CVE-2007-4xxx

There are 957 CVE in this subgroup.
Last updated: 
← Back to 2007
ID Summary Flags Max Score
CVE-2007-4000 The kadm5_modify_policy_internal function in lib/kadm5/srv/svr_policy.c in the Kerberos administrati...
CVE-2007-4003 pioout in IBM AIX 5.3 SP6 allows local users to execute arbitrary code by specifying a malicious lib...
CVE-2007-4004 Buffer overflow in the ftp client in IBM AIX 5.3 SP6 and 5.2.0 allows local users to execute arbitra...
CVE-2007-4005 Stack-based buffer overflow in Mike Dubman Windows RSH daemon (rshd) 1.7 allows remote attackers to ...
E
CVE-2007-4006 Buffer overflow in Mike Dubman Windows RSH daemon (rshd) 1.7 has unknown impact and remote attack ve...
CVE-2007-4007 PHP remote file inclusion vulnerability in index.php in Article Directory (Article Site Directory) a...
E
CVE-2007-4008 Directory traversal vulnerability in custom.php in Entertainment Media Sharing CMS allows remote att...
E
CVE-2007-4009 PHP remote file inclusion vulnerability in admin/business_inc/saveserver.php in SWSoft Confixx Pro 2...
E
CVE-2007-4010 The win32std extension in PHP 5.2.3 does not follow safe_mode and disable_functions restrictions, wh...
E
CVE-2007-4011 Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 Wireless LAN Controller (WLC) softwa...
CVE-2007-4012 Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 Wireless LAN Controller (WLC) softwa...
CVE-2007-4013 Multiple unspecified vulnerabilities in (1) Net6Helper.DLL (aka Net6Launcher Class) 4.5.2 and earlie...
S
CVE-2007-4014 Cross-site scripting (XSS) vulnerability in a certain index.php installation script related to the (...
CVE-2007-4015 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-0011. Reason: This candida...
R
CVE-2007-4016 Unspecified vulnerability in the client components in Citrix Access Gateway Standard Edition before ...
S
CVE-2007-4017 Cross-site request forgery (CSRF) vulnerability in the web-based administration console in Citrix Ac...
S
CVE-2007-4018 Citrix Access Gateway Advanced Edition before firmware 4.5.5 allows attackers to redirect users to a...
S
CVE-2007-4019 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-2930. Reason: This candida...
R
CVE-2007-4020 Multiple cross-site scripting (XSS) vulnerabilities in login.php in AdMan 1.0.20051202 FF 3 patch an...
CVE-2007-4021 Multiple cross-site scripting (XSS) vulnerabilities in login.php in Brain Book Software Secure 1.0.2...
CVE-2007-4022 Cross-site scripting (XSS) vulnerability in frontend/x/htaccess/changepro.html in cPanel 10.9.1 allo...
E
CVE-2007-4023 Cross-site scripting (XSS) vulnerability in the login CGI program in Aruba Mobility Controller 2.5.4...
S
CVE-2007-4024 Cross-site scripting (XSS) vulnerability in W1L3D4_aramasonuc.asp in W1L3D4 Philboard 0.3 allows rem...
CVE-2007-4025 Unspecified vulnerability in Sun Java System (SJS) Application Server 8.1 through 9.0 before 2007072...
S
CVE-2007-4026 epesi framework before 0.8.6 does not properly verify file extensions, which allows remote attackers...
CVE-2007-4027 Buffer overflow in cli32 in Areca CLI 1.72.250 and earlier might allow local users to gain privilege...
CVE-2007-4028 Absolute path traversal vulnerability in index.php in Webspell 4.01.02 allows remote attackers to in...
E
CVE-2007-4029 libvorbis 1.1.2, and possibly other versions before 1.2.0, allows context-dependent attackers to cau...
CVE-2007-4031 Directory traversal vulnerability in a certain ActiveX control in Nessus Vulnerability Scanner 3.0.6...
E
CVE-2007-4032 Buffer overflow in CrystalPlayer Pro 1.98 allows user-assisted remote attackers to execute arbitrary...
E
CVE-2007-4033 Buffer overflow in the intT1_EnvGetCompletePath function in lib/t1lib/t1env.c in t1lib 5.1.1 allows ...
E
CVE-2007-4034 Stack-based buffer overflow in the YDPCTL.YDPControl.1 (aka Yahoo! Installer Plugin for Widgets) Act...
E S
CVE-2007-4035 Guidance Software EnCase does not properly handle (1) certain malformed MBR partition tables with ma...
CVE-2007-4036 Guidance Software EnCase allows user-assisted remote attackers to cause a denial of service via (1) ...
CVE-2007-4037 Guidance Software EnCase allows user-assisted attackers to trigger a buffer over-read and applicatio...
CVE-2007-4038 Argument injection vulnerability in Mozilla Firefox before 2.0.0.5, when running on systems with Thu...
CVE-2007-4039 Argument injection vulnerability involving Mozilla, when certain URIs are registered, allows remote ...
CVE-2007-4040 Argument injection vulnerability involving Microsoft Outlook and Outlook Express, when certain URIs ...
CVE-2007-4041 Multiple argument injection vulnerabilities in Mozilla Firefox 2.0.0.5 and 3.0alpha allow remote att...
CVE-2007-4042 Multiple argument injection vulnerabilities in Netscape Navigator 9 allow remote attackers to execut...
CVE-2007-4043 file.cgi in Secure Computing SecurityReporter (aka Network Security Analyzer) before 4.6.3 allows re...
CVE-2007-4044 Rejected reason: The MS-RPC functionality in smbd in Samba 3 on SUSE Linux before 20070720 does not ...
R
CVE-2007-4045 The CUPS service, as used in SUSE Linux before 20070720 and other Linux distributions, allows remote...
S
CVE-2007-4046 SQL injection vulnerability in index.php in the Pony Gallery (com_ponygallery) 1.5 and earlier compo...
E
CVE-2007-4047 geoBlog (aka BitDamaged) 1 does not require authentication for (1) deletecomment.php, (2) deleteblog...
E
CVE-2007-4048 Cross-site scripting (XSS) vulnerability in index.php in phpSysInfo 2.5.4-dev and earlier allows rem...
CVE-2007-4049 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2000-1205. Reason: This candida...
R
CVE-2007-4050 Unspecified vulnerability in WebUI in ADempiere Bazaar before 3.3 beta Victoria edition allows remot...
S
CVE-2007-4051 Heap-based buffer overflow in the FindFiles function in UltraDefrag 1.0.3 allows local users to gain...
CVE-2007-4052 Cross-site scripting (XSS) vulnerability in utilities/login.asp in nukedit 4.9.7 and earlier allows ...
CVE-2007-4053 SQL injection vulnerability in include/img_view.class.php in LinPHA 1.3.1 and earlier allows remote ...
E
CVE-2007-4054 SQL injection vulnerability in category.php in PHP123 Top Sites allows remote attackers to execute a...
E
CVE-2007-4055 SQL injection vulnerability in comments_get.asp in SimpleBlog 3.0 allows remote attackers to execute...
E
CVE-2007-4056 SQL injection vulnerability in directory.php in Prozilla Adult Directory allows remote attackers to ...
E
CVE-2007-4057 Unrestricted file upload vulnerability in pfs.php in Neocrome Seditio 121 and earlier allows remote ...
E
CVE-2007-4058 Absolute path traversal vulnerability in a certain ActiveX control in vielib.dll 2.2.5.42958 in EMC ...
E
CVE-2007-4059 Absolute path traversal vulnerability in a certain ActiveX control in IntraProcessLogging.dll 5.5.3....
E
CVE-2007-4060 Multiple buffer overflows in the HttpSprockMake function in http.c in Frank Yaul corehttp 0.5.3alpha...
E
CVE-2007-4061 Directory traversal vulnerability in a certain ActiveX control in Nessus Vulnerability Scanner 3.0.6...
E S
CVE-2007-4062 The SCANCTRL.ScanCtrlCtrl.1 ActiveX control in scan.dll in Nessus Vulnerability Scanner 3.0.6 allows...
E S
CVE-2007-4063 Multiple cross-site request forgery (CSRF) vulnerabilities in Drupal 5.x before 5.2 allow remote att...
S
CVE-2007-4064 Multiple cross-site scripting (XSS) vulnerabilities in Drupal 5.x before 5.2, and 4.7.x before 4.7.7...
CVE-2007-4065 lib/vorbisfile.c in libvorbisfile in Xiph.Org libvorbis before 1.2.0 allows context-dependent attack...
S
CVE-2007-4066 Multiple buffer overflows in Xiph.Org libvorbis before 1.2.0 allow context-dependent attackers to ca...
S
CVE-2007-4067 Absolute path traversal vulnerability in the clInetSuiteX6.clWebDav ActiveX control in CLINETSUITEX6...
E S
CVE-2007-4068 Multiple SQL injection vulnerabilities in Webyapar 2.0 allow remote attackers to execute arbitrary S...
E
CVE-2007-4069 SQL injection vulnerability in show_cat.php in IndexScript 2.8 and earlier allows remote attackers t...
E
CVE-2007-4070 Unspecified vulnerability in Low Bandwidth X proxy (lbxproxy) on Sun Solaris 8 through 10 before 200...
S
CVE-2007-4071 Multiple cross-site scripting (XSS) vulnerabilities in uploader/index.php in Webbler CMS before 3.1....
CVE-2007-4072 Webbler CMS before 3.1.6 provides the full installation path within HTML comments in certain documen...
S
CVE-2007-4073 Webbler CMS before 3.1.6 does not properly restrict use of "mail a friend" forms, which allows remot...
CVE-2007-4074 The default configuration of Centre for Speech Technology Research (CSTR) Festival 1.95 beta (aka 2....
CVE-2007-4075 Cross-site scripting (XSS) vulnerability in index.asp in Alisveris Sitesi Scripti allows remote atta...
