CVE-2007-1xxx

There are 974 CVE in this subgroup.
Last updated: 
← Back to 2007
ID Summary Flags Max Score
CVE-2007-1000 The ipv6_getsockopt_sticky function in net/ipv6/ipv6_sockglue.c in the Linux kernel before 2.6.20.2 ...
E S
CVE-2007-1001 Multiple integer overflows in the (1) createwbmp and (2) readwbmp functions in wbmp.c in the GD libr...
CVE-2007-1002 Format string vulnerability in the write_html function in calendar/gui/e-cal-component-memo-preview....
CVE-2007-1003 Integer overflow in ALLOCATE_LOCAL in the ProcXCMiscGetXIDList function in the XC-MISC extension in ...
S
CVE-2007-1004 Mozilla Firefox might allow remote attackers to conduct spoofing and phishing attacks by writing to ...
CVE-2007-1005 Heap-based buffer overflow in SW3eng.exe in the eID Engine service in CA (formerly Computer Associat...
S
CVE-2007-1006 Multiple format string vulnerabilities in the gm_main_window_flash_message function in Ekiga before ...
CVE-2007-1007 Format string vulnerability in GnomeMeeting 1.0.2 and earlier allows remote attackers to cause a den...
S
CVE-2007-1008 Apple iTunes 7.0.2 allows user-assisted remote attackers to cause a denial of service (application c...
E
CVE-2007-1009 Macrovision InstallAnywhere Enterprise before 8.0.1 uses the InstallScript.iap_xml configuration fil...
S
CVE-2007-1010 Multiple PHP remote file inclusion vulnerabilities in ZebraFeeds 1.0, when register_globals is enabl...
E S
CVE-2007-1011 PHP remote file inclusion vulnerability in functions_inc.php in VS-Gastebuch 1.5.3 and earlier allow...
E
CVE-2007-1012 Cross-site scripting (XSS) vulnerability in faq.php in DeskPRO 1.1.0 allows remote attackers to inje...
CVE-2007-1013 PHP remote file inclusion vulnerability in generate.php in VirtualSystem Htaccess Passwort Generator...
E
CVE-2007-1014 Stack-based buffer overflow in VicFTPS before 5.0 allows remote attackers to cause a denial of servi...
E S
CVE-2007-1015 SQL injection vulnerability in HaberDetay.asp in Aktueldownload Haber script allows remote attackers...
E
CVE-2007-1016 SQL injection vulnerability in Aktueldownload Haber script allows remote attackers to execute arbitr...
CVE-2007-1017 PHP remote file inclusion vulnerability in show_news_inc.php in VirtualSystem VS-News-System 1.2.1 a...
E
CVE-2007-1018 PHP remote file inclusion vulnerability in tpl/header.php in VirtualSystem VS-News-System 1.2.1 and ...
CVE-2007-1019 SQL injection vulnerability in news.php in webSPELL 4.01.02, when register_globals is enabled, allow...
E
CVE-2007-1020 Cross-site scripting (XSS) vulnerability in index.php in CedStat 1.31 allows remote attackers to inj...
E
CVE-2007-1021 SQL injection vulnerability in inc_listnews.asp in CodeAvalanche News 1.x allows remote attackers to...
E
CVE-2007-1022 SQL injection vulnerability in h_goster.asp in Turuncu Portal 1.0 allows remote attackers to execute...
CVE-2007-1023 SQL injection vulnerability in pop_profile.asp in Snitz Forums 2000 3.1 SR4 allows remote attackers ...
E
CVE-2007-1024 PHP remote file inclusion vulnerability in include.php in Meganoide's news 1.1.1 allows remote attac...
E
CVE-2007-1025 PHP remote file inclusion vulnerability in inc/functions_inc.php in VS-Link-Partner 2.1 and earlier ...
E
CVE-2007-1026 SQL injection vulnerability in view.php in XLAtunes 0.1 and earlier allows remote attackers to execu...
E
CVE-2007-1027 Certain setuid DB2 binaries in IBM DB2 before 9 Fix Pack 2 for Linux and Unix allow local users to o...
CVE-2007-1028 Cross-site scripting (XSS) vulnerability in the Barry Jaspan Image Pager 4.7.x-1.x-dev and 5.x-1.x-d...
CVE-2007-1029 Stack-based buffer overflow in the Connect method in the IMAP4 component in Quiksoft EasyMail Object...
S
CVE-2007-1030 Niels Provos libevent 1.2 and 1.2a allows remote attackers to cause a denial of service (infinite lo...
S
CVE-2007-1031 Directory traversal vulnerability in include/db_conn.php in SpoonLabs Vivvo Article Management CMS 3...
E
CVE-2007-1032 Unspecified vulnerability in phpMyFAQ 1.6.9 and earlier, when register_globals is enabled, allows re...
S
CVE-2007-1033 Unspecified vulnerability in the Secure site 4.7.x-1.x-dev and 5.x-1.x-dev module for Drupal allows ...
S
CVE-2007-1034 SQL injection vulnerability in the category file in modules.php in the Emporium 2.3.0 and earlier mo...
E
CVE-2007-1035 Unspecified vulnerability in certain demonstration scripts in getID3 1.7.1, as used in the Mediafiel...
S
CVE-2007-1036 The default configuration of JBoss does not restrict access to the (1) console and (2) web managemen...
CVE-2007-1037 Stack-based buffer overflow in News File Grabber 4.1.0.1 and earlier allows remote attackers to exec...
CVE-2007-1038 Shemes.com Grabit 1.5.3, and possibly earlier, allows remote attackers to cause a denial of service ...
CVE-2007-1039 Unspecified vulnerability in Peanut Knowledge Base (PeanutKB) 0.0.3 and earlier has unknown impact a...
CVE-2007-1040 Directory traversal vulnerability in archives.php in Xpression News (X-News) 1.0.1 allows remote att...
E
CVE-2007-1041 Multiple stack-based buffer overflows in S&H Computer Systems News Rover 12.1 Rev 1 allow remote att...
E
CVE-2007-1042 Directory traversal vulnerability in news.php in Xpression News (X-News) 1.0.1, when magic_quotes_gp...
CVE-2007-1043 Ezboo webstats, possibly 3.0.3, allows remote attackers to bypass authentication and gain access via...
E
CVE-2007-1044 Pearson Education PowerSchool 4.3.6 allows remote attackers to list the contents of the admin folder...
E
CVE-2007-1045 mAlbum 0.3 has default accounts (1) "login"/"pass" for its administrative account and (2) "dqsfg"/"s...
E
CVE-2007-1046 Dem_trac allows remote attackers to read log file contents via a direct request for /anc_sit.txt....
E
CVE-2007-1047 Unspecified vulnerability in Distributed Checksum Clearinghouse (DCC) before 1.3.51 allows remote at...
S
CVE-2007-1048 PHP remote file inclusion vulnerability in admin_rebuild_search.php in phpbb_wordsearch allows remot...
CVE-2007-1049 Cross-site scripting (XSS) vulnerability in the wp_explain_nonce function in the nonce AYS functiona...
E S
CVE-2007-1050 Multiple cross-site scripting (XSS) vulnerabilities in index.php in AbleDesign MyCalendar allow remo...
E
CVE-2007-1051 Comodo Firewall Pro (formerly Comodo Personal Firewall) 2.4.17.183 and earlier uses a weak cryptogra...
CVE-2007-1052 PHP remote file inclusion vulnerability in index.php in PBLang (PBL) 4.60 and earlier allows remote ...
CVE-2007-1053 Multiple PHP remote file inclusion vulnerabilities in phpXmms 1.0 allow remote attackers to execute ...
E
CVE-2007-1054 Cross-site scripting (XSS) vulnerability in the AJAX features in index.php in MediaWiki 1.6.x throug...
E
CVE-2007-1055 Cross-site scripting (XSS) vulnerability in the AJAX features in index.php in MediaWiki 1.9.x before...
E
CVE-2007-1056 VMware Workstation 5.5.3 build 34685 does not provide per-user restrictions on certain privileged ac...
CVE-2007-1057 The Net Direct client for Linux before 6.0.5 in Nortel Application Switch 2424, VPN 3050 and 3070, a...
E S
CVE-2007-1058 SQL injection vulnerability in user_pages/page.asp in Online Web Building 2.0 allows remote attacker...
E
CVE-2007-1059 PHP remote file inclusion vulnerability in function.php in Ultimate Fun Book 1.02 allows remote atta...
E
CVE-2007-1060 Multiple PHP remote file inclusion vulnerabilities in Interspire SendStudio 2004.14 and earlier, whe...
E
CVE-2007-1061 SQL injection vulnerability in index.php in Francisco Burzi PHP-Nuke 8.0 Final and earlier, when the...
E
CVE-2007-1062 The Cisco Unified IP Conference Station 7935 3.2(15) and earlier, and Station 7936 3.3(12) and earli...
S
CVE-2007-1063 The SSH server in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware...
S
CVE-2007-1064 Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and...
S
CVE-2007-1065 Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and...
S
CVE-2007-1066 Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and...
S
CVE-2007-1067 Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and...
CVE-2007-1068 The (1) TTLS CHAP, (2) TTLS MSCHAP, (3) TTLS MSCHAPv2, (4) TTLS PAP, (5) MD5, (6) GTC, (7) LEAP, (8)...
S
CVE-2007-1069 The memory management in VMware Workstation before 5.5.4 allows attackers to cause a denial of servi...
S
CVE-2007-1070 Multiple stack-based buffer overflows in Trend Micro ServerProtect for Windows and EMC 5.58, and for...
S
CVE-2007-1071 Integer overflow in the gifGetBandProc function in ImageIO in Apple Mac OS X 10.4.8 allows remote at...
E
CVE-2007-1072 The command line interface (CLI) in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 79...
S
CVE-2007-1073 Static code injection vulnerability in install.php in mcRefer allows remote attackers to execute arb...
CVE-2007-1074 Multiple buffer overflows in NewsBin Pro 5.33 and NewsBin Pro 4.x allow user-assisted remote attacke...
E
CVE-2007-1075 TurboFTP 5.30 Build 572 allows remote servers to cause a denial of service (CPU consumption) via a r...
E
CVE-2007-1076 Multiple directory traversal vulnerabilities in phpTrafficA 1.4.1, and possibly earlier, allow remot...
E
CVE-2007-1077 SQL injection vulnerability in page.asp in Design4Online UserPages2 2.0 allows remote attackers to e...
E
CVE-2007-1078 PHP remote file inclusion vulnerability in index.php in FlashGameScript 1.5.4 allows remote attacker...
E
CVE-2007-1079 Stack-based buffer overflow in Rhino Software, Inc. FTP Voyager 14.0.0.3 and earlier allows remote s...
E
CVE-2007-1080 Multiple heap-based buffer overflows in TurboFTP 5.30 Build 572 allow remote servers to cause a deni...
E
CVE-2007-1081 The start function in class.t3lib_formmail.php in TYPO3 before 4.0.5, 4.1beta, and 4.1RC1 allows att...
CVE-2007-1082 FTP Explorer 1.0.1 Build 047, and other versions before 1.0.1.52, allows remote servers to cause a d...
E S
CVE-2007-1083 Buffer overflow in the Configuration Checker (ConfigChk) ActiveX control in VSCnfChk.dll 2.0.0.2 for...
CVE-2007-1084 Mozilla Firefox 2.0.0.1 and earlier does not prompt users before saving bookmarklets, which allows r...
CVE-2007-1085 Cross-site scripting (XSS) vulnerability in Google Desktop allows remote attackers to bypass protect...
E
CVE-2007-1086 Unspecified binaries in IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 allow local users...
S
CVE-2007-1087 IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 does not properly terminate certain input...
S
CVE-2007-1088 Stack-based buffer overflow in IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 allows loc...
S
CVE-2007-1089 IBM DB2 Universal Database (UDB) 9.1 GA through 9.1 FP1 allows local users with table SELECT privile...
S
CVE-2007-1090 Microsoft Windows Explorer on Windows XP and 2003 allows remote user-assisted attackers to cause a d...
CVE-2007-1091 Microsoft Internet Explorer 7 allows remote attackers to prevent users from leaving a site, spoof th...
S
CVE-2007-1092 Mozilla Firefox 1.5.0.9 and 2.0.0.1, and SeaMonkey before 1.0.8 allow remote attackers to execute ar...
E S
CVE-2007-1093 Multiple unspecified vulnerabilities in JP1/Cm2/Network Node Manager (NNM) before 07-10-05, and befo...
S
CVE-2007-1094 Microsoft Internet Explorer 7 allows remote attackers to cause a denial of service (NULL dereference...
S
CVE-2007-1095 Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 do not properly implement JavaScript onUnl...
CVE-2007-1096 Cross-site scripting (XSS) vulnerability in ps_cart.php in VirtueMart before 20070116 allows remote ...
CVE-2007-1097 Unrestricted file upload vulnerability in the onAttachFiles function in the upload tool (inc/lib/att...
CVE-2007-1098 Multiple unspecified vulnerabilities in ScryMUD before 2.1.11 have unknown impact and attack vectors...
CVE-2007-1099 dbclient in Dropbear SSH client before 0.49 does not sufficiently warn the user when it detects a ho...
CVE-2007-1100 Directory traversal vulnerability in download.php in Ahmet Sacan Pickle before 20070301 allows remot...
E
CVE-2007-1101 Multiple cross-site scripting (XSS) vulnerabilities in Photostand 1.2.0 allow remote attackers to in...
CVE-2007-1102 Photostand 1.2.0 allows remote attackers to obtain sensitive information via a ' (quote) character i...
CVE-2007-1103 Tor does not verify a node's uptime and bandwidth advertisements, which allows remote attackers who ...
CVE-2007-1104 PHP remote file inclusion vulnerability in top.php in PHP Module Implementation (PHP-MIP) 0.1 allows...
E
CVE-2007-1105 PHP remote file inclusion vulnerability in functions.php in Extreme phpBB (aka phpBB Extreme) 3.0.1 ...
E
CVE-2007-1106 PHP remote file inclusion vulnerability in includes/functions_nomoketos_rules.php in the NoMoKeTos R...
E
CVE-2007-1107 SQL injection vulnerability in thumbnails.php in Coppermine Photo Gallery (CPG) 1.3.x allows remote ...
E
CVE-2007-1108 PHP remote file inclusion vulnerability in index.php in Christian Schneider CS-Gallery 2.0 and earli...
E
CVE-2007-1109 Multiple cross-site scripting (XSS) vulnerabilities in Phpwebgallery 1.4.1 allow remote attackers to...
CVE-2007-1110 Directory traversal vulnerability in data/showcode.php in ActiveCalendar 1.2.0 allows remote attacke...
CVE-2007-1111 Multiple cross-site scripting (XSS) vulnerabilities in ActiveCalendar 1.2.0 allow remote attackers t...
E
CVE-2007-1112 Kaspersky Anti-Virus 6.0 and Internet Security 6.0 exposes unsafe methods in the (a) AXKLPROD60Lib.K...
S
CVE-2007-1114 The child frames in Microsoft Internet Explorer 7 inherit the default charset from the parent window...
CVE-2007-1115 The child frames in Opera 9 before 9.20 inherit the default charset from the parent window when a ch...
S
CVE-2007-1116 The CheckLoadURI function in Mozilla Firefox 1.8 lists the about: URI as a ChromeProtocol and can be...
S
CVE-2007-1117 Unspecified vulnerability in Publisher 2007 in Microsoft Office 2007 allows remote attackers to exec...
CVE-2007-1118 Multiple PHP remote file inclusion vulnerabilities in eFiction 3.1.1 and earlier allow remote attack...
E
CVE-2007-1119 Unspecified vulnerability in Novell ZENworks 7 Desktop Management Support Pack 1 before Hot patch 3 ...
S
CVE-2007-1120 The (1) Import.LoadFromURL and (2) Export.asText.SaveToFile functions in TeeChart Pro ActiveX contro...
CVE-2007-1121 Multiple SQL injection vulnerabilities in Mathis Dirksen-Thedens ZephyrSoft Toolbox Address Book Con...
