|
294031
|
- |
|
mambads
mambo
|
mambads
mambo
|
SQL injection vulnerability in index.php in the MambAds (com_mambads) 1.5 and earlier component for Mambo allows remote attackers to execute arbitrary SQL commands via the caid parameter.
|
CWE-89
SQL Injection
|
CVE-2007-5177
|
2017-09-29 10:29 |
2007-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294032
|
- |
|
mxbb
|
mx_glance
|
contrib/mx_glance_sdesc.php in the mx_glance 2.3.3 module for mxBB places a critical security check within a comment because of a missing comment delimiter, which allows remote attackers to conduct r…
|
CWE-94
Code Injection
|
CVE-2007-5178
|
2017-09-29 10:29 |
2007-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294033
|
- |
|
phpwcms-xt
|
phpwcms-xt
|
Multiple PHP remote file inclusion vulnerabilities in phpWCMS XT 0.0.7 BETA and earlier allow remote attackers to execute arbitrary PHP code via a URL in the HTML_MENU_DirPath parameter to (1) config…
|
CWE-94
Code Injection
|
CVE-2007-5185
|
2017-09-29 10:29 |
2007-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294034
|
- |
|
segue_cms
|
segue_cms
|
PHP remote file inclusion vulnerability in index.php in Segue CMS 1.8.4 and earlier, when register_globals is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the themesdi…
|
CWE-94
Code Injection
|
CVE-2007-5186
|
2017-09-29 10:29 |
2007-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294035
|
- |
|
cyberlink
|
powerdvd
|
Directory traversal vulnerability in the CLAVSetting.CLSetting.1 ActiveX control in CLAVSetting.DLL 1.00.1829 in the CLAVSetting module in CyberLink PowerDVD 7.0 allows remote attackers to create or …
|
CWE-22
Path Traversal
|
CVE-2007-5219
|
2017-09-29 10:29 |
2007-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294036
|
- |
|
poppawid
|
poppawid
|
PHP remote file inclusion vulnerability in mail/childwindow.inc.php in Poppawid 2.7 allows remote attackers to execute arbitrary PHP code via a URL in the form parameter.
|
CWE-94
Code Injection
|
CVE-2007-5221
|
2017-09-29 10:29 |
2007-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294037
|
- |
|
deonixscripts
|
web_template_management_system
|
SQL injection vulnerability in index.php in Web Template Management System 1.3 allows remote attackers to execute arbitrary SQL commands via the id parameter in a readmore action.
|
CWE-89
SQL Injection
|
CVE-2007-5233
|
2017-09-29 10:29 |
2007-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294038
|
- |
|
sun
|
jdk
jre
|
Java Web Start in Sun JDK and JRE 6 Update 2 and earlier does not properly enforce access restrictions for untrusted applications, which allows user-assisted remote attackers to read and modify local…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-5237
|
2017-09-29 10:29 |
2007-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294039
|
- |
|
edraw
|
office_viewer_component
|
Stack-based buffer overflow in the EDraw.OfficeViewer ActiveX control in officeviewer.ocx in EDraw Office Viewer Component 5.3.220.1 and earlier allows remote attackers to execute arbitrary code via …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-5257
|
2017-09-29 10:29 |
2007-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294040
|
- |
|
iscripts
|
multicart
|
Multiple SQL injection vulnerabilities in MultiCart 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) catid parameter to categorydetail.php and the (2) ddlCategory parameter to…
|
CWE-89
SQL Injection
|
CVE-2007-5261
|
2017-09-29 10:29 |
2007-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