E
CVE-2007-4076 Multiple SQL injection vulnerabilities in index.asp in Alisveris Sitesi Scripti allow remote attacke...
E
CVE-2007-4077 Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft Video Share Enterprise allow remot...
E
CVE-2007-4078 Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft Text Ads Enterprise allow remote a...
E
CVE-2007-4079 Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft SMS Text Messaging Enterprise allo...
E
CVE-2007-4080 Cross-site scripting (XSS) vulnerability in index.php AlstraSoft E-Friends allows remote attackers t...
E
CVE-2007-4081 Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft Affiliate Network Pro allow remote...
E
CVE-2007-4082 Cross-site scripting (XSS) vulnerability in contact_author.php AlstraSoft Article Manager Pro allows...
E
CVE-2007-4083 Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft AskMe Pro allow remote attackers t...
E
CVE-2007-4084 Multiple SQL injection vulnerabilities in AlstraSoft Affiliate Network Pro allow remote attackers to...
E
CVE-2007-4085 Multiple SQL injection vulnerabilities in AlstraSoft AskMe Pro allow remote attackers to execute arb...
E
CVE-2007-4086 Multiple SQL injection vulnerabilities in AlstraSoft Video Share Enterprise allow remote attackers t...
E
CVE-2007-4087 AlstraSoft Video Share Enterprise allows remote attackers to obtain sensitive information (the full ...
E
CVE-2007-4088 Multiple cross-site scripting (XSS) vulnerabilities in Vikingboard 0.1.2 allow remote attackers to i...
E
CVE-2007-4089 Vikingboard 0.1.2 allows remote attackers to obtain sensitive information via the debug parameter to...
E
CVE-2007-4090 Multiple cross-site scripting (XSS) vulnerabilities in Vikingboard 0.1.2 allow remote attackers to i...
CVE-2007-4091 Multiple off-by-one errors in the sender.c in rsync 2.6.9 might allow remote attackers to execute ar...
CVE-2007-4092 Directory traversal vulnerability in index.php in iFoto 1.0.1 and earlier allows remote attackers to...
E
CVE-2007-4093 Minb Is Not a Blog (minb) stores sensitive information under the web root with insufficient access c...
CVE-2007-4094 PHP remote file inclusion vulnerability in library/authorize.php in IDevSpot PhpHostBot allows remot...
E
CVE-2007-4095 SQL injection vulnerability in BSM Store Dependent Forums 1.02 allows remote attackers to execute ar...
E
CVE-2007-4096 Buffer overflow in Tor before 0.1.2.15, when using BSD natd support, allows remote attackers to caus...
S
CVE-2007-4097 Tor before 0.1.2.15 sends "destroy cells" containing the reason for tearing down a circuit, which al...
S
CVE-2007-4098 Tor before 0.1.2.15 does not properly distinguish "streamids from different exits," which might allo...
S
CVE-2007-4099 Tor before 0.1.2.15 can select a guard node beyond the first listed never-before-connected-to guard ...
S
CVE-2007-4100 MLDonkey before 2.9.0 does not load certain code from $MLDONKEY/web_infos/ before the network module...
E S
CVE-2007-4101 Multiple PHP remote file inclusion vulnerabilities in Madoa Poll 1.1 allow remote attackers to execu...
E
CVE-2007-4102 Cross-site scripting (XSS) vulnerability in search.php for sBlog 0.7.3 Beta allows remote attackers ...
E
CVE-2007-4103 The IAX2 channel driver (chan_iax2) in Asterisk Open 1.2.x before 1.2.23, 1.4.x before 1.4.9, and As...
S
CVE-2007-4104 Multiple cross-site scripting (XSS) vulnerabilities in the WP-FeedStats before 2.4 plugin for WordPr...
E S
CVE-2007-4105 A certain ActiveX control in BaiduBar.dll in Baidu Soba Search Bar 5.4 allows remote attackers to ex...
S
CVE-2007-4106 SQL injection vulnerability in login.asp in CodeWidgets Pay Roll - Time Sheet and Punch Card Applica...
CVE-2007-4107 SQL injection vulnerability in editpost.php in phpMyForum before 4.1.4 allows remote attackers to ex...
E S
CVE-2007-4108 SQL injection vulnerability in sign_in.aspx in WebEvents (Online Event Registration Template) allows...
CVE-2007-4109 SQL injection vulnerability in sign_in.aspx in WebStore (Online Store Application Template) allows r...
E
CVE-2007-4110 SQL injection vulnerability in sign_in.aspx in Message Board / Threaded Discussion Forum Application...
E
CVE-2007-4111 SQL injection vulnerability in the login script in Real Estate listing website application template,...
CVE-2007-4112 Multiple SQL injection vulnerabilities in Advanced Webhost Billing System (AWBS) before 2.6.0, when ...
E
CVE-2007-4113 Unspecified vulnerability in Advanced Webhost Billing System (AWBS) before 2.6.0 allows remote authe...
E S
CVE-2007-4114 Multiple SQL injection vulnerabilities in unuttum.asp in SuskunDuygular Uyelik Sistemi 1.2 allow rem...
E
CVE-2007-4115 Multiple cross-site scripting (XSS) vulnerabilities in IT!CMS (itcms) 0.2 allow remote attackers to ...
CVE-2007-4116 SQL injection vulnerability in philboard_forum.asp in Metyus Forum Portal 1.0 allows remote attacker...
E
CVE-2007-4117 PHP remote file inclusion vulnerability in index.php in phpWebFileManager 0.5 allows remote attacker...
CVE-2007-4118 PHP remote file inclusion vulnerability in includes/functions.inc.php in phpVoter 0.6 allows remote ...
CVE-2007-4119 Multiple SQL injection vulnerabilities in yonetici.asp in Berthanas Ziyaretci Defteri 2.0 allow remo...
E
CVE-2007-4120 Multiple PHP remote file inclusion vulnerabilities in Jelsoft vBulletin 3.6.5 allow remote attackers...
E
CVE-2007-4121 Multiple SQL injection vulnerabilities in admin.aspx in E-Commerce Scripts Shopping Cart Script, Mul...
E
CVE-2007-4122 Unspecified vulnerability in Hitachi JP1/Cm2/Hierarchical Viewer (HV) 06-00 through 06-71-/B allows ...
CVE-2007-4123 The Groupmax Scheduler_Facilities management tool in Hitachi Groupmax Groupware Server 07-00-/F thro...
CVE-2007-4124 The session failover function in Cosminexus Component Container in Cosminexus 6, 6.7, and 7 before 2...
S
CVE-2007-4125 Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality i...
S
CVE-2007-4126 Unspecified vulnerability in the dynamic tracing framework (DTrace) on Sun Solaris 10 before 2007073...
S
CVE-2007-4127 PHP remote file inclusion vulnerability in check_entry.php in Ralf Image Gallery (RIG), aka Raphael ...
E
CVE-2007-4128 SQL injection vulnerability in index.php in the Firestorm Technologies GMaps (com_gmaps) 1.00 compon...
E
CVE-2007-4129 CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary file...
S
CVE-2007-4130 The Linux kernel 2.6.9 before 2.6.9-67 in Red Hat Enterprise Linux (RHEL) 4 on Itanium (ia64) does n...
E S
CVE-2007-4131 Directory traversal vulnerability in the contains_dot_dot function in src/names.c in GNU tar allows ...
S
CVE-2007-4132 Unspecified vulnerability in Red Hat Network Satellite Server 5.0.0 allows remote authenticated user...
S
CVE-2007-4133 The (1) hugetlb_vmtruncate_list and (2) hugetlb_vmtruncate functions in fs/hugetlbfs/inode.c in the ...
S
CVE-2007-4134 Directory traversal vulnerability in extract.c in star before 1.5a84 allows user-assisted remote att...
S
CVE-2007-4135 The NFSv4 ID mapper (nfsidmap) before 0.17 does not properly handle return values from the getpwnam_...
S
CVE-2007-4136 The ricci daemon in Red Hat Conga 0.10.0 allows remote attackers to cause a denial of service (loss ...
S
CVE-2007-4137 Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent ...
CVE-2007-4138 The Winbind nss_info extension (nsswitch/idmap_ad.c) in idmap_ad.so in Samba 3.0.25 through 3.0.25c,...
S
CVE-2007-4139 Cross-site scripting (XSS) vulnerability in the Temporary Uploads editing functionality (wp-admin/in...
E
CVE-2007-4140 Buffer overflow in Live for Speed (LFS) S2 ALPHA PATCH 0.5x allows user-assisted remote attackers to...
E
CVE-2007-4141 OpenRat CMS 0.8-beta1 and earlier allows remote attackers to obtain sensitive information via a requ...
CVE-2007-4142 Cross-site scripting (XSS) vulnerability in IBM Lotus Sametime Server 7.5.1 before 20070731 allows r...
S
CVE-2007-4143 user.php in the Billing Control Panel in phpCoupon allows remote authenticated users to obtain Premi...
E
CVE-2007-4144 Cross-site scripting (XSS) vulnerability in sample-forms/simple-contact-form-with-preview/simple-con...
CVE-2007-4145 Heap-based buffer overflow in the BlueSkychat (BlueSkyCat) ActiveX control (V2.V2Ctrl.1) in v2.ocx 8...
E
CVE-2007-4146 Cross-site scripting (XSS) vulnerability in webevent.cgi in WebEvent 2.61 through 4.03 allows remote...
E
CVE-2007-4147 Multiple unspecified vulnerabilities in Interspire ArticleLive NX before 1.7.1.2 have unknown impact...
S
CVE-2007-4148 Heap-based buffer overflow in the Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12....
CVE-2007-4149 The Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0 does not require authent...
CVE-2007-4150 The Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0 uses weak cryptography (...
CVE-2007-4151 The Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0 allows remote attackers ...
CVE-2007-4152 The Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0 allows remote attackers ...
CVE-2007-4153 Multiple cross-site scripting (XSS) vulnerabilities in WordPress 2.2.1 allow remote authenticated ad...