S
CVE-2007-1122 Multiple SQL injection vulnerabilities in Mathis Dirksen-Thedens ZephyrSoft Toolbox Address Book Con...
CVE-2007-1123 Multiple PHP remote file inclusion vulnerabilities in ZPanel 2.0 allow remote attackers to execute a...
CVE-2007-1124 Directory traversal vulnerability in gallery.php in XeroXer Simple one-file gallery allows remote at...
E
CVE-2007-1125 Cross-site scripting (XSS) vulnerability in gallery.php in XeroXer Simple one-file gallery allows re...
E
CVE-2007-1126 Directory traversal vulnerability in index.php in xtcommerce allows remote attackers to read arbitra...
CVE-2007-1127 Directory traversal vulnerability in enc/stylecss.php in shopkitplus allows remote attackers to read...
E S
CVE-2007-1128 shopkitplus allows remote attackers to obtain sensitive information via a request to (1) events.php ...
CVE-2007-1129 Multiple unrestricted file upload vulnerabilities in MTCMS 3.2 allow remote attackers to upload and ...
CVE-2007-1130 PHP remote file inclusion vulnerability in sinagb.php in Sinapis Gastebuch 2.2 allows remote attacke...
E
CVE-2007-1131 PHP remote file inclusion vulnerability in sinapis.php in Sinapis Forum 2.2 allows remote attackers ...
E
CVE-2007-1132 Multiple cross-site scripting (XSS) vulnerabilities in the "Contact Us" functionality in MTCMS 2.2 a...
CVE-2007-1133 PHP remote file inclusion vulnerability in fcring.php in FCRing 1.3 allows remote attackers to execu...
E
CVE-2007-1134 Unspecified vulnerability in Watchtower (WT) before 0.12 has unknown impact and attack vectors, rela...
CVE-2007-1135 Multiple SQL injection vulnerabilities in WebMplayer before 0.6.1-Alpha allow remote attackers to ex...
S
CVE-2007-1136 index.php in WebMplayer before 0.6.1-Alpha allows remote attackers to execute arbitrary code via she...
CVE-2007-1137 putmail.py in Putmail before 1.4 does not detect when a user attempts to use TLS with a server that ...
CVE-2007-1138 Absolute path traversal vulnerability in list_main_pages.php in Cromosoft Simple Plantilla PHP (SPP)...
E
CVE-2007-1139 Unrestricted file upload vulnerability in Cromosoft Simple Plantilla PHP (SPP) allows remote attacke...
E
CVE-2007-1140 Directory traversal vulnerability in edit.php in pheap allows remote attackers to read and modify ar...
E
CVE-2007-1141 PHP remote file inclusion vulnerability in preview.php in Magic News Plus 1.0.2 allows remote attack...
E
CVE-2007-1142 Cross-site scripting (XSS) vulnerability in Magic News Plus 1.0.2 allows remote attackers to inject ...
E
CVE-2007-1143 Directory traversal vulnerability in pn-menu.php in J-Web Pics Navigator 1.0 allows remote attackers...
E
CVE-2007-1144 Directory traversal vulnerability in jwpn-photos.php in J-Web Pics Navigator 2.0 allows remote attac...
E
CVE-2007-1145 Multiple cross-site scripting (XSS) vulnerabilities in Kayako SupportSuite - ESupport 3.00.13 and 3....
CVE-2007-1146 PHP remote file inclusion vulnerability in function.php in arabhost allows remote attackers to execu...
E
CVE-2007-1147 PHP remote file inclusion vulnerability in view.php in hbm allows remote attackers to execute arbitr...
CVE-2007-1148 PHP remote file inclusion vulnerability in install/index.php in LoveCMS 1.4 allows remote attackers ...
E
CVE-2007-1149 Multiple directory traversal vulnerabilities in LoveCMS 1.4 allow remote attackers to read arbitrary...
E
CVE-2007-1150 Unrestricted file upload vulnerability in LoveCMS 1.4 allows remote authenticated administrators to ...
E
CVE-2007-1151 Cross-site scripting (XSS) vulnerability in LoveCMS 1.4 allows remote attackers to inject arbitrary ...
CVE-2007-1152 Multiple directory traversal vulnerabilities in Pyrophobia 2.1.3.1 allow remote attackers to read ar...
E
CVE-2007-1153 Multiple PHP remote file inclusion vulnerabilities in CutePHP CuteNews 1.3.6 allow remote attackers ...
CVE-2007-1154 SQL injection vulnerability in webSPELL allows remote attackers to execute arbitrary SQL commands vi...
CVE-2007-1155 Unrestricted file upload vulnerability in webSPELL allows remote authenticated administrators to upl...
CVE-2007-1156 JBrowser allows remote attackers to bypass authentication and access certain administrative capabili...
CVE-2007-1157 Cross-site request forgery (CSRF) vulnerability in jmx-console/HtmlAdaptor in JBoss allows remote at...
CVE-2007-1158 Directory traversal vulnerability in index.php in the Pagesetter 6.2.0 through 6.3.0 beta 5 module f...
E S
CVE-2007-1159 Cross-site scripting (XSS) vulnerability in modules/out.php in Pyrophobia 2.1.3.1 allows remote atta...
E
CVE-2007-1160 webSPELL 4.0, and possibly later versions, allows remote attackers to bypass authentication via a ws...
CVE-2007-1161 Cross-site scripting (XSS) vulnerability in call_entry.php in Call Center Software 0,93 allows remot...
E
CVE-2007-1162 A certain ActiveX control in the Common Controls Replacement Project (CCRP) CCRP BrowseDialog Server...
E
CVE-2007-1163 SQL injection vulnerability in printview.php in webSPELL 4.01.02 and earlier allows remote attackers...
E
CVE-2007-1164 Multiple PHP remote file inclusion vulnerabilities in DBImageGallery 1.2.2 allow remote attackers to...
E
CVE-2007-1165 Multiple PHP remote file inclusion vulnerabilities in DBGuestbook 1.1 allow remote attackers to exec...
E
CVE-2007-1166 SQL injection vulnerability in result.php in Nabopoll 1.2 allows remote attackers to execute arbitra...
E
CVE-2007-1167 inc/filebrowser/browser.php in deV!L`z Clanportal (DZCP) 1.4.5 and earlier allows remote attackers t...
E S
CVE-2007-1168 Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 allows remote attacker...
S
CVE-2007-1169 The web interface in Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 a...
S
CVE-2007-1170 SimBin GTR - FIA GT Racing Game 1.5.0.0 and earlier, GT Legends 1.1.0.0 and earlier, GTR 2 1.1 and e...
CVE-2007-1171 SQL injection vulnerability in includes/nsbypass.php in NukeSentinel 2.5.05, 2.5.11, and other versi...
E
CVE-2007-1172 SQL injection vulnerability in nukesentinel.php in NukeSentinel 2.5.05, and possibly earlier, allows...
E
CVE-2007-1173 Multiple buffer overflows in the CentennialIPTransferServer service (XFERWAN.EXE), as used by (1) Ce...
CVE-2007-1174 Multiple cross-site scripting (XSS) vulnerabilities in WebAPP before 20070214 allow remote attackers...
S
CVE-2007-1175 Cross-site scripting (XSS) vulnerability in an admin feature in WebAPP before 20070209 allows remote...
S
CVE-2007-1176 Multiple cross-site scripting (XSS) vulnerabilities in WebAPP before 0.9.9.5 allow remote attackers ...
S
CVE-2007-1177 WebAPP before 0.9.9.5 does not properly filter certain characters in contexts related to (1) the que...
S
CVE-2007-1178 WebAPP before 0.9.9.5 does not check access in certain contexts related to (1) Calendar Administrati...
S
CVE-2007-1179 WebAPP before 0.9.9.5 does not properly manage e-mail addresses in certain contexts related to (1) t...
S
CVE-2007-1180 WebAPP before 0.9.9.5 does not check referrers in certain forms, which might facilitate remote cross...
S
CVE-2007-1181 WebAPP before 0.9.9.5 passes (1) Unused Informations and (2) the username through Edit Profile forms...
S
CVE-2007-1182 WebAPP before 0.9.9.5 allows remote Guest users to edit a Guest profile, which has unknown impact....
S
CVE-2007-1183 WebAPP before 0.9.9.5 allows remote authenticated users to spoof another user's Real Name via whites...
S
CVE-2007-1184 The default configuration of WebAPP before 0.9.9.5 has a CAPTCHA setting of "no," which makes it eas...
S
CVE-2007-1185 The (1) Search, (2) Edit Profile, (3) Recommend, and (4) User Approval forms in WebAPP before 0.9.9....
S
CVE-2007-1186 WebAPP before 0.9.9.5 does not "censor" the Latest Member real name, which has unknown impact....
S
CVE-2007-1187 WebAPP before 0.9.9.5 allows remote authenticated users, without admin privileges, to obtain sensiti...
S
CVE-2007-1188 WebAPP before 0.9.9.5 allows remote attackers to submit Search form input that is not checked for (1...
S
CVE-2007-1189 Integer overflow in the envwrite function in the Alcatel-Lucent Bell Labs Plan 9 kernel allows local...
E
CVE-2007-1190 Unspecified vulnerability in the EmbeddedWB Web Browser ActiveX control allows remote attackers to e...
E
CVE-2007-1191 The Social Bookmarks (del.icio.us) plug-in 8F in Quicksilver writes usernames and passwords in plain...
S
CVE-2007-1192 Thomas R. Pasawicz HyperBook Guestbook 1.30 stores sensitive information under the web root with ins...
E
CVE-2007-1193 Multiple unspecified vulnerabilities in the Login page in OrangeHRM before 20070212 have unknown imp...
S
CVE-2007-1194 Norman SandBox Analyzer does not use the proper range for Interrupt Descriptor Table (IDT) entries, ...
CVE-2007-1195 Multiple buffer overflows in XM Easy Personal FTP Server 5.3.0 allow remote attackers to execute arb...
E
CVE-2007-1196 Unspecified vulnerability in Citrix Presentation Server Client for Windows before 10.0 allows remote...
CVE-2007-1197 Multiple unspecified vulnerabilities in Epiware before 4.7.5 have unknown impact and attack vectors,...
S
CVE-2007-1198 Cross-site scripting (XSS) vulnerability in TaskFreak! before 0.5.7 allows remote attackers to injec...
CVE-2007-1199 Adobe Reader and Acrobat Trial allow remote attackers to read arbitrary files via a file:// URI in a...
E
CVE-2007-1201 Unspecified vulnerability in certain COM objects in Microsoft Office Web Components 2000 allows user...
S
CVE-2007-1202 Word (or Word Viewer) in Microsoft Office 2000 SP3, XP SP3, 2003 SP2, 2004 for Mac, and Works Suite ...
S
CVE-2007-1203 Unspecified vulnerability in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, 2004 for Mac...
CVE-2007-1204 Stack-based buffer overflow in the Universal Plug and Play (UPnP) service in Microsoft Windows XP SP...
CVE-2007-1205 Unspecified vulnerability in Microsoft Agent (msagent\agentsvr.exe) in Windows 2000 SP4, XP SP2, and...
CVE-2007-1206 The Virtual DOS Machine (VDM) in the Windows Kernel in Microsoft Windows NT 4.0; 2000 SP4; XP SP2; S...
CVE-2007-1207 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2007-1208 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2007-1209 Use-after-free vulnerability in the Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows Vi...
CVE-2007-1210 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2007-1211 Unspecified kernel GDI functions in Microsoft Windows 2000 SP4; XP SP2; and Server 2003 Gold, SP1, a...
CVE-2007-1212 Buffer overflow in the Graphics Device Interface (GDI) in Microsoft Windows 2000 SP4; XP SP2; Server...
CVE-2007-1213 The TrueType Fonts rasterizer in Microsoft Windows 2000 SP4 allows local users to gain privileges vi...
S
CVE-2007-1214 Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, and 2004 for Mac allows user-assisted rem...
S
CVE-2007-1215 Buffer overflow in the Graphics Device Interface (GDI) in Microsoft Windows 2000 SP4; XP SP2; Server...
CVE-2007-1216 Double free vulnerability in the GSS-API library (lib/gssapi/krb5/k5unseal.c), as used by the Kerber...
S
CVE-2007-1217 Buffer overflow in the bufprint function in capiutil.c in libcapi, as used in Linux kernel 2.6.9 to ...
CVE-2007-1218 Off-by-one buffer overflow in the parse_elements function in the 802.11 printer code (print-802_11.c...
CVE-2007-1219 PHP remote file inclusion vulnerability in actions/del.php in Admin Phorum 3.3.1a allows remote atta...
E
CVE-2007-1220 The Hypervisor in Microsoft Xbox 360 kernel 4532 and 4548 does not properly verify the parameters pa...
CVE-2007-1221 The Hypervisor in Microsoft Xbox 360 kernel 4532 and 4548 allows attackers with physical access to f...
CVE-2007-1222 Parallels Desktop for Mac before 20070216 implements Drag and Drop by sharing the entire host filesy...
CVE-2007-1223 Unspecified vulnerability in Hitachi OSAS/FT/W before 20070223 allows attackers to cause a denial of...
CVE-2007-1224 Grok Developments NetProxy 4.03 allows remote attackers to bypass URL filtering via a request that o...
E
CVE-2007-1225 The connection log file implementation in Grok Developments NetProxy 4.03 does not record requests t...
E
CVE-2007-1226 McAfee VirusScan for Mac (Virex) before 7.7 patch 1 has weak permissions (0666) for /Library/Applica...
E S
CVE-2007-1227 VShieldCheck in McAfee VirusScan for Mac (Virex) before 7.7 patch 1 allow local users to change perm...
E
CVE-2007-1228 IBM DB2 UDB 8.2 before Fixpak 7 (aka fixpack 14), and DB2 9 before Fix Pack 2, on UNIX allows the "f...
CVE-2007-1229 Cross-site scripting (XSS) vulnerability in the Nullsoft ShoutcastServer 1.9.7 allows remote attacke...
E
CVE-2007-1230 Multiple cross-site scripting (XSS) vulnerabilities in wp-includes/functions.php in WordPress before...
S
CVE-2007-1231 Multiple cross-site scripting (XSS) vulnerabilities in SQLiteManager 1.2.0 allow remote attackers to...
CVE-2007-1232 Directory traversal vulnerability in SQLiteManager 1.2.0 allows remote attackers to read arbitrary f...
CVE-2007-1233 PHP remote file inclusion vulnerability in downloadcounter.php in STWC-Counter 3.4.0.0 and earlier a...
E
CVE-2007-1234 Multiple cross-site scripting (XSS) vulnerabilities in sitex allow remote attackers to inject arbitr...
CVE-2007-1235 Unrestricted file upload vulnerability in sitex allows remote attackers to upload arbitrary PHP code...
E
CVE-2007-1236 sitex allows remote attackers to obtain sensitive information via a request with a numerical value f...
CVE-2007-1237 sitex allows remote attackers to obtain potentially sensitive information via a ' (quote) value for ...
E
CVE-2007-1238 Microsoft Office 2003 allows user-assisted remote attackers to cause a denial of service (applicatio...
CVE-2007-1239 Microsoft Excel 2003 does not properly parse .XLS files, which allows remote attackers to cause a de...
E
CVE-2007-1240 Multiple cross-site scripting (XSS) vulnerabilities in Docebo CMS 3.0.3 through 3.0.5 allow remote a...
E
CVE-2007-1241 Cross-site scripting (XSS) vulnerability in setup.php in Audins Audiens 3.3 allows remote attackers ...
E
CVE-2007-1242 SQL injection vulnerability in system/index.php in Audins Audiens 3.3 allows remote attackers to exe...
E
CVE-2007-1243 Audins Audiens 3.3 allows remote attackers to bypass authentication and perform certain privileged a...
E
CVE-2007-1244 Cross-site request forgery (CSRF) vulnerability in the AdminPanel in WordPress 2.1.1 and earlier all...
E S
CVE-2007-1245 IrfanView 3.99 allows remote attackers to cause a denial of service (application crash) via a malfor...
