|
285371
|
- |
|
berthanas_ziyaretci
|
defteri
|
Multiple SQL injection vulnerabilities in yonetici.asp in Berthanas Ziyaretci Defteri 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) user and (2) Pass fields.
|
NVD-CWE-Other
|
CVE-2007-4119
|
2018-10-16 06:33 |
2007-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285372
|
- |
|
e-commerce_solutions
|
auction_script
multi-vendor_e-shop_script
shopping_cart_script
|
Multiple SQL injection vulnerabilities in admin.aspx in E-Commerce Scripts Shopping Cart Script, Multi-Vendor E-Shop Script, and Auction Script allow remote attackers to execute arbitrary SQL command…
|
NVD-CWE-Other
|
CVE-2007-4121
|
2018-10-16 06:33 |
2007-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285373
|
- |
|
gnu
|
tar
|
Directory traversal vulnerability in the contains_dot_dot function in src/names.c in GNU tar allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) …
|
NVD-CWE-Other
|
CVE-2007-4131
|
2018-10-16 06:33 |
2007-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285374
|
- |
|
redhat
|
fedora
|
Directory traversal vulnerability in extract.c in star before 1.5a84 allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory s…
|
CWE-22
Path Traversal
|
CVE-2007-4134
|
2018-10-16 06:33 |
2007-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285375
|
- |
|
samba
|
samba
|
The Winbind nss_info extension (nsswitch/idmap_ad.c) in idmap_ad.so in Samba 3.0.25 through 3.0.25c, when the "winbind nss info" option is set to rfc2307 or sfu, grants all local users the privileges…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-4138
|
2018-10-16 06:33 |
2007-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285376
|
- |
|
phpcoupon
|
phpcoupon
|
user.php in the Billing Control Panel in phpCoupon allows remote authenticated users to obtain Premium Member status, and possibly acquire free coupons, via a modified URL containing a certain billin…
|
NVD-CWE-Other
|
CVE-2007-4143
|
2018-10-16 06:33 |
2007-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285377
|
- |
|
mitridat
|
form_processor_pro
|
Cross-site scripting (XSS) vulnerability in sample-forms/simple-contact-form-with-preview/simple-contact-form-with-preview.html in MitriDAT eMail Form Processor Pro allows remote attackers to inject …
|
CWE-79
Cross-site Scripting
|
CVE-2007-4144
|
2018-10-16 06:33 |
2007-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285378
|
- |
|
bluesky
|
blueskychat
|
Heap-based buffer overflow in the BlueSkychat (BlueSkyCat) ActiveX control (V2.V2Ctrl.1) in v2.ocx 8.1.2.0 and earlier allows remote attackers to execute arbitrary code via a long string in the secon…
|
NVD-CWE-Other
|
CVE-2007-4145
|
2018-10-16 06:33 |
2007-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285379
|
- |
|
woliocms
|
woliocms
|
Multiple SQL injection vulnerabilities in wolioCMS allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to member.php in a page action, related to a SELECT statement in c…
|
NVD-CWE-Other
|
CVE-2007-4156
|
2018-10-16 06:33 |
2007-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285380
|
- |
|
phpblogger
|
php-blogger
|
PHPBlogger stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing an admin password hash via a direct reques…
|
NVD-CWE-Other
|
CVE-2007-4157
|
2018-10-16 06:33 |
2007-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