E
CVE-2007-4154 SQL injection vulnerability in options.php in WordPress 2.2.1 allows remote authenticated administra...
CVE-2007-4155 Absolute path traversal vulnerability in a certain ActiveX control in vielib.dll in EMC VMware 6.0.0...
E
CVE-2007-4156 Multiple SQL injection vulnerabilities in wolioCMS allow remote attackers to execute arbitrary SQL c...
E
CVE-2007-4157 PHPBlogger stores sensitive information under the web root with insufficient access control, which a...
CVE-2007-4158 Memory leak in TIBCO Rendezvous (RV) daemon (rvd) 7.5.2, 7.5.3 and 7.5.4 allows remote attackers to ...
CVE-2007-4159 index.html in the HTTP administration interface in certain daemons in TIBCO Rendezvous (RV) 7.5.2 al...
CVE-2007-4160 The default configuration of TIBCO Rendezvous (RV) 7.5.2 clients, when -no-multicast is omitted, use...
E
CVE-2007-4161 rvd in TIBCO Rendezvous (RV) 7.5.2, when -no-lead-wc is omitted, might allow remote attackers to cau...
CVE-2007-4162 TIBCO Rendezvous (RV) 7.5.2 does not protect confidentiality or integrity of inter-daemon communicat...
CVE-2007-4163 Multiple SQL injection vulnerabilities in IndexScript 2.7 and 2.8 before 20070726 allow remote attac...
S
CVE-2007-4164 CRLF injection vulnerability in the redirect feature in Sun Java System Web Server 6.1 and 7.0 befor...
S
CVE-2007-4165 Cross-site scripting (XSS) vulnerability in index.php in the Blue Memories theme 1.5 for WordPress a...
CVE-2007-4166 Cross-site scripting (XSS) vulnerability in index.php in the Unnamed theme 1.217, and Special Editio...
CVE-2007-4167 PHP remote file inclusion vulnerability in cat_viewed.php in AL-Caricatier 2.5 allows remote attacke...
CVE-2007-4168 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-4168. Reason: This candida...
R
CVE-2007-4169 Multiple PHP remote file inclusion vulnerabilities in vgallite allow remote attackers to execute arb...
CVE-2007-4170 Multiple PHP remote file inclusion vulnerabilities in AL-Athkar 2.0 allow remote attackers to execut...
CVE-2007-4171 SQL injection vulnerability in komentar.php in the Forum Module for auraCMS (Modul Forum Sederhana) ...
E
CVE-2007-4172 Multiple cross-site scripting (XSS) vulnerabilities in Open Webmail (OWM) 2.52 20060831 and earlier ...
CVE-2007-4173 SQL injection vulnerability in duyuruoku.asp in Hunkaray Okul Portali 1.1 allows remote attackers to...
E
CVE-2007-4174 Tor before 0.1.2.16, when ControlPort is enabled, does not properly restrict commands to localhost p...
CVE-2007-4175 Multiple cross-site scripting (XSS) vulnerabilities in index.php in OpenRat CMS 0.8-beta1 and earlie...
E
CVE-2007-4176 Multiple unspecified vulnerabilities in EQDKP Plus before 0.4.4.5 have unknown impact and attack vec...
CVE-2007-4177 Multiple cross-site scripting (XSS) vulnerabilities in Interact before 2.4 allow remote attackers to...
CVE-2007-4178 Cross-site scripting (XSS) vulnerability in index.php in WebDirector 2.2 and earlier allows remote a...
E
CVE-2007-4179 Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality i...
S
CVE-2007-4180 Directory traversal vulnerability in data/inc/theme.php in Pluck 4.3, when register_globals is enabl...
CVE-2007-4181 PHP remote file inclusion vulnerability in data/inc/theme.php in Pluck 4.3, when register_globals is...
E
CVE-2007-4182 Unrestricted file upload vulnerability in index.php in WikiWebWeaver 1.1 and earlier allows remote a...
CVE-2007-4183 SQL injection vulnerability in main.php in paBugs 2.0 Beta 3 and earlier allows remote attackers to ...
E
CVE-2007-4184 SQL injection vulnerability in administrator/popups/pollwindow.php in Joomla! 1.0.12 allows remote a...
CVE-2007-4185 Joomla! 1.0.12 allows remote attackers to obtain sensitive information via a direct request for (1) ...
CVE-2007-4186 PHP remote file inclusion vulnerability in admin.tour_toto.php in the Tour de France Pool (com_tour_...
E
CVE-2007-4187 Multiple eval injection vulnerabilities in the com_search component in Joomla! 1.5 beta before RC1 (...
CVE-2007-4188 Session fixation vulnerability in Joomla! before 1.0.13 (aka Sunglow) allows remote attackers to hij...
CVE-2007-4189 Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.13 (aka Sunglow) allow rem...
S
CVE-2007-4190 CRLF injection vulnerability in Joomla! before 1.0.13 (aka Sunglow) allows remote attackers to injec...
S
CVE-2007-4191 Panda Antivirus 2008 stores service executables under the product's installation directory with weak...
E
CVE-2007-4192 Multiple cross-site scripting (XSS) vulnerabilities in IDE Group DVD Rental System (DRS) 5.1 before ...
CVE-2007-4193 Multiple cross-site request forgery (CSRF) vulnerabilities in index.php in IDE Group DVD Rental Syst...
CVE-2007-4194 Guidance Software EnCase 5.0 allows user-assisted remote attackers to cause a denial of service (sta...
CVE-2007-4195 Use-after-free vulnerability in ext2fs.c in Brian Carrier The Sleuth Kit (TSK) before 2.09 allows us...
CVE-2007-4196 icat in Brian Carrier The Sleuth Kit (TSK) before 2.09 misinterprets a certain memory location as th...
CVE-2007-4197 icat in Brian Carrier The Sleuth Kit (TSK) before 2.09 omits NULL pointer checks in certain code pat...
CVE-2007-4198 The fs_data_put_str function in ntfs.c in fls in Brian Carrier The Sleuth Kit (TSK) before 2.09 does...
S
CVE-2007-4199 Brian Carrier The Sleuth Kit (TSK) before 2.09 allows user-assisted remote attackers to cause a deni...
S
CVE-2007-4200 ntfs.c in fsstat in Brian Carrier The Sleuth Kit (TSK) before 2.09 interprets a certain variable as ...
CVE-2007-4201 Guidance Software EnCase 6.2 and 6.5 does not properly handle a volume with more than 25 partitions,...
CVE-2007-4202 Guidance Software EnCase Enterprise Edition (EEE) 6 does not properly verify the identity of the acq...
CVE-2007-4203 Session fixation vulnerability in Mambo 4.6.2 CMS allows remote attackers to hijack web sessions by ...
CVE-2007-4204 Hitachi Groupmax Collaboration - Schedule, as used in Groupmax Collaboration Portal 07-32 through 07...
S
CVE-2007-4205 XHA (Linux-HA) on the BlueCat Networks Adonis DNS/DHCP Appliance 5.0.2.8 allows remote attackers to ...
CVE-2007-4206 Kaspersky Anti-Spam 3.0 MP1 before Critical Fix 2 (3.0.278.4) sets incorrect permissions for applica...
S
CVE-2007-4207 SQL injection vulnerability in admin_console/index.asp in Gallery In A Box allows remote attackers t...
E
CVE-2007-4208 SQL injection vulnerability in default.asp in Next Gen Portfolio Manager allows remote attackers to ...
CVE-2007-4209 SQL injection vulnerability in Recherche.php in Aceboard forum allows remote attackers to execute ar...
CVE-2007-4210 Multiple SQL injection vulnerabilities in module.php in LANAI (la-nai) CMS 1.2.14 allow remote attac...
S
CVE-2007-4211 The ACL plugin in Dovecot before 1.0.3 allows remote authenticated users with the insert right to sa...
S
CVE-2007-4212 Multiple cross-site scripting (XSS) vulnerabilities in the Search Module in PHP-Nuke allow remote at...
CVE-2007-4213 Palm OS on Treo 650, 680, 700p, and 755p Smart phones allows remote attackers to cause a denial of s...
CVE-2007-4216 vsdatant.sys 6.5.737.0 in Check Point Zone Labs ZoneAlarm before 7.0.362 allows local users to gain ...
CVE-2007-4217 Stack-based buffer overflow in the domacro function in ftp in IBM AIX 5.2 and 5.3 allows local users...
S
CVE-2007-4218 Multiple buffer overflows in the ServerProtect service (SpntSvc.exe) in Trend Micro ServerProtect fo...
S
CVE-2007-4219 Integer overflow in the RPCFN_SYNC_TASK function in StRpcSrv.dll, as used by the ServerProtect servi...
S
CVE-2007-4220 Directory traversal vulnerability in Motorola Timbuktu Pro before 8.6.5 for Windows allows remote at...
S
CVE-2007-4221 Multiple buffer overflows in Motorola Timbuktu Pro before 8.6.5 for Windows allow remote attackers t...
S
CVE-2007-4222 Buffer overflow in the TagAttributeListCopy function in nnotes.dll in IBM Lotus Notes before 7.0.3 a...
S
CVE-2007-4223 Dbgv.sys in Microsoft Sysinternals DebugView before 4.72 provides an unspecified mechanism for copyi...
CVE-2007-4224 KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar by calling setInterval with...
CVE-2007-4225 Visual truncation vulnerability in KDE Konqueror 3.5.7 allows remote attackers to spoof the URL addr...
CVE-2007-4226 Directory traversal vulnerability in the BlueCat Networks Proteus IPAM appliance 2.0.2.0 (Adonis DNS...
E
CVE-2007-4227 Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of...
E
CVE-2007-4228 rmpvc on IBM AIX 4.3 allows local users to cause a denial of service (system crash) via long port lo...