CVE-2007-1246 The DMO_VideoDecoder_Open function in loader/dmo/DMO_VideoDecoder.c in MPlayer 1.0rc1 and earlier, a...
S
CVE-2007-1247 Multiple PHP remote file inclusion vulnerabilities in aWeb Labs aWebNews 1.5 allow remote attackers ...
E
CVE-2007-1248 Multiple cross-site scripting (XSS) vulnerabilities in built2go News Manager Blog 1.0 allow remote a...
E
CVE-2007-1249 MoveSortedContentAction in C1 Financial Services Contelligent 9.1.4 does not check "the additional e...
CVE-2007-1250 SQL injection vulnerability in section/default.asp in ANGEL Learning Management Suite (LMS) 7.1 allo...
E
CVE-2007-1251 Format string vulnerability in the new_warning function in ntserv/warning.c for Netrek Vanilla Serve...
E
CVE-2007-1252 Buffer overflow in Symantec Mail Security for SMTP 5.0 before Patch 175 allows remote attackers to c...
S
CVE-2007-1253 Eval injection vulnerability in the (a) kmz_ImportWithMesh.py Script for Blender 0.1.9h, as used in ...
CVE-2007-1254 SQL injection vulnerability in part.userprofile.php in Connectix Boards 0.7 and earlier allows remot...
E
CVE-2007-1255 Unrestricted file upload vulnerability in admin.bbcode.php in Connectix Boards 0.7 and earlier allow...
E
CVE-2007-1256 Mozilla Firefox 2.0.0.2 allows remote attackers to spoof the address bar, favicons, and document sou...
CVE-2007-1257 The Network Analysis Module (NAM) in Cisco Catalyst Series 6000, 6500, and 7600 allows remote attack...
CVE-2007-1258 Unspecified vulnerability in Cisco IOS 12.2SXA, SXB, SXD, and SXF; and the MSFC2, MSFC2a and MSFC3 r...
CVE-2007-1259 Multiple unspecified vulnerabilities in WebAPP before 0.9.9.6 have unknown impact and attack vectors...
S
CVE-2007-1260 Stack-based buffer overflow in the connectHandle function in server.cpp in WebMod 0.48 allows remote...
E
CVE-2007-1261 Unspecified vulnerability in the reports system in OpenBiblio before 0.6.0 allows attackers to gain ...
CVE-2007-1262 Multiple cross-site scripting (XSS) vulnerabilities in the HTML filter in SquirrelMail 1.4.0 through...
S
CVE-2007-1263 GnuPG 1.4.6 and earlier and GPGME before 1.1.4, when run from the command line, does not visually di...
S
CVE-2007-1264 Enigmail 0.94.2 and earlier does not properly use the --status-fd argument when invoking GnuPG, whic...
E S
CVE-2007-1265 KMail 1.9.5 and earlier does not properly use the --status-fd argument when invoking GnuPG, which pr...
CVE-2007-1266 Evolution 2.8.1 and earlier does not properly use the --status-fd argument when invoking GnuPG, whic...
E S
CVE-2007-1267 Sylpheed 2.2.7 and earlier does not properly use the --status-fd argument when invoking GnuPG, which...
E
CVE-2007-1268 Mutt 1.5.13 and earlier does not properly use the --status-fd argument when invoking GnuPG, which pr...
E
CVE-2007-1269 GNUMail 1.1.2 and earlier does not properly use the --status-fd argument when invoking GnuPG, which ...
E
CVE-2007-1270 Double free vulnerability in VMware ESX Server 3.0.0 and 3.0.1 allows attackers to cause a denial of...
CVE-2007-1271 Buffer overflow in VMware ESX Server 3.0.0 and 3.0.1 might allow attackers to gain privileges or cau...
S
CVE-2007-1273 Integer overflow in the ktruser function in NetBSD-current before 20061022, NetBSD 3 and 3-0 before ...
CVE-2007-1276 Multiple cross-site scripting (XSS) vulnerabilities in chooser.cgi in Webmin before 1.330 and Usermi...
CVE-2007-1277 WordPress 2.1.1, as downloaded from some official distribution sites during February and March 2007,...
E
CVE-2007-1278 Unspecified vulnerability in the IIS connector in Adobe JRun 4.0 Updater 6, and ColdFusion MX 6.1 an...
S
CVE-2007-1279 Unspecified vulnerability in the installer for Adobe Bridge 1.0.3 update for Apple OS X, when patchi...
S
CVE-2007-1280 Cross-site scripting (XSS) vulnerability in Adobe RoboHelp X5, 6, and Server 6 allows remote attacke...
S
CVE-2007-1281 Kaspersky AntiVirus Engine 6.0.1.411 for Windows and 5.5-10 for Linux allows remote attackers to cau...
CVE-2007-1282 Integer overflow in Mozilla Thunderbird before 1.5.0.10 and SeaMonkey before 1.0.8 allows remote att...
S
CVE-2007-1285 The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a de...
E
CVE-2007-1286 Integer overflow in PHP 4.4.4 and earlier allows remote context-dependent attackers to execute arbit...
E S
CVE-2007-1287 A regression error in the phpinfo function in PHP 4.4.3 to 4.4.6, and PHP 6.0 in CVS, allows remote ...
E S
CVE-2007-1288 Multiple PHP remote file inclusion vulnerabilities in Webmobo WB News 1.4.1 and earlier allow remote...
CVE-2007-1289 SQL injection vulnerability in ViewBugs.php in Tyger Bug Tracking System (TygerBT) 1.1.3 allows remo...
E
CVE-2007-1290 SQL injection vulnerability in ViewReport.php in Tyger Bug Tracking System (TygerBT) 1.1.3 allows re...
CVE-2007-1291 Multiple cross-site scripting (XSS) vulnerabilities in Tyger Bug Tracking System (TygerBT) 1.1.3 all...
E
CVE-2007-1292 SQL injection vulnerability in inlinemod.php in Jelsoft vBulletin before 3.5.8, and before 3.6.5 in ...
E S
CVE-2007-1293 SQL injection vulnerability in Rigter Portal System (RPS) 6.2, when magic_quotes_gpc is disabled, al...
E
CVE-2007-1294 A certain ActiveX control in the DivXBrowserPlugin (npdivx32.dll) in DivX Web Player, as distributed...
E
CVE-2007-1295 SQL injection vulnerability in topic_title.php in AJ Forum 1.0 allows remote attackers to execute ar...
E
CVE-2007-1296 SQL injection vulnerability in postingdetails.php in AJ Classifieds 1.0 allows remote attackers to e...
E
CVE-2007-1297 SQL injection vulnerability in view_profile.php in AJDating 1.0 allows remote attackers to execute a...
E
CVE-2007-1298 SQL injection vulnerability in subcat.php in AJ Auction 1.0 allows remote attackers to execute arbit...
E
CVE-2007-1299 PHP remote file inclusion vulnerability in index.php in Mani Stats Reader 1.2 and earlier allows rem...
E
CVE-2007-1300 DOURAN Software Technologies ISPUtil 3.32.84.1, and possibly earlier versions, stores sensitive info...
CVE-2007-1301 Stack-based buffer overflow in the IMAP service in MailEnable Enterprise and Professional Editions 2...
E
CVE-2007-1302 SQL injection vulnerability in guestbook.php in LI-Guestbook 1.1, when magic_quotes_gpc is disabled,...
CVE-2007-1303 Directory traversal vulnerability in rb.cgi in RRDBrowse 1.6 and earlier allows remote attackers to ...
S
CVE-2007-1304 Multiple SQL injection vulnerabilities in add2.php in Sava's Guestbook 23.11.2006, when magic_quotes...
CVE-2007-1305 Multiple cross-site scripting (XSS) vulnerabilities in add2.php in Sava's Guestbook 23.11.2006 allow...
CVE-2007-1306 Asterisk 1.4 before 1.4.1 and 1.2 before 1.2.16 allows remote attackers to cause a denial of service...
CVE-2007-1307 Unspecified vulnerability in Lenovo Intel PRO/1000 LAN adapter before Build 135400, as used on IBM L...
S
CVE-2007-1308 ecma/kjs_html.cpp in KDE JavaScript (KJS), as used in Konqueror in KDE 3.5.5, allows remote attacker...
E S
CVE-2007-1309 Novell Access Management 3 SSLVPN Server allows remote authenticated users to bypass VPN restriction...
S
CVE-2007-1313 NETxAutomation NETxEIB OPC Server before 3.0.1300 does not properly validate OLE for Process Control...
CVE-2007-1319 Unspecified vulnerability in the IOPCServer::RemoveGroup function in the OPCDA interface in Takebish...
CVE-2007-1320 Multiple heap-based buffer overflows in the cirrus_invalidate_region function in the Cirrus VGA exte...
CVE-2007-1321 Integer signedness error in the NE2000 emulator in QEMU 0.8.2, as used in Xen and possibly other pro...
CVE-2007-1322 QEMU 0.8.2 allows local users to halt a virtual machine by executing the icebp instruction....
CVE-2007-1323 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-2893. Reason: this candida...
R
CVE-2007-1324 SnapGear 560, 585, 580, 640, 710, and 720 appliances before the 3.1.4u5 firmware allow remote attack...
S
CVE-2007-1325 The PMA_ArrayWalkRecursive function in libraries/common.lib.php in phpMyAdmin before 2.10.0.2 does n...
S
CVE-2007-1326 SQL injection vulnerability in index.php in Serendipity 1.1.1 allows remote attackers to execute arb...
CVE-2007-1327 The SILC_SERVER_CMD_FUNC function in apps/silcd/command.c in silc-server 1.0.2 allows remote attacke...
CVE-2007-1328 Cross-site scripting (XSS) vulnerability in formulaire.php in Bernard JOLY BJ Webring allows remote ...
E
CVE-2007-1329 Directory traversal vulnerability in SQL-Ledger, and LedgerSMB before 1.1.5, allows remote attackers...
CVE-2007-1330 Comodo Firewall Pro (CFP) (formerly Comodo Personal Firewall) 2.4.18.184 and earlier allows local us...
CVE-2007-1331 Multiple cross-site scripting (XSS) vulnerabilities in TKS Banking Solutions ePortfolio 1.0 Java all...
E
CVE-2007-1332 Multiple cross-site request forgery (CSRF) vulnerabilities in TKS Banking Solutions ePortfolio 1.0 J...
CVE-2007-1337 The virtual machine process (VMX) in VMware Workstation before 5.5.4 does not properly read state in...
S
CVE-2007-1338 The default configuration of the AirPort utility in Apple AirPort Extreme creates an IPv6 tunnel but...
CVE-2007-1339 SQL injection vulnerability in index.php in Links Management Application 1.0 allows remote attackers...
E
CVE-2007-1340 PHP remote file inclusion vulnerability in eintrag.php in Weltennetz News-Letterman 1.1 allows remot...
E
CVE-2007-1341 include/auth/auth.php in Simple Invoices before 2007 03 05 does not use the login system to protect ...
S
CVE-2007-1342 Cross-site scripting (XSS) vulnerability in admincp/index.php in Jelsoft vBulletin 3.6.5 and earlier...
CVE-2007-1343 includes/functions.php in Craig Knudsen WebCalendar before 1.0.5 does not protect the noSet variable...
S
CVE-2007-1344 Multiple buffer overflows in src/ezstream.c in Ezstream before 0.3.0 allow remote attackers to execu...
S
CVE-2007-1345 Unspecified vulnerability in cube.exe in the GINA component for CA (Computer Associates) eTrust Admi...
S
CVE-2007-1346 Unspecified vulnerability in ipmitool for Sun Fire X2100M2 and X2200M2 allows local users to gain pr...
CVE-2007-1347 Microsoft Windows Explorer on Windows 2000 SP4 FR and XP SP2 FR, and possibly other versions and pla...
E
CVE-2007-1348 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...
R
CVE-2007-1349 PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly ...
CVE-2007-1350 Stack-based buffer overflow in webadmin.exe in Novell NetMail 3.5.2 allows remote attackers to execu...
S
CVE-2007-1351 Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 2007040...
S
CVE-2007-1352 Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote a...
S
CVE-2007-1353 The setsockopt function in the L2CAP and HCI Bluetooth support in the Linux kernel before 2.4.34.3 a...
CVE-2007-1354 The Access Control functionality (JMXOpsAccessControlFilter) in JMX Console in JBoss Application Ser...
S
CVE-2007-1355 Multiple cross-site scripting (XSS) vulnerabilities in the appdev/sample/web/hello.jsp example appli...
E S
CVE-2007-1356 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...
R
CVE-2007-1357 The atalk_sum_skb function in AppleTalk for Linux kernel 2.6.x before 2.6.21, and possibly 2.4.x, al...
S
CVE-2007-1358 Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4...
CVE-2007-1359 Interpretation conflict in ModSecurity (mod_security) 2.1.0 and earlier allows remote attackers to b...
E
CVE-2007-1360 Unspecified vulnerability in the Nodefamily module for Drupal 5.x before 5.x-1.0 allows remote authe...
S
CVE-2007-1361 Cross-site scripting (XSS) vulnerability in virtuemart_parser.php in VirtueMart before 20070213 allo...
S
CVE-2007-1362 Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows ...
S
CVE-2007-1363 Multiple SQL injection vulnerabilities in DropAFew before 0.2.1 allow remote attackers to execute ar...
S
CVE-2007-1364 DropAFew before 0.2.1 does not require authorization for certain privileged actions, which allows re...
E S
CVE-2007-1365 Buffer overflow in kern/uipc_mbuf2.c in OpenBSD 3.9 and 4.0 allows remote attackers to execute arbit...
S
CVE-2007-1366 QEMU 0.8.2 allows local users to crash a virtual machine via the divisor operand to the aam instruct...
S
CVE-2007-1367 Cross-site scripting (XSS) vulnerability in the login page in Avaya Communications Manager (CM) S87X...
S
CVE-2007-1368 The Project issue tracking module before 4.7.x-1.3, 4.7.x-2.* before 4.7.x-2.3, and 5 before 5.x-0.2...
S
CVE-2007-1369 ini_modifier (sgid-zendtech) in Zend Platform 2.2.3 and earlier allows local users to modify the sys...
S
CVE-2007-1370 Zend Platform 2.2.3 and earlier has incorrect ownership for scd.sh and certain other files, which al...
S
CVE-2007-1371 Multiple buffer overflows in Conquest 8.2a and earlier (1) allow local users to gain privileges by q...
E
CVE-2007-1372 PHP remote file inclusion vulnerability in styles/internal/header.php in the PostGuestbook 0.6.1 mod...
E
CVE-2007-1373 Stack-based buffer overflow in Mercury/32 (aka Mercury Mail Transport System) 4.01b and earlier allo...
E
CVE-2007-1374 Cross-site scripting (XSS) vulnerability in pop_profile.asp in Snitz Forums 2000 3.4.06 allows remot...
CVE-2007-1375 Integer overflow in the substr_compare function in PHP 5.2.1 and earlier allows context-dependent at...
E
CVE-2007-1376 The shmop functions in PHP before 4.4.5, and before 5.2.1 in the 5.x series, do not verify that thei...
E
CVE-2007-1377 AcroPDF.DLL in Adobe Reader 8.0, when accessed from Mozilla Firefox, Netscape, or Opera, allows remo...
E
CVE-2007-1378 The ovrimos_longreadlen function in the Ovrimos extension for PHP before 4.4.5 allows context-depend...
CVE-2007-1379 The ovrimos_close function in the Ovrimos extension for PHP before 4.4.5 can trigger efree of an arb...
CVE-2007-1380 The php_binary serialization handler in the session extension in PHP before 4.4.5, and 5.x before 5....
E
CVE-2007-1381 The wddx_deserialize function in wddx.c 1.119.2.10.2.12 and 1.119.2.10.2.13 in PHP 5, as modified in...
E
CVE-2007-1382 The PHP COM extensions for PHP on Windows systems allow context-dependent attackers to execute arbit...
E
CVE-2007-1383 Integer overflow in the 16 bit variable reference counter in PHP 4 allows context-dependent attacker...
