|
294231
|
- |
|
php_real_estate_classifieds
|
php_real_estate_classifieds_premium_plus
|
SQL injection vulnerability in fullnews.php in PHP Real Estate Classifieds allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2007-6462
|
2017-09-29 10:29 |
2007-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294232
|
- |
|
form_tools
|
form_tools
|
Multiple PHP remote file inclusion vulnerabilities in Form tools 1.5.0b allow remote attackers to execute arbitrary PHP code via a URL in the g_root_dir parameter to (1) admin_page_open.php and (2) c…
|
CWE-94
Code Injection
|
CVE-2007-6464
|
2017-09-29 10:29 |
2007-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294233
|
- |
|
freewebshop
|
freewebshop
|
Multiple SQL injection vulnerabilities in index.php in FreeWebshop 2.2.1 allow remote attackers to execute arbitrary SQL commands via (1) the prod parameter in a details action, (2) the cat parameter…
|
CWE-89
SQL Injection
|
CVE-2007-6466
|
2017-09-29 10:29 |
2007-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294234
|
- |
|
phpmyrealty
|
phpmyrealty
|
Multiple SQL injection vulnerabilities in phpMyRealty (PMR) 1.0.9 allow (1) remote attackers to execute arbitrary SQL commands via the type parameter to search.php and (2) remote authenticated admini…
|
CWE-89
SQL Injection
|
CVE-2007-6472
|
2017-09-29 10:29 |
2007-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294235
|
- |
|
texas_imperial_software
|
wftpd_pro_explorer
|
Heap-based buffer overflow in Texas Imperial Software WFTPD Pro Explorer 1.0 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-6473
|
2017-09-29 10:29 |
2007-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294236
|
- |
|
gf_3xplorer
|
gf_3xplorer
|
Multiple cross-site scripting (XSS) vulnerabilities in GF-3XPLORER 2.4 allow remote attackers to inject arbitrary web script or HTML via the newdir parameter to index_3x.php, and unspecified other ve…
|
CWE-79
Cross-site Scripting
|
CVE-2007-6474
|
2017-09-29 10:29 |
2007-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294237
|
- |
|
gf_3xplorer
|
gf_3xplorer
|
Multiple directory traversal vulnerabilities in GF-3XPLORER 2.4 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang_sel parameter to (1) updater.php and…
|
CWE-22
Path Traversal
|
CVE-2007-6475
|
2017-09-29 10:29 |
2007-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294238
|
- |
|
gf_3xplorer
|
gf_3xplorer
|
GF-3XPLORER 2.4 allows remote attackers to obtain configuration information via a direct request to explorer/phpinfo.php, which calls the phpinfo function.
|
CWE-200
Information Exposure
|
CVE-2007-6476
|
2017-09-29 10:29 |
2007-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294239
|
- |
|
dokeos
|
dokeos
|
Unrestricted file upload vulnerability in the "My productions" component for main/auth/profile.php (aka the "My profile" page) in Dokeos 1.8.4 allows remote authenticated users to upload and execute …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-6479
|
2017-09-29 10:29 |
2007-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294240
|
- |
|
falcon
|
series_one_cms
|
Multiple PHP remote file inclusion vulnerabilities in Falcon Series One CMS 1.4.3 allow remote attackers to execute arbitrary PHP code via a URL in (1) the dir[classes] parameter to sitemap.xml.php o…
|
CWE-20
Improper Input Validation
|
CVE-2007-6488
|
2017-09-29 10:29 |
2007-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
