arbitrary files via unspecified vectors. NOTE: these files are stored with .html extension…
|
CWE-20
Improper Input Validation
|
CVE-2007-5736
|
2018-10-16 06:46 |
2007-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284909
|
- |
|
ghlab
|
korean_ghboard
|
Unrestricted file upload vulnerability in component/upload.jsp in Korean GHBoard allows remote attackers to upload arbitrary files via unspecified vectors, probably involving a direct request.
|
CWE-94
CWE-20
Code Injection
Improper Input Validation
|
CVE-2007-5737
|
2018-10-16 06:46 |
2007-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284910
|
- |
|
ghlab
|
korean_ghboard
|
The FlashUpload component in Korean GHBoard uses a client-side protection mechanism to prevent uploading of dangerous file extensions, which allows remote attackers to bypass restrictions and upload …
|
CWE-20
Improper Input Validation
|
CVE-2007-5738
|
2018-10-16 06:46 |
2007-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