E
CVE-2007-1384 Directory traversal vulnerability in torrent.cpp in KTorrent before 2.1.2 allows remote attackers to...
CVE-2007-1385 chunkcounter.cpp in KTorrent before 2.1.2 allows remote attackers to cause a denial of service (cras...
CVE-2007-1387 The DirectShow loader (loader/dshow/DS_VideoDecoder.c) in MPlayer 1.0rc1 and earlier, as used in xin...
CVE-2007-1388 The do_ipv6_setsockopt function in net/ipv6/ipv6_sockglue.c in Linux kernel before 2.6.20, and possi...
CVE-2007-1389 dynaliens 2.0 and 2.1 allows remote attackers to bypass authentication and perform certain privilege...
E
CVE-2007-1390 Multiple cross-site scripting (XSS) vulnerabilities in dynaliens 2.0 and 2.1 allow remote attackers ...
E
CVE-2007-1391 PHP remote file inclusion vulnerability in modules/abook/foldertree.php in Leo West WEBO (aka weborg...
E
CVE-2007-1392 Directory traversal vulnerability in down.php in netForo! 0.1g allows remote attackers to read arbit...
E
CVE-2007-1393 PHP remote file inclusion vulnerability in mysave.php in Magic CMS 4.2.747 allows remote attackers t...
E
CVE-2007-1394 Direct static code injection vulnerability in startsession.php in Flat Chat 2.0 allows remote attack...
E
CVE-2007-1395 Incomplete blacklist vulnerability in index.php in phpMyAdmin 2.8.0 through 2.9.2 allows remote atta...
E
CVE-2007-1396 The import_request_variables function in PHP 4.0.7 through 4.4.6, and 5.x before 5.2.2, when called ...
CVE-2007-1397 Multiple stack-based buffer overflows in the (1) ExtractRnick and (2) decrypt_topic_332 functions in...
E
CVE-2007-1398 The frag3 preprocessor in Snort 2.6.1.1, 2.6.1.2, and 2.7.0 beta, when configured for inline use on ...
E
CVE-2007-1399 Stack-based buffer overflow in the zip:// URL wrapper in PECL ZIP 1.8.3 and earlier, as bundled with...
E
CVE-2007-1400 Plash permits sandboxed processes to open /dev/tty, which allows local users to escape sandbox restr...
S
CVE-2007-1401 Buffer overflow in the crack extension (CrackLib), as bundled with PHP 4.4.6 and other versions befo...
E
CVE-2007-1402 The Rediff Toolbar 2.0 ActiveX control in redifftoolbar.dll allows remote attackers to cause a denia...
E
CVE-2007-1403 Multiple stack-based buffer overflows in an ActiveX control in SwDir.dll 10.1.4.20 in Macromedia Sho...
E
CVE-2007-1404 tftpd.exe in ProSysInfo TFTP Server TFTPDWIN 0.4.2 allows remote attackers to cause a denial of serv...
E
CVE-2007-1405 Cross-site scripting (XSS) vulnerability in the "download wiki page as text" feature in Trac before ...
S
CVE-2007-1406 Trac before 0.10.3.1 does not send a Content-Disposition HTTP header specifying an attachment in cer...
CVE-2007-1407 Unspecified vulnerability in OpenSolution Quick.Cart before 2.1 has unknown impact and attack vector...
S
CVE-2007-1408 Multiple vulnerabilities in (1) bank.php, (2) landfill.php, (3) outposts.php, (4) tribes.php, (5) ho...
S
CVE-2007-1409 WordPress allows remote attackers to obtain sensitive information via a direct request for wp-admin/...
CVE-2007-1410 SQL injection vulnerability in kategori.asp in GaziYapBoz Game Portal allows remote attackers to exe...
E
CVE-2007-1411 Buffer overflow in PHP 4.4.6 and earlier, and unspecified PHP 5 versions, allows local and possibly ...
E
CVE-2007-1412 The cpdf_open function in the ClibPDF (cpdf) extension in PHP 4.4.6 allows context-dependent attacke...
E
CVE-2007-1413 Buffer overflow in the snmpget function in the snmp extension in PHP 5.2.3 and earlier, including PH...
E
CVE-2007-1414 Multiple PHP remote file inclusion vulnerabilities in Coppermine Photo Gallery (CPG) allow remote at...
E
CVE-2007-1415 Multiple PHP remote file inclusion vulnerabilities in PMB Services 3.0.13 and earlier allow remote a...
E
CVE-2007-1416 PHP remote file inclusion vulnerability in createurl.php in JCcorp (aka James Coyle) URLshrink allow...
E
CVE-2007-1417 SQL injection vulnerability in index.php in HC NEWSSYSTEM 1.0-4 allows remote attackers to execute a...
E
CVE-2007-1418 Cross-site scripting (XSS) vulnerability in skins/ace/popup-notopic.php in MindTouch OpenGarden Deki...
S
CVE-2007-1419 The Java Management Extensions Remote API Remote Method Invocation over Internet Inter-ORB Protocol ...
S
CVE-2007-1420 MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performi...
E S
CVE-2007-1421 Multiple PHP remote file inclusion vulnerabilities in Premod SubDog 2 allow remote attackers to exec...
E
CVE-2007-1422 SQL injection vulnerability in goster.asp in fystyq Duyuru Scripti allows remote attackers to execut...
E
CVE-2007-1423 Multiple PHP remote file inclusion vulnerabilities in WORK system e-commerce 3.0.5 and earlier allow...
E
CVE-2007-1424 Multiple PHP remote file inclusion vulnerabilities in Softnews Media Group DataLife Engine allow rem...
E
CVE-2007-1425 SQL injection vulnerability in index.php in Triexa SonicMailer Pro 3.2.3 and earlier allows remote a...
E
CVE-2007-1426 The web interface in AstroCam 2.0.0 through 2.6.5 allows remote attackers to cause a denial of servi...
CVE-2007-1427 Directory traversal vulnerability in download_pdf.php in AssetMan 2.4a and earlier allows remote att...
E
CVE-2007-1428 SQL injection vulnerability in search.php in PHP Labs JobSitePro 1.0 allows remote attackers to exec...
E
CVE-2007-1429 Multiple PHP remote file inclusion vulnerabilities in Moodle 1.7.1 allow remote attackers to execute...
CVE-2007-1430 PHP remote file inclusion vulnerability in include/adodb-connection.inc.php in ClipShare 1.5.3 allow...
CVE-2007-1431 Multiple unspecified vulnerabilities in PennMUSH 1.8.3 before 1.8.3p1 and 1.8.2 before 1.8.2p3 allow...
S
CVE-2007-1432 Grayscale Blog 0.8.0, and possibly earlier versions, allows remote attackers to gain privileges via ...
CVE-2007-1433 Cross-site scripting (XSS) vulnerability in Grayscale Blog 0.8.0, and possibly earlier versions, all...
E
CVE-2007-1434 SQL injection vulnerability in Grayscale Blog 0.8.0, and possibly earlier versions, might allow remo...
E
CVE-2007-1435 Buffer overflow in D-Link TFTP Server 1.0 allows remote attackers to cause a denial of service (cras...
CVE-2007-1436 Unspecified vulnerability in admin.pl in SQL-Ledger before 2.6.26 and LedgerSMB before 1.1.9 allows ...
S
CVE-2007-1437 Unspecified vulnerability in LedgerSMB before 1.1.5 and SQL-Ledger before 2.6.25 allows remote attac...
CVE-2007-1438 SQL injection vulnerability in devami.asp in X-Ice News System 1.0 allows remote attackers to execut...
E
CVE-2007-1439 PHP remote file inclusion vulnerability in ressourcen/dbopen.php in bitesser MySQL Commander 2.7 and...
E
CVE-2007-1440 SQL injection vulnerability in search.asp in JGBBS 3.0 Beta 1 allows remote attackers to execute arb...
E
CVE-2007-1441 The 4thPass browser (BlackBerry Browser) on the RIM BlackBerry 8100 (Pearl) before 4.2.1 allows remo...
CVE-2007-1442 Oracle Database 10g uses a NULL pDacl parameter when calling the SetSecurityDescriptorDacl function ...
E
CVE-2007-1443 Multiple cross-site scripting (XSS) vulnerabilities in register.php in Woltlab Burning Board (wBB) 2...
CVE-2007-1444 netserver in netperf 2.4.3 allows local users to overwrite arbitrary files via a symlink attack on /...
CVE-2007-1445 SQL injection vulnerability in the heme preview feature for default.asp in BP Blog 7.0 through 7.0.2...
E S
CVE-2007-1446 Multiple PHP remote file inclusion vulnerabilities in Open Education System (OES) 0.1beta allow remo...
E
CVE-2007-1447 The Tape Engine in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier all...
CVE-2007-1448 The Tape Engine in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier all...
S
CVE-2007-1449 Directory traversal vulnerability in mainfile.php in PHP-Nuke 8.0 and earlier allows remote attacker...
CVE-2007-1450 SQL injection vulnerability in mainfile.php in PHP-Nuke 8.0 and earlier allows remote attackers to e...
CVE-2007-1451 GuppY 4.0 allows remote attackers to delete arbitrary files via a direct request to install/install....
E
CVE-2007-1452 The FDF support (ext/fdf) in PHP 5.2.0 and earlier does not implement the input filtering hooks for ...
CVE-2007-1453 Buffer underflow in the PHP_FILTER_TRIM_DEFAULT macro in the filtering extension (ext/filter) in PHP...
E
CVE-2007-1454 ext/filter in PHP 5.2.0, when FILTER_SANITIZE_STRING is used with the FILTER_FLAG_STRIP_LOW flag, do...
CVE-2007-1455 Multiple absolute path traversal vulnerabilities in Fantastico, as used with cPanel 10.x, allow remo...
CVE-2007-1456 PHP remote file inclusion vulnerability in common.php in PHP Photo Album allows remote attackers to ...
CVE-2007-1457 Buffer overflow in the urarlib_get function in Christian Scheurer UniquE RAR File Library (unrarlib,...
CVE-2007-1458 Multiple PHP remote file inclusion vulnerabilities in CARE2X 1.1 allow remote attackers to execute a...
E
CVE-2007-1459 Multiple PHP remote file inclusion vulnerabilities in WebCreator 0.2.6-rc3 and earlier allow remote ...
E
CVE-2007-1460 The zip:// URL wrapper provided by the PECL zip extension in PHP before 4.4.7, and 5.2.0 and 5.2.1, ...
CVE-2007-1461 The compress.bzip2:// URL wrapper provided by the bz2 extension in PHP before 4.4.7, and 5.x before ...
CVE-2007-1462 The luci server component in conga preserves the password between page loads for the Add System/Clus...
CVE-2007-1463 Format string vulnerability in Inkscape before 0.45.1 allows user-assisted remote attackers to execu...
S
CVE-2007-1464 Format string vulnerability in the whiteboard Jabber protocol in Inkscape before 0.45.1 allows user-...
CVE-2007-1465 Stack-based buffer overflow in dproxy.c for dproxy 0.1 through 0.5 allows remote attackers to execut...
E
CVE-2007-1466 Integer overflow in the WP6GeneralTextPacket::_readContents function in WordPerfect Document importe...
S
CVE-2007-1467 Multiple cross-site scripting (XSS) vulnerabilities in (1) PreSearch.html and (2) PreSearch.class in...
CVE-2007-1468 Cross-site scripting (XSS) vulnerability in IBM Rational ClearQuest (CQ) Web 7.0.0.0 allows remote a...
CVE-2007-1469 SQL injection vulnerability in gallery.asp in Absolute Image Gallery 2.0 allows remote attackers to ...
E
CVE-2007-1470 Multiple buffer overflows in LIBFtp 5.0 allow user-assisted remote attackers to execute arbitrary co...
E
CVE-2007-1471 admin/default.asp in Orion-Blog 2.0 allows remote attackers to bypass authentication controls and ga...
CVE-2007-1472 Variable overwrite vulnerability in groupit/base/groupit.start.inc in Groupit 2.00b5 allows remote a...
E
CVE-2007-1473 Cross-site scripting (XSS) vulnerability in framework/NLS/NLS.php in Horde Framework before 3.1.4 RC...
S
CVE-2007-1474 Argument injection vulnerability in the cleanup cron script in Horde Project Horde and IMP before Ho...
S
CVE-2007-1475 Multiple buffer overflows in the (1) ibase_connect and (2) ibase_pconnect functions in the interbase...
E
CVE-2007-1476 The SymTDI device driver (SYMTDI.SYS) in Symantec Norton Personal Firewall 2006 9.1.1.7 and earlier,...
CVE-2007-1477 Directory traversal vulnerability in index.php in PHP Point Of Sale for osCommerce 1.1 allows remote...
CVE-2007-1478 download.php in McGallery 0.5b allows remote attackers to read arbitrary files and obtain script sou...
E
CVE-2007-1479 Cross-site scripting (XSS) vulnerability in Guestbook.php in Creative Guestbook 1.0 allows remote at...
E
CVE-2007-1480 Creative Guestbook 1.0 allows remote attackers to add an administrative account via a direct request...
E
CVE-2007-1481 SQL injection vulnerability in index.php in WBBlog allows remote attackers to execute arbitrary SQL ...
E
CVE-2007-1482 Cross-site scripting (XSS) vulnerability in index.php in WBBlog allows remote attackers to inject ar...
E
CVE-2007-1483 Multiple PHP remote file inclusion vulnerabilities in WebCalendar 0.9.45 allow remote attackers to e...
E S
CVE-2007-1484 The array_user_key_compare function in PHP 4.4.6 and earlier, and 5.x up to 5.2.1, makes erroneous c...
E
CVE-2007-1485 Buffer overflow in the set_umask function in QFTP in LIBFtp 3.1-1 allows local users to execute arbi...
CVE-2007-1486 PHP remote file inclusion vulnerability in template.class.php in Carbonize Lazarus Guestbook before ...
CVE-2007-1487 Directory traversal vulnerability in index.php in Sascha Schroeder (aka CyberTeddy or Cyber-inside) ...
E
CVE-2007-1488 Unspecified vulnerability in Sun Java System Web Server 6.0 and 6.1 before 20070315 allows remote at...
S
CVE-2007-1489 Unspecified vulnerability in web-app.org Web Automated Perl Portal (WebAPP) 0.9.9.4 to 0.9.9.6 allow...
S
CVE-2007-1490 Unspecified maintenance web pages in Avaya S87XX, S8500, and S8300 before CM 3.1.3, and Avaya SES al...
S
CVE-2007-1491 Apache Tomcat in Avaya S87XX, S8500, and S8300 before CM 3.1.3, and Avaya SES allows connections fro...
CVE-2007-1492 winmm.dll in Microsoft Windows XP allows user-assisted remote attackers to cause a denial of service...
E
CVE-2007-1493 nukesentinel.php in NukeSentinel 2.5.06 and earlier uses a permissive regular expression to validate...
E
CVE-2007-1494 Cross-site scripting (XSS) vulnerability in NukeSentinel before 2.5.06 allows remote attackers to in...
S
CVE-2007-1495 The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.1.7, and possibly other pr...
E
CVE-2007-1496 nfnetlink_log in netfilter in the Linux kernel before 2.6.20.3 allows attackers to cause a denial of...
S
CVE-2007-1497 nf_conntrack in netfilter in the Linux kernel before 2.6.20.3 does not set nfctinfo during reassembl...
S
CVE-2007-1498 Multiple stack-based buffer overflows in the SiteManager.SiteMgr.1 ActiveX control (SiteManager.dll)...
S
CVE-2007-1499 Microsoft Internet Explorer 7.0 on Windows XP and Vista allows remote attackers to conduct phishing ...
CVE-2007-1500 The Linux Security Auditing Tool (LSAT) allows local users to overwrite arbitrary files via a symlin...
CVE-2007-1501 Stack-based buffer overflow in Avant Browser 11.0 build 26 allows remote attackers to cause a denial...
E
CVE-2007-1502 Multiple buffer overflows in Rhapsody IRC 0.28b allow remote attackers to execute arbitrary code via...
