|
294041
|
- |
|
trionic
|
cite_cms
|
Multiple PHP remote file inclusion vulnerabilities in Trionic Cite CMS 1.2 rev9 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the bField[bf_data] parameter to (1) inte…
|
CWE-94
Code Injection
|
CVE-2007-5271
|
2017-09-29 10:29 |
2007-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294042
|
- |
|
furkan_tastan_blog
|
furkan_tastan_blog
|
SQL injection vulnerability in kategori.asp in Furkan Tastan Blog allows remote attackers to execute arbitrary SQL commands via the id parameter in a goster kat action.
|
CWE-89
SQL Injection
|
CVE-2007-5272
|
2017-09-29 10:29 |
2007-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294043
|
- |
|
adobe
|
shockwave_player
|
The Adobe Macromedia Flash 9 plug-in allows remote attackers to cause a victim machine to establish TCP sessions with arbitrary hosts via a Flash (SWF) movie, related to lack of pinning of a hostname…
|
CWE-20
Improper Input Validation
|
CVE-2007-5275
|
2017-09-29 10:29 |
2007-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294044
|
- |
|
zomplog
|
zomplog
|
Zomplog 3.8.1 and earlier stores potentially sensitive information under the web root with insufficient access control, which allows remote attackers to download files that were uploaded by users, as…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-5278
|
2017-09-29 10:29 |
2007-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294045
|
- |
|
skadate
|
skadate_online_dating_software
|
Multiple directory traversal vulnerabilities in SkaDate 5.0 and 6.0, and possibly later versions such as 6.482, allow remote attackers to read arbitrary files via a .. (dot dot) in the view_mode para…
|
CWE-22
Path Traversal
|
CVE-2007-5299
|
2017-09-29 10:29 |
2007-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294046
|
- |
|
hp
|
hp-ux
|
Multiple cross-site scripting (XSS) vulnerabilities in HP System Management Homepage (SMH) in HP-UX B.11.11, B.11.23, and B.11.31, and SMH before 2.1.10 for Linux and Windows, allow remote attackers …
|
CWE-79
Cross-site Scripting
|
CVE-2007-5302
|
2017-09-29 10:29 |
2007-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294047
|
- |
|
php_homepage_m
|
php_homepage_m
|
SQL injection vulnerability in galerie.php in PHP Homepage M (phpHPm) 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a show …
|
CWE-89
SQL Injection
|
CVE-2007-5308
|
2017-09-29 10:29 |
2007-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294048
|
- |
|
joomla
webmaster-tips.net
|
joomla
flash_image_gallery
|
PHP remote file inclusion vulnerability in admin.wmtgallery.php in the webmaster-tips.net Flash Image Gallery (com_wmtgallery) 1.0 component for Joomla! allows remote attackers to execute arbitrary P…
|
CWE-94
Code Injection
|
CVE-2007-5309
|
2017-09-29 10:29 |
2007-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294049
|
- |
|
joomla
webmaster-tips.net
|
joomla
flash_image_gallery
|
PHP remote file inclusion vulnerability in admin.wmtportfolio.php in the webmaster-tips.net wmtportfolio 1.0 (com_wmtportfolio) component for Joomla! allows remote attackers to execute arbitrary PHP …
|
CWE-94
Code Injection
|
CVE-2007-5310
|
2017-09-29 10:29 |
2007-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294050
|
- |
|
script-solution.de
|
picturesolution
|
PHP remote file inclusion vulnerability in install/config.php in Picturesolution 2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path parameter.
|
CWE-94
Code Injection
|
CVE-2007-5313
|
2017-09-29 10:29 |
2007-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