CVE-2007-4229 Unspecified vulnerability in KDE Konqueror 3.5.7 and earlier allows remote attackers to cause a deni...
E
CVE-2007-4230 BellaBiblio allows remote attackers to gain administrative privileges via a bellabiblio cookie with ...
CVE-2007-4231 PHP remote file inclusion vulnerability in order/login.php in IDevSpot PhpHostBot 1.06 and earlier a...
E
CVE-2007-4232 PHP remote file inclusion vulnerability in admin/inc/change_action.php in Andreas Robertz PHPNews 0....
E
CVE-2007-4233 Multiple unspecified vulnerabilities in Camera Life before 2.6 allow attackers to cause a denial of ...
S
CVE-2007-4234 Unspecified vulnerability in Camera Life before 2.6 allows remote attackers to download private phot...
CVE-2007-4235 Multiple PHP remote file inclusion vulnerabilities in VietPHP allow remote attackers to execute arbi...
S
CVE-2007-4236 Buffer overflow in lpd in bos.rte.printers in AIX 5.2 and 5.3 allows local users with printq group p...
S
CVE-2007-4237 Buffer overflow in the atm subset in arp in devices.common.IBM.atm.rte in AIX 5.2 and 5.3 allows loc...
S
CVE-2007-4238 AIX 5.2 and 5.3 install pioinit with user and group ownership of bin, which allows local users with ...
CVE-2007-4239 Cross-site scripting (XSS) vulnerability in user/forgotPassStep2.jsp in the admin interface in C-SAM...
E
CVE-2007-4240 The check_logout function in class/auth.php in Help Center Live (hcl) 2.1.3a sends a redirect to the...
CVE-2007-4241 Buffer overflow in ldcconn in Hewlett-Packard (HP) Controller for Cisco Local Director on HP-UX 11.1...
CVE-2007-4242 The pop3 Proxy in Astaro Security Gateway (ASG) 7 does not perform virus scanning of attachments tha...
CVE-2007-4243 Unspecified vulnerability in pfilter-reporter.pl in Astaro Security Gateway (ASG) 7 allows remote at...
CVE-2007-4244 PHP remote file inclusion vulnerability in langset.php in J! Reactions (com_jreactions) 1.8.1 and ea...
E
CVE-2007-4245 Cross-site scripting (XSS) vulnerability in Search.php in DiMeMa CONTENTdm (CDM) allows remote attac...
CVE-2007-4246 Unspecified vulnerability, possibly a buffer overflow, in Justsystem Ichitaro 2007 and earlier allow...
CVE-2007-4247 Windows Calendar on Microsoft Windows Vista allows remote attackers to cause a denial of service (NU...
CVE-2007-4248 The CallCmd function in toolbar_gaming.dll in the Toolbar Gaming toolbar for Internet Explorer allow...
CVE-2007-4249 The isChecked function in Toolbar.DLL in the ExportNation toolbar for Internet Explorer allows remot...
CVE-2007-4250 The isChecked function in Toolbar.DLL in Advanced Searchbar before 3.33 allows remote attackers to c...
CVE-2007-4251 OpenOffice.org (OOo) 2.2 does not properly handle files with multiple extensions, which allows user-...
CVE-2007-4252 Absolute path traversal vulnerability in a certain ActiveX control in CkString.dll 1.1 and earlier i...
E
CVE-2007-4253 SQL injection vulnerability in the News module in modules.php in Envolution 1.1.0 and earlier allows...
E
CVE-2007-4254 Stack-based buffer overflow in a certain ActiveX control in VDT70.DLL in Microsoft Visual Database T...
E
CVE-2007-4255 Buffer overflow in the mSQL extension in PHP 5.2.3 allows context-dependent attackers to execute arb...
E
CVE-2007-4256 Directory traversal vulnerability in showpage.cgi in YNP Portal System 2.2.0 allows remote attackers...
E
CVE-2007-4257 Multiple buffer overflows in Live for Speed (LFS) S1 and S2 allow user-assisted remote attackers to ...
E
CVE-2007-4258 SQL injection vulnerability in directory.php in Prozilla Pub Site Directory allows remote attackers ...
E
CVE-2007-4259 EZPhotoSales 1.9.3 and earlier allows remote attackers to download arbitrary image files via (1) a d...
CVE-2007-4260 EZPhotoSales 1.9.3 and earlier has a default "admin" account for galleries, which allows remote atta...
CVE-2007-4261 EZPhotoSales 1.9.3 and earlier stores sensitive information under the web root with insufficient acc...
CVE-2007-4262 Unrestricted file upload vulnerability in EZPhotoSales 1.9.3 and earlier allows remote authenticated...
CVE-2007-4263 Unspecified vulnerability in the server side of the Secure Copy (SCP) implementation in Cisco 12.2-b...
CVE-2007-4264 Multiple cross-site scripting (XSS) vulnerabilities in index.php in Kai Blankenhorn Bitfolge simple ...
CVE-2007-4265 Multiple cross-site scripting (XSS) vulnerabilities in VisionProject 3.1 and earlier allow remote at...
E
CVE-2007-4267 Stack-based buffer overflow in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allow...
CVE-2007-4268 Integer signedness error in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows l...
CVE-2007-4269 Integer overflow in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows local use...
S
CVE-2007-4270 Multiple race conditions in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users...
S
CVE-2007-4271 Directory traversal vulnerability in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows l...
S
CVE-2007-4272 Multiple vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users...
S
CVE-2007-4273 IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary direct...
S
CVE-2007-4274 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-4275. Reason: This candida...
R
CVE-2007-4275 Multiple untrusted search path vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixp...
S
CVE-2007-4276 Stack-based buffer overflow in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows attacke...
S
CVE-2007-4277 The Trend Micro AntiVirus scan engine before 8.550-1001, as used in Trend Micro PC-Cillin Internet S...
CVE-2007-4278 Stack-based buffer overflow in the giomgr process in ESRI ArcSDE service 9.2, as used with ArcGIS, a...
CVE-2007-4279 PHP remote file inclusion vulnerability in config.php in FrontAccounting 1.12 Build 31 allows remote...
E
CVE-2007-4280 The Skinny channel driver (chan_skinny) in Asterisk Open Source before 1.4.10, AsteriskNOW before be...
S
CVE-2007-4281 Cross-site scripting (XSS) vulnerability in KnowledgeTree Open Source 3.4 and 3.4.1 allows remote at...
CVE-2007-4282 The "Extended properties for entries" (entryproperties) plugin in serendipity_event_entryproperties....
S
CVE-2007-4283 PHP remote file inclusion vulnerability in bridge/yabbse.inc.php in Coppermine Photo Gallery (CPG) 1...
CVE-2007-4284 Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified MeetingPlace Web Conferencing (...
CVE-2007-4285 Unspecified vulnerability in Cisco IOS and Cisco IOS XR 12.x up to 12.3, including some versions bef...
S
CVE-2007-4286 Buffer overflow in the Next Hop Resolution Protocol (NHRP) functionality in Cisco IOS 12.0 through 1...
E
CVE-2007-4287 PHP remote file inclusion vulnerability in fc_functions/fc_example.php in FishCart 3.2 RC2 and earli...
E
CVE-2007-4288 Microsoft Windows Media Player 11 (wmplayer.exe) allows user-assisted remote attackers to cause a de...
E
CVE-2007-4289 Sun Java System Portal Server 7.0 does not properly process XSLT stylesheets in XSLT transforms in X...
S
CVE-2007-4290 Multiple PHP remote file inclusion vulnerabilities in Guestbook Script 1.9 allow remote attackers to...
CVE-2007-4291 Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service via (1) a malformed...
CVE-2007-4292 Multiple memory leaks in Cisco IOS 12.0 through 12.4 allow remote attackers to cause a denial of ser...
CVE-2007-4293 Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device crash) via ...
CVE-2007-4294 Unspecified vulnerability in Cisco Unified Communications Manager (CUCM) 5.0, 5.1, and 6.0, and IOS ...
CVE-2007-4295 Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to execute arbitrar...
CVE-2007-4296 Unspecified vulnerability in assp.pl in Anti-Spam SMTP Proxy Server (ASSP) 1.3.3 has unknown impact ...
S
CVE-2007-4297 Multiple cross-site scripting (XSS) vulnerabilities in yorumkaydet.asp in Dersimiz Haber Ekleme Modu...
CVE-2007-4301 Multiple cross-site scripting (XSS) vulnerabilities in the management interface in WebCart 2.20 thro...
S
CVE-2007-4302 Multiple race conditions in certain system call wrappers in Generic Software Wrappers Toolkit (GSWTK...
E
CVE-2007-4303 Multiple race conditions in (1) certain rules and (2) argument copying during VM protection, in Cerb...
CVE-2007-4304 CerbNG for FreeBSD 4.8 does not properly implement VM protection when attempting to prevent system c...
CVE-2007-4305 Multiple race conditions in the (1) Sudo monitor mode and (2) Sysjail policies in Systrace on NetBSD...
E
CVE-2007-4306 Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.10.3 allow remote attackers to i...
CVE-2007-4307 Multiple cross-site scripting (XSS) vulnerabilities in Storesprite 7 and earlier allow remote attack...
CVE-2007-4308 The (1) aac_cfg_open and (2) aac_compat_ioctl functions in the SCSI layer ioctl path in aacraid in t...
CVE-2007-4309 IBM Lotus Notes 5.x through 7.0.2 allows user-assisted remote authenticated administrators to obtain...
CVE-2007-4310 The finger daemon (in.fingerd) in Sun Solaris 7 through 9 allows remote attackers to list all accoun...
CVE-2007-4311 The xfer_secondary_pool function in drivers/char/random.c in the Linux kernel 2.4 before 2.4.35 perf...
CVE-2007-4312 SQL injection vulnerability in index.php in Php Blue Dragon CMS 3.0.0 allows remote attackers to exe...
E
CVE-2007-4313 PHP remote file inclusion vulnerability in public_includes/pub_blocks/activecontent.php in Php Blue ...