CVE-2007-1503 Multiple format string vulnerabilities in comm.c in Rhapsody IRC 0.28b allow remote attackers to exe...
CVE-2007-1504 Cross-site scripting (XSS) vulnerability in the Servlet Service in Fujitsu Interstage Application Se...
CVE-2007-1505 Fujitsu FENCE-Pro before V5L01, and Systemwalker Desktop Encryption V12.0L10, V12.0L10A, V12.0L10B, ...
S
CVE-2007-1506 Cross-site scripting (XSS) vulnerability in PORTAL.wwv_main.render_warning_screen in the Oracle Port...
CVE-2007-1507 The default configuration in OpenAFS 1.4.x before 1.4.4 and 1.5.x before 1.5.17 supports setuid prog...
S
CVE-2007-1508 Cross-site scripting (XSS) vulnerability in CMD_USER_STATS in DirectAdmin allows remote attackers to...
CVE-2007-1509 Directory traversal vulnerability in enkrypt.php in Sascha Schroeder krypt (aka Holtstraeter Rot 13)...
CVE-2007-1510 SQL injection vulnerability in post.php in Particle Blogger 1.0.0 through 1.2.0 allows remote attack...
E
CVE-2007-1511 Buffer overflow in FrontBase Relational Database Server 4.2.7 and earlier allows remote authenticate...
CVE-2007-1512 Stack-based buffer overflow in the AfxOleSetEditMenu function in the MFC component in Microsoft Wind...
CVE-2007-1513 PHP remote file inclusion vulnerability in comanda.php in GraFX Company WebSite Builder (CWB) PRO 1....
E
CVE-2007-1514 PHP remote file inclusion vulnerability in index.php in ViperWeb Portal alpha 0.1 allows remote atta...
CVE-2007-1515 Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP H3 4.1.3, and possibly earlier, all...
E S
CVE-2007-1516 PHP remote file inclusion vulnerability in functions/update.php in Cicoandcico CcMail 1.0 allows rem...
E
CVE-2007-1517 SQL injection vulnerability in comments.php in WSN Guest 1.02 and 1.21 allows remote attackers to ex...
E
CVE-2007-1518 SQL injection vulnerability in usergroups.php in Woltlab Burning Board (wBB) 2.x allows remote attac...
CVE-2007-1519 Cross-site scripting (XSS) vulnerability in modules.php in PHP-Nuke 8.0 and earlier allows remote at...
E
CVE-2007-1520 The cross-site request forgery (CSRF) protection in PHP-Nuke 8.0 and earlier does not ensure the SER...
E
CVE-2007-1521 Double free vulnerability in PHP before 4.4.7, and 5.x before 5.2.2, allows context-dependent attack...
E
CVE-2007-1522 Double free vulnerability in the session extension in PHP 5.2.0 and 5.2.1 allows context-dependent a...
E
CVE-2007-1523 Heap-based buffer overflow in the kernel in NetBSD 3.0, certain versions of FreeBSD and OpenBSD, and...
CVE-2007-1524 Directory traversal vulnerability in themes/default/ in ZomPlog 3.7.6 and earlier allows remote atta...
E
CVE-2007-1525 Direct static code injection vulnerability in postpost.php in Dayfox Blog (dfblog) 4 allows remote a...
E
CVE-2007-1526 Sun Java System Web Server 6.1 before 20070314 allows remote authenticated users with revoked client...
S
CVE-2007-1527 The LLTD Mapper in Microsoft Windows Vista does not verify that an IP address in a TLV type 0x07 fie...
CVE-2007-1528 The LLTD Mapper in Microsoft Windows Vista allows remote attackers to spoof hosts, and nonexistent b...
CVE-2007-1529 The LLTD Responder in Microsoft Windows Vista does not send the Mapper a response to a DISCOVERY pac...
CVE-2007-1530 The LLTD Mapper in Microsoft Windows Vista does not properly gather responses to EMIT packets, which...
CVE-2007-1531 Microsoft Windows XP and Vista overwrites ARP table entries included in gratuitous ARP, which allows...
CVE-2007-1532 The neighbor discovery implementation in Microsoft Windows Vista allows remote attackers to conduct ...
CVE-2007-1533 The Teredo implementation in Microsoft Windows Vista uses the same nonce for communication with diff...
CVE-2007-1534 DFSR.exe in Windows Meeting Space in Microsoft Windows Vista remains available for remote connection...
CVE-2007-1535 Microsoft Windows Vista establishes a Teredo address without user action upon connection to the Inte...
CVE-2007-1536 Integer underflow in the file_printf function in the "file" program before 4.20 allows user-assisted...
S
CVE-2007-1537 \Device\NdisTapi (NDISTAPI.sys) in Microsoft Windows XP SP2 and 2003 SP1 uses weak permissions, whic...
CVE-2007-1538 McAfee VirusScan Enterprise 8.5.0.i uses insecure permissions for certain Windows Registry keys, whi...
CVE-2007-1539 Directory traversal vulnerability in inc/map.func.php in pragmaMX Landkarten 2.1 module allows remot...
E
CVE-2007-1540 Directory traversal vulnerability in am.pl in (1) SQL-Ledger 2.6.27 and earlier, and (2) LedgerSMB b...
S
CVE-2007-1541 Directory traversal vulnerability in am.pl in SQL-Ledger 2.6.27 only checks for the presence of a NU...
CVE-2007-1542 Unspecified vulnerability in the Cisco IP Phone 7940 and 7960 running firmware before POS8-6-0 allow...
CVE-2007-1543 Stack-based buffer overflow in the accept_att_local function in server/os/connection.c in Network Au...
E S
CVE-2007-1544 Integer overflow in the ProcAuWriteElement function in server/dia/audispatch.c in Network Audio Syst...
E S
CVE-2007-1545 The AddResource function in server/dia/resource.c in Network Audio System (NAS) before 1.8a SVN 237 ...
E S
CVE-2007-1546 Array index error in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause...
E S
CVE-2007-1547 The ReadRequestFromClient function in server/os/io.c in Network Audio System (NAS) before 1.8a SVN 2...
CVE-2007-1548 SQL injection vulnerability in functions/functions_filters.asp in Web Wiz Forums before 8.05a (MySQL...
E
CVE-2007-1549 Unrestricted file upload vulnerability in gallery.php in phpx 3.5.15 allows remote attackers to uplo...
CVE-2007-1550 Multiple SQL injection vulnerabilities in phpx 3.5.15 allow remote attackers to execute arbitrary SQ...
CVE-2007-1551 Multiple cross-site scripting (XSS) vulnerabilities in phpx 3.5.15 allow remote attackers to inject ...
CVE-2007-1552 Unrestricted file upload vulnerability in usercp.php in MetaForum 0.513 Beta restricts file types ba...
E
CVE-2007-1553 admin/configuration.php in Guestbara 1.2 and earlier allows remote attackers to modify the e-mail, n...
E
CVE-2007-1554 Direct static code injection vulnerability in admin/configuration.php in Guestbara 1.2 and earlier a...
CVE-2007-1555 SQL injection vulnerability in forum.php in the Minerva mod 2.0.21 build 238a and earlier for phpBB ...
E
CVE-2007-1556 SQL injection vulnerability in kommentare.php in Creative Files 1.2 allows remote attackers to execu...
E
CVE-2007-1557 Format string vulnerability in F-Secure Anti-Virus Client Security 6.02 allows local users to cause ...
S
CVE-2007-1558 The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-t...
S
CVE-2007-1559 Multiple stack-based buffer overflows in SonicDVDDashVRNav.dll in Roxio CinePlayer 3.2 allow remote ...
CVE-2007-1560 The clientProcessRequest() function in src/client_side.c in Squid 2.6 before 2.6.STABLE12 allows rem...
S
CVE-2007-1561 The channel driver in Asterisk before 1.2.17 and 1.4.x before 1.4.2 allows remote attackers to cause...
S
CVE-2007-1562 The FTP protocol implementation in Mozilla Firefox before 1.5.0.11 and 2.x before 2.0.0.3 allows rem...
CVE-2007-1563 The FTP protocol implementation in Opera 9.10 allows remote attackers to allows remote servers to fo...
CVE-2007-1564 The FTP protocol implementation in Konqueror 3.5.5 allows remote servers to force the client to conn...
CVE-2007-1565 Konqueror 3.5.5 allows remote attackers to cause a denial of service (crash) by using JavaScript to ...
CVE-2007-1566 SQL injection vulnerability in News/page.asp in NetVIOS Portal allows remote attackers to execute ar...
E
CVE-2007-1567 Stack-based buffer overflow in War FTP Daemon 1.65, and possibly earlier, allows remote attackers to...
S
CVE-2007-1568 Stack-based buffer overflow in DaanSystems NewsReactor 20070220.21 allows remote attackers to execut...
E
CVE-2007-1569 Stack-based buffer overflow in NewsBin Pro 4.32 allows remote attackers to cause a denial of service...
E
CVE-2007-1570 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-1438. Reason: This candida...
R
CVE-2007-1571 PHP remote file inclusion vulnerability in includes/base.php in Radical Designs Activist Mobilizatio...
E
CVE-2007-1572 SQL injection vulnerability in search.asp in JGBBS 3.0 Beta 1 and earlier allows remote attackers to...
CVE-2007-1573 SQL injection vulnerability in admincp/attachment.php in Jelsoft vBulletin 3.6.5 allows remote authe...
E
CVE-2007-1574 CARE2X 2.2, and possibly earlier, allows remote attackers to obtain configuration information via a ...
CVE-2007-1575 Multiple SQL injection vulnerabilities in PHProjekt 5.2.0, when magic_quotes_gpc is disabled, allow ...
S
CVE-2007-1576 Multiple cross-site scripting (XSS) vulnerabilities in PHProjekt 5.2.0, when magic_quotes_gpc is dis...
S
CVE-2007-1577 Directory traversal vulnerability in index.php in GeBlog 0.1 allows remote attackers to include and ...
E
CVE-2007-1578 Multiple integer signedness errors in the NTLM implementation in Atrium MERCUR IMAPD (mcrimap4.exe) ...
E
CVE-2007-1579 Stack-based buffer overflow in Atrium MERCUR IMAPD allows remote attackers to have an unknown impact...
E
CVE-2007-1580 FTPDMIN 0.96 allows remote attackers to cause a denial of service (daemon crash) via a LIST command ...
E
CVE-2007-1581 The resource system in PHP 5.0.0 through 5.2.1 allows context-dependent attackers to execute arbitra...
E
CVE-2007-1582 The resource system in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows context-dependent atta...
E
CVE-2007-1583 The mb_parse_str function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 sets the internal regis...
CVE-2007-1584 Buffer underflow in the header function in PHP 5.2.0 allows context-dependent attackers to execute a...
E
CVE-2007-1585 The Linksys WAG200G with firmware 1.01.01, WRT54GC 2 with firmware 1.00.7, and WRT54GC 1 with firmwa...
CVE-2007-1586 ZynOS 3.40 allows remote attackers to cause a denial of service (link restart) by sending a request ...
E
CVE-2007-1587 templates/config/mail.tpl in Tim Soderstrom StatsDawg 0.92 allows remote attackers to execute arbitr...
S
CVE-2007-1588 server.cpp in MyServer 0.8.5 calls Process::setuid before calling Process::setgid and thus does not ...
S
CVE-2007-1589 TrueCrypt before 4.3, when set-euid mode is used on Linux, allows local users to cause a denial of s...
S
CVE-2007-1590 The Grandstream BudgeTone 200 IP phone, with program 1.1.1.14 and bootloader 1.1.1.5, allows remote ...
CVE-2007-1591 VsapiNT.sys in the Scan Engine 8.0 for Trend Micro AntiVirus 14.10.1041, and other products, allows ...
S
CVE-2007-1592 net/ipv6/tcp_ipv6.c in Linux kernel 2.6.x up to 2.6.21-rc3 inadvertently copies the ipv6_fl_socklist...
S
CVE-2007-1593 The administrative service in Symantec Veritas Volume Replicator (VVR) for Windows 3.1 through 4.3, ...
S
CVE-2007-1594 The handle_response function in chan_sip.c in Asterisk before 1.2.17 and 1.4.x before 1.4.2 allows r...
S
CVE-2007-1595 The Asterisk Extension Language (AEL) in pbx/pbx_ael.c in Asterisk does not properly generate extens...
S
CVE-2007-1596 Multiple PHP remote file inclusion vulnerabilities in the NFN Address Book (com_nfn_addressbook) 0.4...
E
CVE-2007-1597 Unclassified NewsBoard 1.6.3 stores sensitive information under the web root with insufficient acces...
CVE-2007-1598 Stack-based buffer overflow in InterVations FileCOPA FTP Server 1.01 allows remote attackers to exec...
E
CVE-2007-1599 wp-login.php in WordPress allows remote attackers to redirect authenticated users to other websites ...
CVE-2007-1600 PHP remote file inclusion vulnerability in module.php in Digital Eye Gallery 1.1 Beta (aka 0.1.1b) a...
E
CVE-2007-1601 Directory traversal vulnerability in check_vote.php in Weekly Drawing Contest 0.0.1 allows remote at...
CVE-2007-1602 SQL injection vulnerability in check_vote.php in Weekly Drawing Contest 0.0.1 allows remote attacker...
CVE-2007-1603 admin/contest.php in Weekly Drawing Contest 0.0.1 allows remote attackers to bypass authentication, ...
CVE-2007-1604 Multiple unrestricted file upload vulnerabilities in w-Agora (Web-Agora) allow remote attackers to u...
E
CVE-2007-1605 w-Agora (Web-Agora) allows remote attackers to obtain sensitive information via a request to rss.php...
E
CVE-2007-1606 Multiple cross-site scripting (XSS) vulnerabilities in w-Agora (Web-Agora) allow remote attackers to...
CVE-2007-1607 search.php in w-Agora (Web-Agora) allows remote attackers to obtain potentially sensitive informatio...
E
CVE-2007-1608 CRLF injection vulnerability in IBM WebSphere Application Server (WAS) before 6.0.2.19 allows remote...
S
CVE-2007-1609 Cross-site scripting (XSS) vulnerability in servlet/Spy in Dynamic Monitoring Services (DMS) in Orac...
CVE-2007-1610 Cross-site scripting (XSS) vulnerability in the RSS reader in Glue Software NewsGlue before 1.3.4 al...
CVE-2007-1611 Cross-site scripting (XSS) vulnerability in the RSS reader in a certain SOURCENEXT product, probably...
CVE-2007-1612 SQL injection vulnerability in index.php in Katalog Plyt Audio 1.0 and earlier allows remote attacke...
E
CVE-2007-1613 Directory traversal vulnerability in view.php in MPM Chat 2.5 allows remote attackers to include and...
E
CVE-2007-1614 Stack-based buffer overflow in the zzip_open_shared_io function in zzip/file.c in ZZIPlib Library be...
E S
CVE-2007-1615 SQL injection vulnerability in index.php in ScriptMagix Jokes 2.0 and earlier allows remote attacker...
E
CVE-2007-1616 SQL injection vulnerability in index.php in ScriptMagix Lyrics 2.0 and earlier allows remote attacke...
E
CVE-2007-1617 SQL injection vulnerability in index.php in ScriptMagix Recipes 2.0 and earlier allows remote attack...
E
CVE-2007-1618 SQL injection vulnerability in index.php in ScriptMagix FAQ Builder 2.0 and earlier allows remote at...
E
CVE-2007-1619 SQL injection vulnerability in viewcomments.php in ScriptMagix Photo Rating 2.0 and earlier allows r...
E
CVE-2007-1620 Multiple PHP remote file inclusion vulnerabilities in PHP DB Designer 1.02 and earlier allow remote ...
E
CVE-2007-1621 PHP remote file inclusion vulnerability in templates/head.php in Active PHP Bookmark Notes (APB) 0.2...
E
CVE-2007-1622 Cross-site scripting (XSS) vulnerability in wp-admin/vars.php in WordPress before 2.0.10 RC2, and be...
E S
CVE-2007-1623 Multiple cross-site scripting (XSS) vulnerabilities in realGuestbook 5.01, when register_globals is ...
CVE-2007-1624 Multiple SQL injection vulnerabilities in realGuestbook 5.01 allow remote attackers to execute arbit...
CVE-2007-1625 Cross-site scripting (XSS) vulnerability in save_entry.php in realGuestbook 5.01 allows remote attac...
E
CVE-2007-1626 PHP remote file inclusion vulnerability in iframe.php in the iFrame Module for PHP-NUKE allows remot...
E
CVE-2007-1627 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-4606. Reason: This candida...
R
CVE-2007-1628 Multiple PHP remote file inclusion vulnerabilities in Study planner (Studiewijzer) 0.15 and earlier,...
E
CVE-2007-1629 SQL injection vulnerability in default.asp in ActiveWebSoftwares Active Photo Gallery allows remote ...
E
CVE-2007-1630 SQL injection vulnerability in default.asp in ActiveWebSoftwares Active Link Engine allows remote at...
E
CVE-2007-1631 PHP remote file inclusion vulnerability in signup.php in CLBOX 1.01 allows remote attackers to execu...
CVE-2007-1632 Unspecified vulnerability in TYPOlight webCMS before 2.2 Build 5 has unknown impact and attack vecto...
S
CVE-2007-1633 Directory traversal vulnerability in bbcode_ref.php in the Giorgio Ciranni Splatt Forum 4.0 RC1 modu...
E
CVE-2007-1634 Variable extraction vulnerability in grab_globals.php in Net Portal Dynamic System (NPDS) 5.10 and e...
CVE-2007-1635 Static code injection vulnerability in admin/settings.php in Net Portal Dynamic System (NPDS) 5.10 a...
CVE-2007-1636 Directory traversal vulnerability in index.php in RoseOnlineCMS 3 B1 allows remote attackers to incl...
E
CVE-2007-1637 Multiple buffer overflows in the IMAILAPILib ActiveX control (IMailAPI.dll) in Ipswitch IMail Server...
CVE-2007-1638 Multiple cross-site request forgery (CSRF) vulnerabilities in the check_csrftoken function in lib/li...
S
CVE-2007-1639 Unrestricted file upload vulnerability in PHProjekt 5.2.0, when magic_quotes_gpc is disabled, allows...
S
CVE-2007-1640 Multiple PHP remote file inclusion vulnerabilities in ClassWeb 2.03 and earlier allow remote attacke...
E
CVE-2007-1641 SQL injection vulnerability in index.php in PortailPHP 2.0 allows remote attackers to execute arbitr...
E
CVE-2007-1642 Unspecified vulnerability in ManageEngine Firewall Analyzer allows remote authenticated users to "ac...
CVE-2007-1643 Multiple PHP remote file inclusion vulnerabilities in LAN Management System (LMS) 1.8.9 Vala and ear...
E
CVE-2007-1644 The dynamic DNS update mechanism in the DNS Server service on Microsoft Windows does not properly au...
E
CVE-2007-1645 Buffer overflow in FutureSoft TFTP Server 2000 on Microsoft Windows 2000 SP4 allows remote attackers...
E
CVE-2007-1646 Multiple cross-site scripting (XSS) vulnerabilities in SubHub 2.3.0 allow remote attackers to inject...
CVE-2007-1647 Moodle 1.5.2 and earlier stores sensitive information under the web root with insufficient access co...
E
CVE-2007-1648 0irc 1345 build 20060823 allows remote attackers to cause a denial of service (application crash) by...
E
CVE-2007-1649 PHP 5.2.1 allows context-dependent attackers to read portions of heap memory by executing certain sc...
E
CVE-2007-1650 pcapsipdump.cpp in pcapsipdump before 0.1.3 allows remote attackers to cause a denial of service (ap...
CVE-2007-1651 Cross-site request forgery (CSRF) vulnerability in OpenID allows remote attackers to restore the log...
CVE-2007-1652 OpenID allows remote attackers to forcibly log a user into an OpenID enabled site, divulge the user'...
CVE-2007-1653 GlowWorm FW before 1.5.3b4 allows remote attackers to cause a denial of service (kernel panic) via c...
CVE-2007-1654 Buffer overflow in the Ne7sshSftp::addOpenHandle function in ne7ssh_sftp.cpp in NetSieben SSH Librar...
CVE-2007-1655 Buffer overflow in the fun_ladd function in funmath.cpp in TinyMUX before 20070126 might allow remot...
CVE-2007-1656 Multiple SQL injection vulnerabilities in index.php in Katalog Plyt Audio 1.0 and earlier allow remo...
CVE-2007-1657 Stack-based buffer overflow in the file_compress function in minigzip (Modules/zlib) in Python 2.5 a...
E
CVE-2007-1658 Windows Mail in Microsoft Windows Vista might allow user-assisted remote attackers to execute certai...
E
CVE-2007-1659 Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to c...
S
CVE-2007-1660 Perl-Compatible Regular Expression (PCRE) library before 7.0 does not properly calculate sizes for u...
S
CVE-2007-1661 Perl-Compatible Regular Expression (PCRE) library before 7.3 backtracks too far when matching certai...
S
CVE-2007-1662 Perl-Compatible Regular Expression (PCRE) library before 7.3 reads past the end of the string when s...
S
CVE-2007-1663 Memory leak in the image message functionality in ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Et...
S
CVE-2007-1664 ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of se...
S
CVE-2007-1665 Memory leak in the token OCR functionality in ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch a...
S
CVE-2007-1666 The processor_request function in the debugger server for DataRescue IDA Pro 5.0 and 5.1 does not ve...
S
CVE-2007-1667 Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, a...
CVE-2007-1669 zoo decoder 2.10 (zoo-2.10), as used in multiple products including (1) Barracuda Spam Firewall 3.4 ...
E S
CVE-2007-1670 Panda Software Antivirus before 20070402 allows remote attackers to cause a denial of service (infin...
E
CVE-2007-1671 avpack32.dll before 7.3.0.6 in Avira AntiVir allows remote attackers to cause a denial of service (i...
CVE-2007-1672 avast! antivirus before 4.7.981 allows remote attackers to cause a denial of service (infinite loop)...
E
CVE-2007-1673 unzoo.c, as used in multiple products including AMaViS 2.4.1 and earlier, allows remote attackers to...
E
CVE-2007-1674 Stack-based buffer overflow in the Alert Service (aolnsrvr.exe) in LANDesk Management Suite 8.7 allo...
E S
CVE-2007-1675 Buffer overflow in the CRAM-MD5 authentication mechanism in the IMAP server (nimap.exe) in IBM Lotus...
S
CVE-2007-1677 Multiple buffer overflows in the ISO network protocol support in the NetBSD kernel 2.0 through 4.0_B...
CVE-2007-1678 Cross-site scripting (XSS) vulnerability in the Fizzle 0.5 extension for Firefox allows remote attac...
CVE-2007-1679 Multiple cross-site scripting (XSS) vulnerabilities in Horde Groupware Webmail 1.0 allow remote auth...
CVE-2007-1680 Stack-based buffer overflow in the createAndJoinConference function in the AudioConf ActiveX control...
S
CVE-2007-1681 Format string vulnerability in libwebconsole_services.so in Sun Java Web Console 2.2.2 through 2.2.5...
CVE-2007-1682 Multiple stack-based buffer overflows in the FileManager ActiveX control in SAFmgPws.dll in SoftArti...
CVE-2007-1683 Stack-based buffer overflow in the DoWebMenuAction function in the IncrediMail IMMenuShellExt Active...
CVE-2007-1684 The Run function in SolidWorks sldimdownload ActiveX control in sldimdownload.dll before 16.0.0.6 al...
S
CVE-2007-1685 Buffer overflow in k9filter.exe in BlueCoat K9 Web Protection 3.2.36, and probably other versions be...
CVE-2007-1687 Multiple buffer overflows in the Internet Pictures Corporation iPIX Image Well ActiveX control (iPIX...
CVE-2007-1688 Buffer overflow in the PhPInfo ActiveX control in PhPCtrl.dll in Callisto PhotoParade Player allows ...
CVE-2007-1689 Buffer overflow in the ISAlertDataCOM ActiveX control in ISLALERT.DLL for Norton Personal Firewall 2...
S
CVE-2007-1690 Multiple stack-based buffer overflows in Second Sight Software ActiveGS ActiveX control (ActiveGS.oc...
CVE-2007-1691 Stack-based buffer overflow in Second Sight Software ActiveMod ActiveX control (ActiveMod.ocx) allow...
CVE-2007-1692 The default configuration of Microsoft Windows uses the Web Proxy Autodiscovery Protocol (WPAD) with...
CVE-2007-1693 The SIP channel module in Yet Another Telephony Engine (Yate) before 1.2.0 sets the caller_info_uri ...
E
CVE-2007-1695 PHP remote file inclusion vulnerability in includes/usercp_register.php in phpBB 2.0.19 allows remot...
CVE-2007-1696 SQL injection vulnerability in ViewNewspapers.asp in Active Newsletter 4.3 and earlier allows remote...
E
CVE-2007-1697 PHP remote file inclusion vulnerability in header.inc.php in Philex 0.2.3 and earlier allows remote ...
E
CVE-2007-1698 download.php in Philex 0.2.3 and earlier allows remote attackers to read arbitrary files and source ...
E
CVE-2007-1699 Multiple PHP remote file inclusion vulnerabilities in the SWmenu (com_swmenupro and com_swmenufree) ...
E
CVE-2007-1700 The session extension in PHP 4 before 4.4.5, and PHP 5 before 5.2.1, calculates the reference count ...
E
CVE-2007-1701 PHP 4 before 4.4.5, and PHP 5 before 5.2.1, when register_globals is enabled, allows context-depende...
CVE-2007-1702 PHP remote file inclusion vulnerability in mod_flatmenu.php in the Flatmenu 1.07 and earlier Mambo m...
E
CVE-2007-1703 SQL injection vulnerability in index.php in the RWCards (com_rwcards) 2.4.3 and earlier component fo...
E
CVE-2007-1704 SQL injection vulnerability in index.php in the Car Manager (com_resman) 1.1 and earlier component f...
E
CVE-2007-1705 SQL injection vulnerability in default.asp in Active Trade 2 allows remote attackers to execute arbi...
E
CVE-2007-1706 SQL injection vulnerability in eWebQuiz.asp in eWebQuiz 8 allows remote attackers to execute arbitra...
E
CVE-2007-1707 PHP remote file inclusion vulnerability in index.php in Net Side Content Management System (Net-Side...
E
CVE-2007-1708 PHP remote file inclusion vulnerability in lib/db/ez_sql.php in ttCMS 4 and earlier allows remote at...
E
CVE-2007-1709 Buffer overflow in the confirm_phpdoc_compiled function in the phpDOC extension (PECL phpDOC) in PHP...
E
CVE-2007-1710 The readfile function in PHP 4.4.4, 5.1.6, and 5.2.1 allows context-dependent attackers to bypass sa...
E
CVE-2007-1711 Double free vulnerability in the unserializer in PHP 4.4.5 and 4.4.6 allows context-dependent attack...
CVE-2007-1712 SQL injection vulnerability in default.asp in ActiveWebSoftwares Active Auction Pro 7.1 allows remot...
E
CVE-2007-1713 CRLF injection vulnerability in BSMTP.DLL in B21Soft BASP21 2003.0211, and BASP21 Pro 1.0.702.27 and...
CVE-2007-1714 Cross-site scripting (XSS) vulnerability in index.php in CcCounter 2.0 allows remote attackers to in...
E
CVE-2007-1715 PHP remote file inclusion vulnerability in frontpage.php in Free Image Hosting 2.0 and earlier allow...
E
CVE-2007-1716 pam_console does not properly restore ownership for certain console devices when there are multiple ...
CVE-2007-1717 The mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 truncates e-mail messages at th...
E
CVE-2007-1718 CRLF injection vulnerability in the mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1...
E
CVE-2007-1719 Buffer overflow in eject.c in Jason W. Bacon mcweject 0.9 on FreeBSD, and possibly other versions, a...
E
CVE-2007-1720 Directory traversal vulnerability in addressbook.php in the Addressbook 1.2 module for PHP-Nuke allo...
E
CVE-2007-1721 Multiple PHP remote file inclusion vulnerabilities in C-Arbre 0.6PR7 and earlier allow remote attack...
E
CVE-2007-1722 Buffer overflow in the DownloadCertificateExt function in SignKorea SKCommAX ActiveX control module ...
CVE-2007-1723 Multiple cross-site scripting (XSS) vulnerabilities in the administration console in Secure Computin...
CVE-2007-1724 Unspecified vulnerability in ReactOS 0.3.1 has unknown impact and attack vectors, related to a fix f...
CVE-2007-1725 SQL injection vulnerability in index.php in IceBB 1.0-rc5 allows remote authenticated users to execu...
E
CVE-2007-1726 Unrestricted file upload vulnerability in index.php in IceBB 1.0-rc5 allows remote authenticated use...
E
CVE-2007-1727 Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, 7.50, and 7...
CVE-2007-1728 The Remote Play feature in Sony Playstation 3 (PS3) 1.60 and Playstation Portable (PSP) 3.10 OE-A al...
CVE-2007-1729 SQL injection vulnerability in includes/start.php in Flexbb 1.0.0 10005 Beta Release 1 allows remote...
CVE-2007-1730 Integer signedness error in the DCCP support in the do_dccp_getsockopt function in net/dccp/proto.c ...
CVE-2007-1731 Multiple stack-based buffer overflows in High Performance Anonymous FTP Server (hpaftpd) 1.01 allow ...
CVE-2007-1732 Cross-site scripting (XSS) vulnerability in an mt import in wp-admin/admin.php in WordPress 2.1.2 al...
CVE-2007-1733 Buffer overflow in InterVations NaviCOPA HTTP Server 2.01 allows remote attackers to execute arbitra...
E S
CVE-2007-1734 The DCCP support in the do_dccp_getsockopt function in net/dccp/proto.c in Linux kernel 2.6.20 and l...
CVE-2007-1735 Stack-based buffer overflow in Corel WordPerfect Office X3 (13.0.0.565) allows user-assisted remote ...
E
CVE-2007-1736 Mozilla Firefox 2.0.0.3 does not check URLs embedded in (1) object or (2) iframe HTML tags against t...
CVE-2007-1737 Opera 9.10 does not check URLs embedded in (1) object or (2) iframe HTML tags against the phishing s...
CVE-2007-1738 TrueCrypt 4.3, when installed setuid root, allows local users to cause a denial of service (filesyst...
CVE-2007-1739 Heap-based buffer overflow in the LDAP server in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 ...
E
CVE-2007-1740 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-4843. Reason: This candida...
R
CVE-2007-1741 Multiple race conditions in suexec in Apache HTTP Server (httpd) 2.2.3 between directory and file va...
CVE-2007-1742 suexec in Apache HTTP Server (httpd) 2.2.3 uses a partial comparison for verifying whether the curre...
CVE-2007-1743 suexec in Apache HTTP Server (httpd) 2.2.3 does not verify combinations of user and group IDs on the...
CVE-2007-1744 Directory traversal vulnerability in the Shared Folders feature for VMware Workstation before 5.5.4,...
S
CVE-2007-1745 The chm_decompress_stream function in libclamav/chmunpack.c in Clam AntiVirus (ClamAV) before 0.90.2...
CVE-2007-1747 Unspecified vulnerability in MSO.dll in Microsoft Office 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac,...
CVE-2007-1748 Stack-based buffer overflow in the RPC interface in the Domain Name System (DNS) Server Service in M...
CVE-2007-1749 Integer underflow in the CDownloadSink class code in the Vector Markup Language (VML) component (VGX...
S
CVE-2007-1750 Unspecified vulnerability in Microsoft Internet Explorer 6 allows remote attackers to execute arbitr...
CVE-2007-1751 Microsoft Internet Explorer 5.01, 6, and 7 allows remote attackers to execute arbitrary code by caus...
S
CVE-2007-1752 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-1499. Reason: This candida...