E
CVE-2007-4314 pixlie.php in Pixlie 1.7 allows remote attackers to trigger the reading and JPEG image processing of...
E
CVE-2007-4315 The AMD ATI atidsmxx.sys 3.0.502.0 driver on Windows Vista allows local users to bypass the driver s...
CVE-2007-4316 The management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel Zywall 2 device has a certain def...
CVE-2007-4317 Multiple cross-site request forgery (CSRF) vulnerabilities in the management interface in ZyNOS firm...
E
CVE-2007-4318 Cross-site scripting (XSS) vulnerability in Forms/General_1 in the management interface in ZyNOS fir...
E
CVE-2007-4319 The management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel Zywall 2 device allows remote aut...
E
CVE-2007-4320 PHP remote file inclusion vulnerability in admin/addons/archive/archive.php in Ncaster 1.7.2 allows ...
E
CVE-2007-4321 fail2ban 0.8 and earlier does not properly parse sshd log files, which allows remote attackers to ad...
CVE-2007-4322 BlockHosts before 2.0.4 does not properly parse (1) sshd and (2) vsftpd log files, which allows remo...
CVE-2007-4323 DenyHosts 2.6 does not properly parse sshd log files, which allows remote attackers to add arbitrary...
CVE-2007-4324 ActionScript 3 (AS3) in Adobe Flash Player 9.0.47.0, and other versions and other 9.0.124.0 and earl...
CVE-2007-4325 PHP remote file inclusion vulnerability in index.php in Gaestebuch 1.5 allows remote attackers to ex...
E
CVE-2007-4326 Multiple PHP remote file inclusion vulnerabilities in Bilder Uploader 1.3 allow remote attackers to ...
CVE-2007-4327 Multiple PHP remote file inclusion vulnerabilities in File Uploader 1.1 allow remote attackers to ex...
E
CVE-2007-4328 Multiple PHP remote file inclusion vulnerabilities in Mapos Bilder Galerie 1.0 allow remote attacker...
E
CVE-2007-4329 Multiple PHP remote file inclusion vulnerabilities in Web News 1.1 allow remote attackers to execute...
E
CVE-2007-4330 PHP remote file inclusion vulnerability in shoutbox.php in Shoutbox 1.0 allows remote attackers to e...
E
CVE-2007-4331 PHP remote file inclusion vulnerability in index.php in FindNix allows remote attackers to include t...
CVE-2007-4332 SQL injection vulnerability in article.php in Article Dashboard, when magic_quotes_gpc is disabled, ...
CVE-2007-4333 Multiple cross-site scripting (XSS) vulnerabilities in signup.php in Article Dashboard allow remote ...
CVE-2007-4334 Cross-site scripting (XSS) vulnerability in whois.php in Php-stats 0.1.9.2 allows remote attackers t...
E
CVE-2007-4335 Format string vulnerability in the SMTP server component in Qbik WinGate 5.x and 6.x before 6.2.2 al...
S
CVE-2007-4336 Buffer overflow in the Live Picture Corporation DXSurface.LivePicture.FlashPix.1 (DirectTransform Fl...
E
CVE-2007-4337 Multiple buffer overflows in the httplib_parse_sc_header function in lib/http.c in Streamripper befo...
S
CVE-2007-4338 index.php in Ryan Haudenschilt Family Connections (FCMS) before 0.9 allows remote attackers to acces...
E
CVE-2007-4339 Multiple PHP remote file inclusion vulnerabilities in PHPCentral Poll Script 1.0 allow remote attack...
CVE-2007-4340 PHP remote file inclusion vulnerability in index.php in phpDVD 1.0.4 allows remote attackers to exec...
CVE-2007-4341 PHP remote file inclusion vulnerability in adm/my_statistics.php in Omnistar Lib2 PHP 0.2 allows rem...
E
CVE-2007-4342 PHP remote file inclusion vulnerability in include.php in PHPCentral Login 1.0 allows remote attacke...
E
CVE-2007-4343 Stack-based buffer overflow in IrfanView 3.99 and 4.00 allows user-assisted remote attackers to exec...
S
CVE-2007-4344 Multiple input validation errors in ACD ACDSee Photo Manager 9.0 build 108, Pro Photo Manager 8.1 bu...
S
CVE-2007-4345 Buffer overflow in IMail Client 9.22, as shipped with IPSwitch IMail Server 2006.22, allows remote a...
CVE-2007-4346 The Job Engine (bengine.exe) service in Symantec Backup Exec for Windows Servers (BEWS) 11d build 11...
S
CVE-2007-4347 Multiple integer overflows in the Job Engine (bengine.exe) service in Symantec Backup Exec for Windo...
S
CVE-2007-4348 Cross-site scripting (XSS) vulnerability in the CAD service in IBM Tivoli Storage Manager (TSM) Clie...
CVE-2007-4349 The Shared Trace Service (aka OVTrace) in HP Performance Agent C.04.70 (aka 4.70), HP OpenView Perfo...
S
CVE-2007-4350 Cross-site scripting (XSS) vulnerability in the management interface in HP SiteScope 9.0 build 911 a...
CVE-2007-4351 Off-by-one error in the ippReadIO function in cups/ipp.c in CUPS 1.3.3 allows remote attackers to ca...
S
CVE-2007-4352 Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1...
S
CVE-2007-4353 Multiple buffer overflows in IBM AIX 5.2 and 5.3 allow local users in the system group to gain root ...
S
CVE-2007-4354 Buffer overflow in fileplace in bos.perf.tools in IBM AIX 5.2 and 5.3 allows local users to gain pri...
S
CVE-2007-4355 Buffer overflow in the at program on IBM AIX 5.3 allows local users to gain privileges via unspecifi...
S
CVE-2007-4356 Microsoft Internet Explorer 6 and 7 embeds FTP credentials in HTML files that are retrieved during a...
CVE-2007-4357 Mozilla Firefox 2.0.0.6 and earlier allows remote attackers to spoof the contents of the status bar ...
E
CVE-2007-4358 Zoidcom 0.6.7 and earlier allows remote attackers to cause a denial of service (application crash) v...
E
CVE-2007-4359 Multiple SQL injection vulnerabilities in SkilMatch Staffing Systems JobLister3 allow remote attacke...
E
CVE-2007-4360 Unspecified vulnerability in Dell Remote Access Card 4 (DRAC4) with firmware 1.50 Build 02.16 allows...
CVE-2007-4361 NETGEAR (formerly Infrant) ReadyNAS RAIDiator before 4.00b2-p2-T1 beta creates a default SSH root pa...
S
CVE-2007-4362 SQL injection vulnerability in category.php in Prozilla Webring allows remote attackers to execute a...
E
CVE-2007-4363 Multiple cross-site scripting (XSS) vulnerabilities in the nodereference module in Drupal Content Co...
S
CVE-2007-4364 Fedora Commons before 2.2.1 does not properly handle certain authentication requests involving Java ...
CVE-2007-4365 Cross-site scripting (XSS) vulnerability in eXV2 CMS 2.0.5 and earlier allows remote attackers to in...
CVE-2007-4366 WengoPhone 2.1 allows remote attackers to cause a denial of service (device crash) via a SIP INVITE ...
E
CVE-2007-4367 Opera before 9.23 allows remote attackers to execute arbitrary code via crafted Javascript that trig...
E S
CVE-2007-4368 SQL injection vulnerability in /main in IBM Rational ClearQuest (CQ) Web 7.0.0.0-IFIX02 and 7.0.0.1 ...
E
CVE-2007-4369 Directory traversal vulnerability in go/_files in SOTEeSKLEP before 4.0 allows remote attackers to r...
E S
CVE-2007-4370 Multiple buffer overflows in the (1) client and (2) server in Racer 0.5.3 beta 5 allow remote attack...
E
CVE-2007-4371 Unrestricted file upload vulnerability in admin/pages/blog-add.php in Neuron Blog 1.1 allows remote ...
CVE-2007-4372 Unspecified vulnerability in NetWin SurgeMail 38k on Windows Server 2003 has unknown impact and remo...
CVE-2007-4373 The server in Babo Violent 2 2.08.00 and earlier does not properly implement password protection, wh...
CVE-2007-4374 Babo Violent 2 2.08.00 does not validate the sender field of a chat message composed by a client, wh...
CVE-2007-4375 The administrative interface (aka DkService.exe) in Diskeeper 9 Professional, 2007 Pro Premier, and ...
E
CVE-2007-4376 Unrestricted file upload vulnerability in banner-upload.php in Szymon Kosok Best Top List allows rem...
CVE-2007-4377 Stack-based buffer overflow in the IMAP service in SurgeMail 38k allows remote authenticated users t...
E
CVE-2007-4378 Multiple format string vulnerabilities in Babo Violent 2 2.08.00 and earlier allow remote attackers ...
E
CVE-2007-4379 Babo Violent 2 2.08.00 and earlier allows remote attackers to cause a denial of service (application...
E
CVE-2007-4380 Aclient in Symantec Altiris Deployment Solution 6 before 6.8 SP2 (6.8.378) allows local users to gai...
S
CVE-2007-4381 Unspecified vulnerability in the font parsing implementation in Sun JDK and JRE 5.0 Update 9 and ear...
CVE-2007-4382 CounterPath X-Lite 3.0 34025, and possibly eyeBeam, allows remote attackers to cause a denial of ser...
E
CVE-2007-4383 PHP remote file inclusion vulnerability in tracking.php in Trackeur 1 allows remote attackers to exe...
CVE-2007-4384 Multiple PHP remote file inclusion vulnerabilities in depouilg.php3 in Stephane Pineau VOTE 1c allow...
CVE-2007-4385 OWASP Stinger before 2.5 allows remote attackers to bypass input validation routines by using multip...
E S
CVE-2007-4386 SQL injection vulnerability in search.php in GetMyOwnArcade allows remote attackers to execute arbit...
E
CVE-2007-4387 Cross-site request forgery (CSRF) vulnerability in /xslt in 2wire 1701HG and 2071 Gateway routers, w...
CVE-2007-4388 2wire 1701HG and 2071 Gateway routers, with 5.29.51 and possibly 3.17.5 software, have a blank passw...
CVE-2007-4389 Cross-site request forgery (CSRF) vulnerability in /xslt in 2wire 1701HG, 1800HW, and 2071 Gateway r...
CVE-2007-4390 The Command Line Interface (CLI), aka Adonis Administration Console, on the BlueCat Networks Adonis ...
CVE-2007-4391 Heap-based buffer overflow in Kakadu kdu_v32m.dll in Yahoo! Messenger 8.1.0.413 allows remote attack...
CVE-2007-4392 Winamp 5.35 allows remote attackers to cause a denial of service (program stack overflow and applica...
CVE-2007-4393 The installation script for orarun on SUSE Linux before 20070810 places the oracle user into the dis...
CVE-2007-4394 Unspecified vulnerability in a "core clean" cron job created by the findutils-locate package on SUSE...
CVE-2007-4395 Multiple unspecified vulnerabilities in the Role Based Access Control (RBAC) functionality in Sun So...
S
CVE-2007-4396 Multiple CRLF injection vulnerabilities in (1) ixmmsa.pl 0.3, (2) l33tmusic.pl 2.00, (3) mpg123.pl 0...
CVE-2007-4397 Multiple CRLF injection vulnerabilities in (1) xmms-thing 1.0, (2) XMMS Remote Control Script 1.07, ...
E S
CVE-2007-4398 Multiple CRLF injection vulnerabilities in the (1) now-playing.rb and (2) xmms.pl 1.1 scripts for We...
CVE-2007-4399 CRLF injection vulnerability in the xmms.bx 1.0 script for BitchX allows user-assisted remote attack...
E S
CVE-2007-4400 CRLF injection vulnerability in the included media script in Konversation allows user-assisted remot...
CVE-2007-4401 Multiple CRLF injection vulnerabilities in the Advanced mIRC Integration Plugin and possibly other u...
E
CVE-2007-4402 Multiple unspecified scripts in mIRC allow user-assisted remote attackers to execute arbitrary code ...
CVE-2007-4403 The mIRC Control Plug-in for Winamp allows user-assisted remote attackers to execute arbitrary code ...
CVE-2007-4404 ircu 2.10.12.01 allows remote attackers to (1) cause a denial of service (flood wallops) by joining ...
E
CVE-2007-4405 ircu 2.10.12.02 through 2.10.12.04 allows remote attackers to cause a denial of service (memory and ...
CVE-2007-4406 ircu 2.10.12.01 through 2.10.12.04 does not remove ops privilege after a join from a server with an ...
E
CVE-2007-4407 ircu 2.10.12.03 and 2.10.12.04 does not associate a timestamp with ops privilege on an unused channe...
E
CVE-2007-4408 ircu 2.10.12.05 and earlier ignores timestamps in bounces, which allows remote attackers to take ove...
E
CVE-2007-4409 Race condition in ircu 2.10.12.01 through 2.10.12.05 allows remote attackers to set a new Apass duri...
E
CVE-2007-4410 ircu 2.10.12.05 and earlier does not properly synchronize a kick action in certain cross scenarios, ...
E
CVE-2007-4411 ircu 2.10.12.05 and earlier allows remote attackers to discover the hidden IP address of arbitrary +...
E
CVE-2007-4412 Multiple cross-site scripting (XSS) vulnerabilities in Headstart Solutions DeskPRO 3.0.2 allow remot...
CVE-2007-4413 Direct static code injection vulnerability in admincp/user_help.php in Headstart Solutions DeskPRO 3...
CVE-2007-4414 Cisco VPN Client on Windows before 4.8.02.0010 allows local users to gain privileges by enabling the...
S
CVE-2007-4415 Cisco VPN Client on Windows before 5.0.01.0600, and the 5.0.01.0600 InstallShield (IS) release, uses...
S
CVE-2007-4416 captcha.php in BellaBook (aka BellaBuffs) allows remote attackers to obtain administrative privilege...
CVE-2007-4417 IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 does not properly revoke privileges on method...
S
CVE-2007-4418 IBM DB2 UDB 8 before Fixpak 15 does not properly check authorization, which allows remote authentica...
S
CVE-2007-4419 Admin.php in Olate Download (od) 3.4.1 uses an MD5 hash of the admin username, user id, and group id...
E
CVE-2007-4420 Absolute path traversal vulnerability in a certain ActiveX control in officeviewer.ocx 5.1.199.1 in ...
E
CVE-2007-4421 SQL injection vulnerability in Admin.php in Olate Download (od) 3.4.1 allows remote attackers to exe...
CVE-2007-4422 The login interface in Symantec Enterprise Firewall 6.x, when a VPN with pre-shared key (PSK) authen...
CVE-2007-4423 Stack-based buffer overflow in the AUTH_LIST_GROUPS_FOR_AUTHID function in IBM DB2 UDB 9.1 before Fi...
S
CVE-2007-4424 Apple Safari for Windows 3.0.3 and earlier does not prompt the user before downloading a file, which...
CVE-2007-4425 Multiple buffer overflows in Live for Speed (LFS) demo, S1, and S2 allow remote authenticated users ...
E
CVE-2007-4426 Live for Speed (LFS) S1 and S2 allows remote attackers to cause a denial of service (server crash) v...
CVE-2007-4427 Unspecified vulnerability in the login page redirection logic in the Cache' Server Page (CSP) implem...
S
CVE-2007-4428 Lhaz 1.33 allows remote attackers to execute arbitrary code via unknown vectors, as actively exploit...
E
CVE-2007-4429 Unspecified vulnerability in Skype allows remote attackers to cause a denial of service (server hang...
E
CVE-2007-4430 Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows context-dependent attackers to cause...
CVE-2007-4431 Cross-domain vulnerability in Apple Safari for Windows 3.0.3 and earlier allows remote attackers to ...
E
CVE-2007-4432 Untrusted search path vulnerability in the wrapper scripts for the (1) rug, (2) zen-updater, (3) zen...
CVE-2007-4433 Cross-site scripting (XSS) vulnerability in textfilesearch.aspx in the Text File Search ASP.NET edit...
E
CVE-2007-4434 Cross-site scripting (XSS) vulnerability in textfilesearch.asp in the Text File Search ASP (Classic)...
E
CVE-2007-4435 Multiple SQL injection vulnerabilities in TorrentTrader before 1.07 allow remote attackers to execut...
S
CVE-2007-4436 The Drupal Project module before 5.x-1.0, 4.7.x-2.3, and 4.7.x-1.3 and Project issue tracking module...
S
CVE-2007-4437 SQL injection vulnerability in albums.php in Ampache before 3.3.3.5 allows remote attackers to execu...
S
CVE-2007-4438 Session fixation vulnerability in Ampache before 3.3.3.5 allows remote attackers to hijack web sessi...
S
CVE-2007-4439 PHP remote file inclusion vulnerability in popup_window.php in Squirrelcart 1.x.x and earlier allows...
E
CVE-2007-4440 Stack-based buffer overflow in the MercuryS SMTP server in Mercury Mail Transport System, possibly 4...
E
CVE-2007-4441 Buffer overflow in php_win32std.dll in the win32std extension for PHP 5.2.0 and earlier allows conte...
E
CVE-2007-4442 Stack-based buffer overflow in the logging function in the Unreal engine, possibly 2003 and 2004, as...
CVE-2007-4443 The UCC dedicated server for the Unreal engine, possibly 2003 and 2004, on Windows allows remote att...
CVE-2007-4444 Multiple buffer overflows in Image Space rFactor 1.250 and earlier allow remote attackers to execute...
E
CVE-2007-4445 Image Space rFactor 1.250 and earlier allows remote attackers to cause a denial of service (daemon c...
E
CVE-2007-4446 Format string vulnerability in the server in Toribash 2.71 and earlier allows remote attackers to ex...
E
CVE-2007-4447 Multiple buffer overflows in the client in Toribash 2.71 and earlier allow remote attackers to (1) e...
E
CVE-2007-4448 The server in Toribash 2.71 and earlier does not properly handle partially joined clients that are t...
E
CVE-2007-4449 The client in Toribash 2.71 and earlier allows remote attackers to cause a denial of service (applic...
E
CVE-2007-4450 The server in Toribash 2.71 and earlier does not properly handle long commands, which allows remote ...
E
CVE-2007-4451 The server in Toribash 2.71 and earlier on Windows allows remote attackers to cause a denial of serv...
E
CVE-2007-4452 The client in Toribash 2.71 and earlier allows remote attackers to cause a denial of service (discon...
E
CVE-2007-4453 Multiple cross-site scripting (XSS) vulnerabilities in vBulletin 3.6.8 allow remote attackers to inj...
CVE-2007-4454 Eval injection vulnerability in environment.php in Olate Download (od) 3.4.1 allows context-dependen...
E
CVE-2007-4455 The SIP channel driver (chan_sip) in Asterisk Open Source 1.4.x before 1.4.11, AsteriskNOW before be...
CVE-2007-4456 SQL injection vulnerability in index.php in the SimpleFAQ (com_simplefaq) 2.11 component for Mambo a...
E
CVE-2007-4457 Directory traversal vulnerability in forumreply.php in Dalai Forum 1.1 allows remote attackers to in...
E
CVE-2007-4458 PHP remote file inclusion vulnerability in includes/class/class_tpl.php in Firesoft allows remote at...
E
CVE-2007-4459 Cisco IP Phone 7940 and 7960 with P0S3-08-6-00 firmware, and other SIP firmware before 8.7(0), allow...
E S
CVE-2007-4460 The RenderV2ToFile function in tag_file.cpp in id3lib (aka libid3) 3.8.3 allows local users to overw...