R
CVE-2007-1753 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2007-1754 PUBCONV.DLL in Microsoft Office Publisher 2007 does not properly clear memory when transferring data...
CVE-2007-1755 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2007-1756 Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, and Office Excel 2007 does not properly v...
CVE-2007-1757 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2007-1758 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2007-1759 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2007-1760 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2007-1761 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2007-1762 Mozilla Firefox 2.0.0.1 through 2.0.0.3 does not canonicalize URLs before checking them against the ...
CVE-2007-1763 The ATI kernel driver (atikmdag.sys) in Microsoft Windows Vista allows user-assisted remote attacker...
CVE-2007-1764 Stack-based buffer overflow in FastStone Image Viewer 2.8 allows user-assisted remote attackers to e...
CVE-2007-1765 Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista allows remote attackers to exe...
CVE-2007-1766 PHP remote file inclusion vulnerability in login/engine/db/profiledit.php in Advanced Login 0.76 and...
E
CVE-2007-1767 Unspecified vulnerability in (1) Deskbar.dll and (2) Toolbar.dll in AOL 9.0 before February 2007 all...
CVE-2007-1768 Cross-site scripting (XSS) vulnerability in app/helpers/application_helper.rb in Mephisto 0.7.3 and ...
CVE-2007-1769 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-1873. Reason: This candida...
R
CVE-2007-1770 Buffer overflow in the ArcSDE service (giomgr) in Environmental Systems Research Institute (ESRI) Ar...
CVE-2007-1771 PHP remote file inclusion vulnerability in manage/javascript/formjavascript.php in Ay System Solutio...
E
CVE-2007-1772 The FTP service in HP JetDirect print servers allows remote attackers to cause a denial of service (...
E
CVE-2007-1773 Multiple directory traversal vulnerabilities in aBitWhizzy allow remote attackers to list arbitrary ...
CVE-2007-1774 Multiple cross-site scripting (XSS) vulnerabilities in aBitWhizzy allow remote attackers to inject a...
CVE-2007-1775 Unrestricted file upload vulnerability in upload.php3 in JBrowser 2.4 and earlier allows remote atta...
CVE-2007-1776 SQL injection vulnerability in index.php in the DesignForJoomla.com D4J eZine (com_ezine) 2.8 and ea...
E
CVE-2007-1777 Integer overflow in the zip_read_entry function in PHP 4 before 4.4.5 allows remote attackers to exe...
E
CVE-2007-1778 PHP remote file inclusion vulnerability in db/mysql.php in the Eve-Nuke 0.1 (EN-Forums) module for P...
E
CVE-2007-1779 Multiple SQL injection vulnerabilities in the MySQL back-end in Advanced Website Creator (AWC) befor...
CVE-2007-1780 Cross-site scripting (XSS) vulnerability in the DHT shell (owdhtshell) in Overlay Weaver 0.5.9 to 0....
CVE-2007-1781 Minna De Office 1.x and 2.x does not properly restrict user access to certain privileged actions, wh...
CVE-2007-1782 CruiseWorks 1.09e and earlier does not properly restrict user access to certain privileged actions, ...
CVE-2007-1783 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-1685. Reason: This candida...
R
CVE-2007-1784 The JNILoader ActiveX control (STJNILoader.ocx) 3.1.0.26 in IBM Lotus Notes Sametime before 7.5 allo...
CVE-2007-1785 The RPC service in mediasvr.exe in CA BrightStor ARCserve Backup 11.5 SP2 build 4237 allows remote a...
CVE-2007-1786 SQL injection vulnerability in Hitachi Collaboration - Online Community Management 01-00 through 01-...
CVE-2007-1787 Multiple PHP remote file inclusion vulnerabilities in lib/timesheet.class.php in Softerra Time-Assis...
E
CVE-2007-1788 Flyspray 0.9.9, when output_buffering is disabled or "set to a low value," allows remote attackers t...
CVE-2007-1789 Flyspray 0.9.9 allows remote attackers to obtain sensitive information (private project summaries) v...
CVE-2007-1790 Multiple PHP remote file inclusion vulnerabilities in Kaqoo Auction Software Free Edition allow remo...
E
CVE-2007-1791 SQL injection vulnerability in wall.php in Picture-Engine 1.2.0 and earlier allows remote attackers ...
E
CVE-2007-1792 libdayzero.dll in the Filter Hub Service (filter-hub.exe) in Symantec Mail Security for SMTP before ...
S
CVE-2007-1793 SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9.1.1.7 does not validate certai...
E S
CVE-2007-1794 The Javascript engine in Mozilla 1.7 and earlier on Sun Solaris 8, 9, and 10 might allow remote atta...
S
CVE-2007-1795 JCcorp URLshrink 1.3.1 allows remote attackers to execute arbitrary PHP code via the email address f...
S
CVE-2007-1796 Multiple unspecified vulnerabilities in JCcorp URLshrink before 1.3.2 have unspecified attack vector...
S
CVE-2007-1797 Multiple integer overflows in ImageMagick before 6.3.3-5 allow remote attackers to execute arbitrary...
S
CVE-2007-1798 Buffer overflow in the drmgr command in IBM AIX 5.2 and 5.3 allows local users to cause a denial of ...
CVE-2007-1799 Directory traversal vulnerability in torrent.cpp in KTorrent before 2.1.3 only checks for the ".." s...
CVE-2007-1800 Cisco Secure ACS does not require authentication when Cisco Trust Agent (CTA) transmits posture info...
CVE-2007-1801 Directory traversal vulnerability in inc/lang.php in sBLOG 0.7.3 Beta allows remote attackers to inc...
E
CVE-2007-1802 Cross-site scripting (XSS) vulnerability in MailDwarf 3.01 and earlier allows remote attackers to in...
S
CVE-2007-1803 Unspecified vulnerability in MailDwarf 3.01 and earlier allows remote attackers to send e-mail to ad...
S
CVE-2007-1804 PulseAudio 0.9.5 allows remote attackers to cause a denial of service (daemon crash) via (1) a PA_PS...
S
CVE-2007-1805 SQL injection vulnerability in genre.php in the debaser 0.92 and earlier module for Xoops allows rem...
E
CVE-2007-1806 SQL injection vulnerability in categos.php in the RM+Soft Gallery (rmgallery) 1.0 module for Xoops a...
E
CVE-2007-1807 SQL injection vulnerability in modules/myalbum/viewcat.php in the myAlbum-P 2.0 and earlier module f...
E
CVE-2007-1808 SQL injection vulnerability in show.php in the Camportail 1.1 and earlier module for Xoops allows re...
E
CVE-2007-1809 Multiple PHP remote file inclusion vulnerabilities in GraFX Company WebSite Builder (CWB) PRO 1.5 al...
E
CVE-2007-1810 SQL injection vulnerability in product_details.php in the Kshop 1.17 and earlier module for Xoops al...
E
CVE-2007-1811 SQL injection vulnerability in index.php in the Tiny Event (tinyevent) 1.01 and earlier module for X...
E
CVE-2007-1812 PHP remote file inclusion vulnerability in utilitaires/gestion_sondage.php in BT-Sondage 112 allows ...
E
CVE-2007-1813 SQL injection vulnerability in display.php in the eCal 2.24 and earlier module for Xoops allows remo...
E
CVE-2007-1814 SQL injection vulnerability in viewcat.php in the Core module for Xoops allows remote attackers to e...
E
CVE-2007-1815 SQL injection vulnerability in viewcat.php in the Library module for Xoops allows remote attackers t...
E
CVE-2007-1816 SQL injection vulnerability in viewcat.php in the Tutoriais module for Xoops allows remote attackers...
E
CVE-2007-1817 SQL injection vulnerability in index.php in the Lykos Reviews (lykos_reviews) 1.00 module for Xoops ...
E
CVE-2007-1818 PHP remote file inclusion vulnerability in MOD_forum_fields_parse.php in the Forum picture and META ...
E
CVE-2007-1819 Stack-based buffer overflow in the SPIDERLib.Loader ActiveX control (Spider90.ocx) 9.1.0.4353 in Tes...
CVE-2007-1820 Nortel Networks CallPilot and Meridian Mail voicemail systems, when a mailbox has auto logon enabled...
CVE-2007-1821 Sprint Nextel Sprint voice mail systems allow remote attackers to retrieve or remove messages, or re...
CVE-2007-1822 Alcatel-Lucent Lucent Technologies voice mail systems allow remote attackers to retrieve or remove m...
CVE-2007-1823 T-Mobile voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure ma...
CVE-2007-1824 Buffer overflow in the php_stream_filter_create function in PHP 5 before 5.2.1 allows remote attacke...
E
CVE-2007-1825 Buffer overflow in the imap_mail_compose function in PHP 5 before 5.2.1, and PHP 4 before 4.4.5, all...
E
CVE-2007-1826 Unspecified vulnerability in the IPSec Manager Service for Cisco Unified CallManager (CUCM) 5.0 befo...
S
CVE-2007-1827 Multiple unspecified vulnerabilities in form input validation in web-app.org WebAPP before 0.9.9.6 a...
S
CVE-2007-1828 Multiple cross-site scripting (XSS) vulnerabilities in web-app.org WebAPP before 0.9.9.6 allow remot...
S
CVE-2007-1829 Multiple unspecified vulnerabilities in web-app.net WebAPP have unknown impact and attack vectors, d...
CVE-2007-1830 Unspecified vulnerability in the Username Hijacking Patch 20070312 for web-app.org WebAPP 0.9.9.6 al...
CVE-2007-1831 web-app.org WebAPP before 0.9.9.6 allows remote authenticated users to open files and write "wrong d...
S
CVE-2007-1832 web-app.org WebAPP before 0.9.9.6 allows remote authenticated users to upload certain files (1) via ...
S
CVE-2007-1833 The Skinny Call Control Protocol (SCCP) implementation in Cisco Unified CallManager (CUCM) 3.3 befor...
S
CVE-2007-1834 Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 ...
S
CVE-2007-1835 PHP 4 before 4.4.5 and PHP 5 before 5.2.1, when using an empty session save path (session.save_path)...
CVE-2007-1836 The command line administration interface in Data Domain OS before 4.0.3.6 allows remote authenticat...
CVE-2007-1837 Multiple PHP remote file inclusion vulnerabilities in MangoBery CMS 0.5.5 allow remote attackers to ...
E S
CVE-2007-1838 SQL injection vulnerability in view.php in the Friendfinder 3.3 and earlier module for Xoops allows ...
E
CVE-2007-1839 Multiple PHP remote file inclusion vulnerabilities in CodeBB 1.1b3 and earlier allow remote attacker...
E
CVE-2007-1840 lib/modules.inc in LDAP Account Manager (LAM) before 1.3.0 does not escape HTML special characters i...
S
CVE-2007-1841 The isakmp_info_recv function in src/racoon/isakmp_inf.c in racoon in Ipsec-tools before 0.6.7 allow...
S
CVE-2007-1842 Directory traversal vulnerability in login.php in JSBoard before 2.0.12 allows remote attackers to i...
E
CVE-2007-1843 PHP remote file inclusion vulnerability in gmapfactory/params.php in MapLab 2.2.1, when register_glo...
E
CVE-2007-1844 Multiple PHP remote file inclusion vulnerabilities in Aardvark Topsites PHP 5 allow remote attackers...
CVE-2007-1845 SQL injection vulnerability in show_event.php in the Expanded Calendar (calendar_panel) 2.00 module ...
E
CVE-2007-1846 SQL injection vulnerability in index.php in the MyAds 2.04jp and earlier module for Xoops allows rem...
E
CVE-2007-1847 SQL injection vulnerability in viewcat.php in the Repository module for Xoops allows remote attacker...
E
CVE-2007-1848 Cross-site scripting (XSS) vulnerability in admin/classes/ui.dta.php in Drake CMS allows remote atta...
E
CVE-2007-1849 Directory traversal vulnerability in 404.php in Drake CMS allows remote attackers to include and exe...
CVE-2007-1850 Directory traversal vulnerability in classes/captcha/captcha.jpg.php in Drake CMS allows remote atta...
CVE-2007-1851 Multiple directory traversal vulnerabilities in Really Simple PHP and Ajax (RSPA) 2007-03-23 allow r...
E
CVE-2007-1852 Multiple PHP remote file inclusion vulnerabilities in 2BGal 3.1.1 allow remote attackers to execute ...
CVE-2007-1853 Unspecified vulnerability in Hitachi JP1/HiCommand DeviceManager, Global Link Availability Manager, ...
CVE-2007-1854 Unspecified vulnerability in Hitachi Cosminexus Component Container 07-00 through 07-00-10, and 07-1...
CVE-2007-1855 Multiple PHP remote file inclusion vulnerabilities in smarty/smarty_class.php in Shop-Script FREE al...
CVE-2007-1856 Vixie Cron before 4.1-r10 on Gentoo Linux is installed with insecure permissions, which allows local...
CVE-2007-1857 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2007-1858 The default SSL cipher configuration in Apache Tomcat 4.1.28 through 4.1.31, 5.0.0 through 5.0.30, a...
S
CVE-2007-1859 XScreenSaver 4.10, when using a remote directory service for credentials, does not properly handle t...
S
CVE-2007-1860 mod_jk in Apache Tomcat JK Web Server Connector 1.2.x before 1.2.23 decodes request URLs within the ...
S
CVE-2007-1861 The nl_fib_lookup function in net/ipv4/fib_frontend.c in Linux Kernel before 2.6.20.8 allows attacke...
S
CVE-2007-1862 The recall_headers function in mod_mem_cache in Apache 2.2.4 does not properly copy all levels of he...
CVE-2007-1863 cache_util.c in the mod_cache module in Apache HTTP Server (httpd), when caching is enabled and a th...
CVE-2007-1864 Buffer overflow in the bundled libxmlrpc library in PHP before 4.4.7, and 5.x before 5.2.2, has unkn...
S
CVE-2007-1865 The ipv6_getsockopt_sticky function in the kernel in Red Hat Enterprise Linux (RHEL) Beta 5.1.0 allo...
CVE-2007-1866 Stack-based buffer overflow in the dns_decode_reverse_name function in dns_decode.c in dproxy-nexgen...
CVE-2007-1867 Buffer overflow in IrfanView 3.99 allows remote attackers to execute arbitrary code via a crafted an...
E
CVE-2007-1868 The management service in IBM Tivoli Provisioning Manager for OS Deployment before 5.1 Fix Pack 2 do...
S
CVE-2007-1869 lighttpd 1.4.12 and 1.4.13 allows remote attackers to cause a denial of service (cpu and resource co...
S
CVE-2007-1870 lighttpd before 1.4.14 allows attackers to cause a denial of service (crash) via a request to a file...
S
CVE-2007-1871 Cross-site scripting (XSS) vulnerability in chcounter 3.1.3 allows remote attackers to inject arbitr...
CVE-2007-1872 Cross-site scripting (XSS) vulnerability in toendaCMS 1.5.3 allows remote attackers to inject arbitr...
CVE-2007-1873 Cross-site scripting (XSS) vulnerability in Mephisto 0.7.3 allows remote attackers to inject arbitra...
CVE-2007-1874 Adobe ColdFusion MX 7 for Linux and Solaris uses insecure permissions for certain scripts and direct...
S
CVE-2007-1876 VMware Workstation before 5.5.4, when running a 64-bit Windows guest on a 64-bit host, allows local ...
S
CVE-2007-1877 VMware Workstation before 5.5.4 allows attackers to cause a denial of service against the guest OS b...
S
CVE-2007-1878 Cross-zone scripting vulnerability in the DOM templates (domplates) used by the console.log function...
E S
CVE-2007-1879 The StartUploading function in KL.SysInfo ActiveX control (AxKLSysInfo.dll) in Kaspersky Anti-Virus ...
CVE-2007-1880 Integer overflow in the _NtSetValueKey function in klif.sys in Kaspersky Anti-Virus, Anti-Virus for ...
CVE-2007-1881 Unspecified vulnerability in KLIF (klif.sys) in Kaspersky Anti-Virus, Anti-Virus for Workstations, a...