E
CVE-2007-4461 NuFW 2.2.3, and certain other versions after 2.0, allows remote attackers to bypass time-based packe...
S
CVE-2007-4462 lib/Locale/Po4a/Po.pm in po4a before 0.32 allows local users to overwrite arbitrary files via a syml...
CVE-2007-4463 The Fileinfo 2.0.9 plugin for Total Commander allows user-assisted remote attackers to cause a denia...
E
CVE-2007-4464 CRLF injection vulnerability in the Fileinfo 2.0.9 plugin for Total Commander allows user-assisted r...
CVE-2007-4465 Cross-site scripting (XSS) vulnerability in mod_autoindex.c in the Apache HTTP Server before 2.2.6, ...
S
CVE-2007-4466 Multiple stack-based buffer overflows in Electronic Arts (EA) SnoopyCtrl ActiveX control (NPSnpy.dll...
CVE-2007-4467 Multiple stack-based buffer overflows in the Oracle JInitiator ActiveX control (beans.ocx) 1.1.8.16 ...
CVE-2007-4470 Multiple stack-based buffer overflows in the Earth Resource Mapping NCSView ActiveX control before 3...
S
CVE-2007-4471 Multiple unspecified vulnerabilities in the Intuit QuickBooks Online Edition ActiveX control before ...
S
CVE-2007-4472 Multiple buffer overflows in the Broderbund Expressit 3DGreetings Player ActiveX control could allow...
CVE-2007-4473 Gesytec Easylon OPC Server before 2.3.44 does not properly validate server handles, which allows rem...
S
CVE-2007-4474 Multiple stack-based buffer overflows in the IBM Lotus Domino Web Access ActiveX control, as provide...
E
CVE-2007-4475 Stack-based buffer overflow in EAI WebViewer3D ActiveX control (webviewer3d.dll) in SAP AG SAPgui be...
S
CVE-2007-4476 Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impa...
S
CVE-2007-4477 The administration interface in the Planet VC-200M VDSL2 router allows remote attackers to cause a d...
CVE-2007-4478 Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 6.0 and 7 allows user-assist...
CVE-2007-4479 Cross-site scripting (XSS) vulnerability in search.html in Search Engine Builder allows remote attac...
E
CVE-2007-4480 Cross-site scripting (XSS) vulnerability in index.php in the Sirius 1.0 theme for WordPress allows r...
E
CVE-2007-4481 Cross-site scripting (XSS) vulnerability in index.php in the (1) Blix 0.9.1 and (2) Blix 0.9.1 Rus t...
CVE-2007-4482 Cross-site scripting (XSS) vulnerability in index.php in the Pool 1.0.7 theme for WordPress allows r...
CVE-2007-4483 Cross-site scripting (XSS) vulnerability in index.php in the WordPress Classic 1.5 theme in WordPres...
CVE-2007-4484 PHP remote file inclusion vulnerability in login.php in My_REFERER 1.08 allows remote attackers to e...
CVE-2007-4485 PHP remote file inclusion vulnerability in visitor.php in Butterfly online visitors counter 1.08, wh...
E
CVE-2007-4486 Multiple PHP remote file inclusion vulnerabilities in index.php in Linkliste 1.2 allow remote attack...
E
CVE-2007-4487 Cross-site scripting (XSS) vulnerability in D22-Shoutbox for Invision Power Board (IPB or IP.Board) ...
CVE-2007-4488 Multiple cross-site scripting (XSS) vulnerabilities in the Siemens Gigaset SE361 WLAN router with fi...
CVE-2007-4489 Buffer overflow in the IUAComFormX ActiveX control in uacomx.ocx 2.0.1 in the eCentrex VOIP Client m...
E
CVE-2007-4490 Multiple buffer overflows in EarthAgent.exe in Trend Micro ServerProtect 5.58 for Windows before Sec...
S
CVE-2007-4491 SQL injection vulnerability in uyeler2.php in Gurur haber 2.0 allows remote attackers to execute arb...
E
CVE-2007-4492 Multiple unspecified vulnerabilities in the ata disk driver in Sun Solaris 8, 9, and 10 on the x86 p...
S
CVE-2007-4493 eZ publish before 3.8.9, and 3.9 before 3.9.3, does not properly check permissions on module views t...
CVE-2007-4494 The tipafriend function in eZ publish before 3.8.9, and 3.9 before 3.9.3, does not limit access by a...
S
CVE-2007-4495 Unspecified vulnerability in the ata disk driver in Sun Solaris 10 on the x86 platform before 200708...
CVE-2007-4496 Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Bu...
S
CVE-2007-4497 Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Bu...
S
CVE-2007-4498 The Grandstream SIP Phone GXV-3000 with firmware 1.0.1.7, Loader 1.0.0.6, and Boot 1.0.0.18 allows r...
E
CVE-2007-4499 Unrestricted file upload vulnerability in output.php in American Financing eMail Image Upload 4.1 al...
CVE-2007-4500 Unspecified vulnerability in TunnelRunner in SSHKeychain before 0.8.2 beta, and possibly later versi...
CVE-2007-4501 Unspecified vulnerability in PassphraseRequester in SSHKeychain before 0.8.2 beta allows attackers t...
CVE-2007-4502 SQL injection vulnerability in index.php in the BibTeX component (com_jombib) 1.3 and earlier for Jo...
E
CVE-2007-4503 SQL injection vulnerability in index.php in the Nice Talk component (com_nicetalk) 0.9.3 and earlier...
E
CVE-2007-4504 Directory traversal vulnerability in index.php in the RSfiles component (com_rsfiles) 1.0.2 and earl...
E
CVE-2007-4505 SQL injection vulnerability in index.php in the RemoSitory component (com_remository) for Mambo allo...
E
CVE-2007-4506 SQL injection vulnerability in index.php in the NeoRecruit component (com_neorecruit) 1.4 and earlie...
E
CVE-2007-4507 Multiple buffer overflows in the php_ntuser component for PHP 5.2.3 allow context-dependent attacker...
E
CVE-2007-4508 Stack-based buffer overflow in Rebellion Asura engine, as used for the server in Rogue Trooper 1.0 a...
E
CVE-2007-4509 SQL injection vulnerability in index.php in the EventList component (com_eventlist) 0.8 and earlier ...
E
CVE-2007-4510 ClamAV before 0.91.2, as used in Kolab Server 2.0 through 2.2beta1 and other products, allows remote...
S
CVE-2007-4511 The Sun Admin Console in Sun Application Server 9.0_0.1 does not apply certain configuration changes...
CVE-2007-4512 Cross-site scripting (XSS) vulnerability in Sophos Anti-Virus for Windows 6.x before 6.5.8 and 7.x b...
S
CVE-2007-4513 Multiple stack-based buffer overflows in IBM AIX 5.2 and 5.3 allow local users to gain privileges vi...
S
CVE-2007-4514 Unspecified vulnerability in HP ProCurve Manager and HP ProCurve Manager Plus 2.3 and earlier allows...
S
CVE-2007-4515 Buffer overflow in a certain ActiveX control in YVerInfo.dll before 2007.8.27.1 in the Yahoo! servic...
S
CVE-2007-4516 The Volume Manager Scheduler Service (aka VxSchedService.exe) in Symantec Veritas Storage Foundation...
S
CVE-2007-4517 Buffer overflow in the XDB.XDB_PITRIG_PKG.PITRIG_DROPMETADATA procedure in Oracle 10g R2 allows remo...
CVE-2007-4521 Asterisk Open Source 1.4.5 through 1.4.11, when configured to use an IMAP voicemail storage backend,...
CVE-2007-4522 Multiple SQL injection vulnerabilities in Ripe Website Manager 0.8.9 and earlier allow remote authen...
E
CVE-2007-4523 Multiple cross-site scripting (XSS) vulnerabilities in Ripe Website Manager 0.8.9 and earlier allow ...
CVE-2007-4524 PHP remote file inclusion vulnerability in adisplay.php in PhPress 0.2.0 allows remote attackers to ...
E
CVE-2007-4525 PHP remote file inclusion vulnerability in inc-calcul.php3 in SPIP 1.7.2 allows remote attackers to ...
CVE-2007-4526 The Client Login Extension (CLE) in Novell Identity Manager before 3.5.1 20070730 stores the usernam...
S
CVE-2007-4527 Unrestricted file upload vulnerability in phUploader.php in phphq.Net phUploader 1.2 allows remote a...
CVE-2007-4528 The Foreign Function Interface (ffi) extension in PHP 5.0.5 does not follow safe_mode restrictions, ...
E
CVE-2007-4529 The WebAdmin interface in TeamSpeak Server 2.0.20.1 allows remote authenticated users with the Serve...
E
CVE-2007-4530 Multiple cross-site scripting (XSS) vulnerabilities in TeamSpeak Server 2.0.20.1 allow remote attack...
CVE-2007-4531 Soldat game server 1.4.2 and earlier, and dedicated server 2.6.2 and earlier, allows remote attacker...
E
CVE-2007-4532 Soldat game server 1.4.2 and earlier, and dedicated server 2.6.2 and earlier, allows remote attacker...
CVE-2007-4533 Format string vulnerability in the Say command in sv_main.cpp in Vavoom 1.24 and earlier allows remo...
E
CVE-2007-4534 Buffer overflow in the VThinker::BroadcastPrintf function in p_thinker.cpp in Vavoom 1.24 and earlie...
CVE-2007-4535 The VStr::Resize function in str.cpp in Vavoom 1.24 and earlier allows remote attackers to cause a d...
CVE-2007-4536 TorrentTrader 1.07 and earlier sets insecure permissions for files in the root directory, which allo...
CVE-2007-4537 Heap-based buffer overflow in the Huffman decompression algorithm implemented in Skulltag 0.97d-beta...
E
CVE-2007-4538 email_in.pl in Bugzilla 2.23.4 through 3.0.0 allows remote attackers to execute arbitrary commands v...