CVE-2007-1882 qcbin/servlet/tdservlet/TDAPI_GeneralWebTreatment in HP Mercury Quality Center 9.0 build 9.1.0.4352 ...
CVE-2007-1883 PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows context-dependent attackers to read arbitrary...
E
CVE-2007-1884 Multiple integer signedness errors in the printf function family in PHP 4 before 4.4.5 and PHP 5 bef...
S
CVE-2007-1885 Integer overflow in the str_replace function in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows con...
E
CVE-2007-1886 Integer overflow in the str_replace function in PHP 4.4.5 and PHP 5.2.1 allows context-dependent att...
S
CVE-2007-1887 Buffer overflow in the sqlite_decode_binary function in the bundled sqlite library in PHP 4 before 4...
CVE-2007-1888 Buffer overflow in the sqlite_decode_binary function in src/encode.c in SQLite 2, as used by PHP 4.x...
S
CVE-2007-1889 Integer signedness error in the _zend_mm_alloc_int function in the Zend Memory Manager in PHP 5.2.0 ...
S
CVE-2007-1890 Integer overflow in the msg_receive function in PHP 4 before 4.4.5 and PHP 5 before 5.2.1, on FreeBS...
E
CVE-2007-1891 Stack-based buffer overflow in the GetPrivateProfileSectionW function in Akamai Technologies Downloa...
S
CVE-2007-1892 Stack-based buffer overflow in Akamai Technologies Download Manager ActiveX Control (DownloadManager...
CVE-2007-1893 xmlrpc (xmlrpc.php) in WordPress 2.1.2, and probably earlier, allows remote authenticated users with...
S
CVE-2007-1894 Cross-site scripting (XSS) vulnerability in wp-includes/general-template.php in WordPress before 200...
S
CVE-2007-1895 PHP remote file inclusion vulnerability in chat.php in Sky GUNNING MySpeach 3.0.7 and earlier, when ...
E
CVE-2007-1896 Directory traversal vulnerability in chat.php in Sky GUNNING MySpeach 3.0.7 and earlier allows remot...
E
CVE-2007-1897 SQL injection vulnerability in xmlrpc (xmlrpc.php) in WordPress 2.1.2, and probably earlier, allows ...
E S
CVE-2007-1898 formmail.php in Jetbox CMS 2.1 allows remote attackers to send arbitrary e-mails (spam) via modified...
CVE-2007-1899 Multiple SQL injection vulnerabilities in myWebland myBloggie 2.1.6 allow remote attackers to execut...
E
CVE-2007-1900 CRLF injection vulnerability in the FILTER_VALIDATE_EMAIL filter in ext/filter in PHP 5.2.0 and 5.2....
CVE-2007-1901 SonicBB 1.0 allows remote attackers to obtain sensitive information via the (1) by[] parameter to se...
CVE-2007-1902 Multiple SQL injection vulnerabilities in SonicBB 1.0 allow remote attackers to execute arbitrary SQ...
E
CVE-2007-1903 Cross-site scripting (XSS) vulnerability in search.php in SonicBB 1.0 allows remote attackers to inj...
CVE-2007-1904 Directory traversal vulnerability in AOL Instant Messenger (AIM) 5.9 and earlier, and ICQ 5.1 and pr...
CVE-2007-1905 Cross-site scripting (XSS) vulnerability in auth.php in Pineapple Technologies QuizShock 1.6.1 and e...
E
CVE-2007-1906 Directory traversal vulnerability in richedit/keyboard.php in eCardMAX HotEditor (Hot Editor) 4.0, a...
E
CVE-2007-1907 PHP remote file inclusion vulnerability in warn.php in Pathos Content Management System (CMS) 0.92-2...
E
CVE-2007-1908 PHP file inclusion vulnerability in php121db.php in PHP121 Instant Messenger 2.2 allows remote attac...
E
CVE-2007-1909 SQL injection vulnerability in login.php in Ryan Haudenschilt Battle.net Clan Script for PHP 1.5.1 a...
E
CVE-2007-1910 Buffer overflow in wwlib.dll in Microsoft Word 2007 allows remote attackers to cause a denial of ser...
E
CVE-2007-1911 Multiple unspecified vulnerabilities in Microsoft Word 2007 allow remote attackers to cause a denial...
E
CVE-2007-1912 Heap-based buffer overflow in Microsoft Windows allows user-assisted remote attackers to have an unk...
E
CVE-2007-1913 The TRUSTED_SYSTEM_SECURITY function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows rem...
CVE-2007-1914 The RFC_START_PROGRAM function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote at...
S
CVE-2007-1915 Buffer overflow in the RFC_START_PROGRAM function in the SAP RFC Library 6.40 and 7.00 before 200612...
CVE-2007-1916 Buffer overflow in the RFC_START_GUI function in the SAP RFC Library 6.40 and 7.00 before 20061211 a...
CVE-2007-1917 Buffer overflow in the SYSTEM_CREATE_INSTANCE function in the SAP RFC Library 6.40 and 7.00 before 2...
CVE-2007-1918 The RFC_SET_REG_SERVER_PROPERTY function in the SAP RFC Library 6.40 and 7.00 before 20070109 implem...
CVE-2007-1919 Cross-site scripting (XSS) vulnerability in index.php in Arizona Dream Livre d'or (livor) 2.5 allows...
E
CVE-2007-1920 SQL injection vulnerability in index.php in the aktualnosci module in SmodBIP 1.06 and earlier allow...
E
CVE-2007-1921 LIBSNDFILE.DLL, as used by AOL Nullsoft Winamp 5.33 and possibly other products, allows remote attac...
CVE-2007-1922 The Impulse Tracker (IT) and ScreamTracker 3 (S3M) modules in IN_MOD.DLL in AOL Nullsoft Winamp 5.33...
S
CVE-2007-1923 (1) LedgerSMB and (2) DWS Systems SQL-Ledger implement access control lists by changing the set of U...
CVE-2007-1924 Multiple PHP remote file inclusion vulnerabilities in phpContact allow remote attackers to execute a...
E
CVE-2007-1925 The borrado function in modules/Your_Account/index.php in Tru-Zone Nuke ET 3.4 before fix 7 does not...
S
CVE-2007-1926 Cross-site scripting (XSS) vulnerability in JBMC Software DirectAdmin before 1.293 does not properly...
E S
CVE-2007-1927 Cross-site scripting (XSS) vulnerability in signup.asp in CmailServer WebMail 5.3.4 and earlier allo...
CVE-2007-1928 Directory traversal vulnerability in index.php in witshare 0.9 allows remote attackers to include an...
CVE-2007-1929 Directory traversal vulnerability in downloadpic.php in Beryo 2.0, and possibly other versions inclu...
E
CVE-2007-1930 Directory traversal vulnerability in download2.php in cattaDoc 2.21, and possibly other versions inc...
E
CVE-2007-1931 SQL injection vulnerability in index.php in the slownik module in SmodCMS 2.10 and earlier allows re...
E
CVE-2007-1932 Directory traversal vulnerability in scarnews.inc.php in ScarNews 1.2.1 allows remote attackers to i...
E
CVE-2007-1933 Multiple directory traversal vulnerabilities in PcP-Guestbook (PcP-Book) 3.0 allow remote attackers ...
E
CVE-2007-1934 Directory traversal vulnerability in member.php in the eBoard 1.0.7 module for PHP-Nuke allows remot...
E
CVE-2007-1935 PHP file inclusion vulnerability in admin/index.php in ScarAdControl (ScarAdController) 1.1 allows r...
E
CVE-2007-1936 PHP remote file inclusion vulnerability in scaradcontrol.php in ScarAdControl (ScarAdController) 1.1...
E
CVE-2007-1937 PHP remote file inclusion vulnerability in smilies.php in Scorp Book 1.0 allows remote attackers to ...
E
CVE-2007-1938 Ichitaro 2005 through 2007, and possibly related products, allows remote attackers to have an unknow...
CVE-2007-1939 Cross-site scripting (XSS) vulnerability in the embedded webserver in Daniel Naber LanguageTool befo...
CVE-2007-1940 IBM Tivoli Business Service Manager (TBSM) 4.1 before Interim Fix 1 logs passwords in plaintext, whi...
CVE-2007-1941 Cross-site scripting (XSS) vulnerability in the Active Content Filter feature in Domino Web Access (...
CVE-2007-1942 Integer overflow in FastStone Image Viewer 2.9 allows context-dependent attackers to cause a denial ...
E
CVE-2007-1943 Integer overflow in ACDSee Photo Manager 9.0 allows context-dependent attackers to cause a denial of...
E
CVE-2007-1944 The Java Message Service (JMS) in IBM WebSphere Application Server (WAS) before 6.1.0.7 allows attac...
S
CVE-2007-1945 Unspecified vulnerability in the Servlet Engine/Web Container in IBM WebSphere Application Server (W...
S
CVE-2007-1946 Integer overflow in Windows Explorer in Microsoft Windows XP SP1 might allow user-assisted remote at...
E
CVE-2007-1947 Cross-zone scripting vulnerability in the DOM templates (domplates) used by the console.log function...
S
CVE-2007-1948 Buffer overflow in IrfanView 3.99 allows context-dependent attackers to cause a denial of service an...
E
CVE-2007-1949 Session fixation vulnerability in WebBlizzard CMS allows remote attackers to hijack web sessions by ...
CVE-2007-1950 Cross-site scripting (XSS) vulnerability in index_cms.php in WebBlizzard CMS allows remote attackers...
S
CVE-2007-1951 Session fixation vulnerability in onelook obo Shop allows remote attackers to hijack web sessions by...
CVE-2007-1952 Session fixation vulnerability in onelook onebyone CMS allows remote attackers to hijack web session...
CVE-2007-1953 Session fixation vulnerability in onelook courts on-line allows remote attackers to hijack web sessi...
CVE-2007-1954 Multiple directory traversal vulnerabilities in ArchiveXpert 2.02 build 80 allow remote attackers to...
CVE-2007-1955 Multiple stack-based buffer overflows in the SignKorea SKCrypAX ActiveX control module 5.4.1.2 allow...
CVE-2007-1956 SQL injection vulnerability in ubbthreads.php in Groupee UBB.threads 6.1.1 and earlier allows remote...
CVE-2007-1957 Multiple PHP remote file inclusion vulnerabilities in Guernion Sylvain Portail Web Php (aka Gsylvain...
CVE-2007-1958 Buffer overflow in TinyMUX before 2.4 allows attackers to cause a denial of service via unspecified ...
CVE-2007-1959 Unspecified vulnerability in the process_cmdent function in command.cpp in TinyMUX before 2.4 has un...
CVE-2007-1960 SQL injection vulnerability in visit.php in the Rha7 Downloads (rha7downloads) 1.0 module for XOOPS,...
E
CVE-2007-1961 PHP remote file inclusion vulnerability in mutant_functions.php in the Mutant 0.9.2 portal for phpBB...
E
CVE-2007-1962 SQL injection vulnerability in index.php in the WF-Snippets 1.02 and earlier module for XOOPS allows...
E
CVE-2007-1963 SQL injection vulnerability in the create_session function in class_session.php in MyBB (aka MyBulle...
E S
CVE-2007-1964 member.php in MyBB (aka MyBulletinBoard), when debug mode is available, allows remote authenticated ...
CVE-2007-1965 Multiple cross-site scripting (XSS) vulnerabilities in eXV2 CMS 2.0.4.3 and earlier allow remote att...
CVE-2007-1966 Session fixation vulnerability in eXV2 CMS 2.0.4.3 and earlier allows remote attackers to hijack web...
S
CVE-2007-1967 PHP remote file inclusion vulnerability in index.php in stat12 allows remote attackers to execute ar...
CVE-2007-1968 PHP remote file inclusion vulnerability in games.php in Sam Crew MyBlog, possibly 1.0 through 1.6, a...
E
CVE-2007-1969 Cross-site scripting (XSS) vulnerability in admin/modify.php in Sam Crew MyBlog remote attackers to ...
CVE-2007-1970 Mozilla Firefox does not warn the user about HTTP elements on an HTTPS page when the HTTP elements a...
CVE-2007-1971 SQL injection vulnerability in fotokategori.asp in Gazi Okul Sitesi 2007 allows remote attackers to ...
CVE-2007-1972 PatrolAgent.exe in BMC Performance Manager does not require authentication for requests to modify co...
CVE-2007-1973 Race condition in the Virtual DOS Machine (VDM) in the Windows Kernel in Microsoft Windows NT 4.0 al...
CVE-2007-1974 SQL injection vulnerability in the getArticle function in class/wfsarticle.php in WF-Section (aka WF...
E S
CVE-2007-1975 Multiple PHP remote file inclusion vulnerabilities in SLAED CMS 2 allow remote attackers to execute ...
CVE-2007-1976 PHP remote file inclusion vulnerability in index.php in the Virii Info 1.10 and earlier module for X...
E
CVE-2007-1977 Cross-site scripting (XSS) vulnerability in index_cms.php in holaCMS 1.4.10 allows remote attackers ...
E
CVE-2007-1978 SQL injection vulnerability in index.php in the Arcade 1.00 module for PHP-Fusion allows remote atta...
E
CVE-2007-1979 SQL injection vulnerability in index.php in the PopnupBlog 2.52 and earlier module for Xoops allows ...
E
CVE-2007-1980 SQL injection vulnerability in index.php in the Topliste 1.0 module for PHP-Fusion allows remote att...
E
CVE-2007-1981 The safevoid_vsnprintf function in Metamod-P 1.19p29 and earlier on Windows allows remote attackers ...
S
CVE-2007-1982 Multiple PHP remote file inclusion vulnerabilities in Really Simple PHP and Ajax (RSPA) 2007-03-23 a...
E
CVE-2007-1983 PHP remote file inclusion vulnerability in include/default_header.php in Cyboards PHP Lite 1.21 allo...
E
CVE-2007-1984 PHP remote file inclusion vulnerability in index.php in lite-cms 0.2.1 allows remote attackers to ex...
CVE-2007-1985 Multiple PHP remote file inclusion vulnerabilities in phpexplorator.php in phpexplorator 2.0 allow r...
CVE-2007-1986 Multiple PHP remote file inclusion vulnerabilities in barnraiser AROUNDMe 0.7.7 allow remote attacke...
E
CVE-2007-1987 Multiple PHP remote file inclusion vulnerabilities in PHPEcho CMS 2.0 allow remote attackers to exec...
CVE-2007-1988 Cross-site scripting (XSS) vulnerability in kernel/filters.inc.php in PHPEcho CMS 2.0 allows remote ...
CVE-2007-1989 Multiple cross-site scripting (XSS) vulnerabilities in DotClear before 1.2.6 allow remote attackers ...
S
CVE-2007-1990 PHP remote file inclusion vulnerability in games.php in Sam Crew MyBlog, possibly 1.0 through 1.6, a...
CVE-2007-1991 Cross-site scripting (XSS) vulnerability in mail/signup.asp in CmailServer WebMail 5.4.3, and possib...
CVE-2007-1992 Multiple PHP remote file inclusion vulnerabilities in the com_zoom 2.5 beta 2 and earlier module for...
E
CVE-2007-1993 Buffer overflow in the pfs_mountd.rpc RPC daemon in the Portable File System (PFS) in HP-UX B.11.00,...
CVE-2007-1994 Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality i...
CVE-2007-1995 bgpd/bgp_attr.c in Quagga 0.98.6 and earlier, and 0.99.6 and earlier 0.99 versions, does not validat...
CVE-2007-1996 PHP remote file inclusion vulnerability in codebreak.php in CodeBreak, probably 1.1.2 and earlier, a...
CVE-2007-1997 Integer signedness error in the (1) cab_unstore and (2) cab_extract functions in libclamav/cab.c in ...
S
CVE-2007-1998 Direct static code injection vulnerability in HIOX Guest Book (HGB) 4.0 allows remote attackers to i...
E
CVE-2007-1999 PHP remote file inclusion vulnerability in index.php in Weatimages 1.7.1 and earlier, when weatimage...
E
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.