E S
CVE-2007-4539 The WebService (XML-RPC) interface in Bugzilla 2.23.3 through 3.0.0 does not enforce permissions for...
E S
CVE-2007-4540 Multiple SQL injection vulnerabilities in download.php in Olate Download (od) 3.4.2 allow remote att...
CVE-2007-4541 Multiple cross-site scripting (XSS) vulnerabilities in Olate Download (od) 3.4.2 allow remote attack...
E
CVE-2007-4542 Multiple cross-site scripting (XSS) vulnerabilities in MapServer before 4.10.3 allow remote attacker...
S
CVE-2007-4543 Cross-site scripting (XSS) vulnerability in enter_bug.cgi in Bugzilla 2.17.1 through 2.20.4, 2.22.x ...
E S
CVE-2007-4544 Cross-site scripting (XSS) vulnerability in wp-newblog.php in WordPress multi-user (MU) 1.0 and earl...
CVE-2007-4545 Multiple directory traversal vulnerabilities in Unreal Commander 0.92 build 565 and 573 allow user-a...
E
CVE-2007-4546 Unreal Commander 0.92 build 565 and 573 lists the filenames from the Central Directory of a ZIP arch...
E
CVE-2007-4547 Unreal Commander 0.92 build 565 and 573 writes portions of heap memory into local files when extract...
CVE-2007-4548 The login method in LoginModule implementations in Apache Geronimo 2.0 does not throw FailedLoginExc...
S
CVE-2007-4549 Multiple buffer overflows in ALPass 2.7 English and 3.02 Korean allow user-assisted remote attackers...
E S
CVE-2007-4550 Format string vulnerability in ALPass 2.7 English and 3.02 Korean might allow user-assisted remote a...
E S
CVE-2007-4551 PHP remote file inclusion vulnerability in index.php in Agares Media Arcadem 2.01 allows remote atta...
E S
CVE-2007-4552 SQL injection vulnerability in index.php in Agares Media Arcadem 2.01 allows remote attackers to exe...
E
CVE-2007-4553 The Thomson ST 2030 SIP phone with software 1.52.1 allows remote attackers to cause a denial of serv...
CVE-2007-4554 Cross-site scripting (XSS) vulnerability in tiki-remind_password.php in Tikiwiki (aka Tiki CMS/Group...
E
CVE-2007-4555 Cross-site scripting (XSS) vulnerability in Ipswitch WS_FTP allows remote attackers to inject arbitr...
CVE-2007-4556 Struts support in OpenSymphony XWork before 1.2.3, and 2.x before 2.0.4, as used in WebWork and Apac...
S
CVE-2007-4557 Cross-site scripting (XSS) vulnerability in the webacc servlet in Novell GroupWise 6.5 WebAccess all...
CVE-2007-4558 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-4134. Reason: This candida...
R
CVE-2007-4559 Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile mod...
E
CVE-2007-4560 clamav-milter in ClamAV before 0.91.2, when run in black hole mode, allows remote attackers to execu...
S
CVE-2007-4561 Heap-based buffer overflow in the RTSP service in Helix DNA Server before 11.1.4 allows remote attac...
S
CVE-2007-4562 Unspecified vulnerability in Hitachi DABroker before 03-02-/D and Cosminexus DABroker before 02-04-/...
E S
CVE-2007-4563 Cosminexus Manager in Cosminexus Application Server 06-50 and later might assign the wrong user's gr...
S
CVE-2007-4564 Cosminexus Manager in Cosminexus Application Server 07-00 and later might assign the wrong user's gr...
S
CVE-2007-4565 sink.c in fetchmail before 6.3.9 allows context-dependent attackers to cause a denial of service (NU...
S
CVE-2007-4566 Multiple buffer overflows in the login mechanism in sidvault in Alpha Centauri Software SIDVault LDA...
S
CVE-2007-4567 The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel before 2.6.22 does not properl...
CVE-2007-4568 Integer overflow in the build_range function in X.Org X Font Server (xfs) before 1.0.5 allows contex...
S
CVE-2007-4569 backend/session.c in KDM in KDE 3.3.0 through 3.5.7, when autologin is configured and "shutdown with...
S
CVE-2007-4570 Algorithmic complexity vulnerability in the MCS translation daemon in mcstrans 0.2.3 allows local us...
S
CVE-2007-4571 The snd_mem_proc_read function in sound/core/memalloc.c in the Advanced Linux Sound Architecture (AL...
CVE-2007-4572 Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when configured as a Primary or ...
S
CVE-2007-4573 The IA32 system call emulation functionality in Linux kernel 2.4.x and 2.6.x before 2.6.22.7, when r...
S
CVE-2007-4574 Unspecified vulnerability in the "stack unwinder fixes" in kernel in Red Hat Enterprise Linux 5, whe...
S
CVE-2007-4575 HSQLDB before 1.8.0.9, as used in OpenOffice.org (OOo) 2 before 2.3.1, allows user-assisted remote a...
S
CVE-2007-4576 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-4575. Reason: This candida...
R
CVE-2007-4577 Sophos Anti-Virus for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service ...
S
CVE-2007-4578 Sophos Anti-Virus for Windows and for Unix/Linux before 2.48.0 allows remote attackers to cause a de...
S
CVE-2007-4579 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-2931. Reason: This candida...
R
CVE-2007-4580 Buffer underflow in redlight.sys in BufferZone 2.1 and 2.5 allows local users to cause a denial of s...
CVE-2007-4581 SQL injection vulnerability in acrotxt.php in WBB2-Addon: Acrotxt 1 allows remote attackers to execu...
E
CVE-2007-4582 Buffer overflow in the nvUnifiedControl.AUnifiedControl.1 ActiveX control in nvUnifiedControl.dll 1....
E
CVE-2007-4583 Multiple absolute path traversal vulnerabilities in the nvUtility.Utility.1 ActiveX control in nvUti...
E
CVE-2007-4584 Stack-based buffer overflow in BitchX 1.1 Final allows remote IRC servers to execute arbitrary code ...
E
CVE-2007-4585 Directory traversal vulnerability in activateuser.php in 2532|Gigs 1.2.1 allows remote attackers to ...
E
CVE-2007-4586 Multiple buffer overflows in php_iisfunc.dll in the iisfunc extension for PHP 5.2.0 and earlier allo...
E
CVE-2007-4587 Cross-site scripting (XSS) vulnerability in Easy Software Cafeteria escafeWeb (aka Tuigwaa) 1.0 thro...
E S
CVE-2007-4588 Multiple cross-site scripting (XSS) vulnerabilities in InterWorx Hosting Control Panel (InterWorx-CP...
CVE-2007-4589 Multiple cross-site scripting (XSS) vulnerabilities in InterWorx Hosting Control Panel (InterWorx-CP...
CVE-2007-4590 The get_system_info command in Ignite-UX C.7.0 through C.7.3, and DynRootDisk (DRD) A.1.0.16.417 thr...
S
CVE-2007-4591 vstor-ws60.sys in VMWare Workstation 6.0 allows local users to cause a denial of service (host opera...
E
CVE-2007-4592 Multiple cross-site scripting (XSS) vulnerabilities in the web interface for IBM Rational ClearQuest...
CVE-2007-4593 Unspecified vulnerability in vstor2-ws60.sys in VMWare Workstation 6.0 allows local users to cause a...
CVE-2007-4594 Entrust Entelligence Security Provider (ESP) 8 does not properly validate certificates in certain ci...
S
CVE-2007-4595 Cross-site scripting (XSS) vulnerability in Mayaa before 1.1.12 allows remote attackers to inject ar...
S
CVE-2007-4596 The perl extension in PHP does not follow safe_mode restrictions, which allows context-dependent att...
E
CVE-2007-4597 SQL injection vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 RC 6 allows re...
E
CVE-2007-4598 IBM SurePOS 500 has (1) a default password of "12345" for the manager and (2) blank default password...
CVE-2007-4599 Stack-based buffer overflow in RealNetworks RealPlayer 10 and possibly 10.5, and RealOne Player 1 an...
S
CVE-2007-4600 The "Protect Worksheet" functionality in Mathsoft Mathcad 12 through 13.1, and PTC Mathcad 14, imple...
CVE-2007-4601 A regression error in tcp-wrappers 7.6.dbs-10 and 7.6.dbs-11 might allow remote attackers to bypass ...
S
CVE-2007-4602 SQL injection vulnerability in cms/revert-content.php in Implied by Design Micro CMS (Micro-CMS) 3.5...
E
CVE-2007-4603 Multiple SQL injection vulnerabilities in index.php in ACG News 1.0 allow remote attackers to execut...
E
CVE-2007-4604 SQL injection vulnerability in viewitem.php in DL PayCart 1.01 allows remote attackers to execute ar...
E
CVE-2007-4605 PHP remote file inclusion vulnerability in convert/mvcw.php in Virtual War (VWar) 1.5.0 R15 and earl...
E
CVE-2007-4606 PHP remote file inclusion vulnerability in convert/mvcw_conver.php in the Virtual War (VWar) module ...
E
CVE-2007-4607 Buffer overflow in the EasyMailSMTPObj ActiveX control in emsmtp.dll 6.0.1 in the Quiksoft EasyMail ...
E
CVE-2007-4608 PHP remote file inclusion vulnerability in protection.php in ePersonnel RC_2004_02 allows remote att...
CVE-2007-4609 eyeOS uses predictable checksum values in the checknum parameter for access control, which allows re...
CVE-2007-4610 Unrestricted file upload vulnerability in config/upload.php in Moonware (aka Dale Mooney Gallery) al...
CVE-2007-4611 SQL injection vulnerability in viewevent.php in Moonware (aka Dale Mooney Gallery) allows remote att...
E
CVE-2007-4612 CRLF injection vulnerability in contact.php in Moonware (aka Dale Mooney Gallery) allows remote atta...
CVE-2007-4613 SSL libraries in BEA WebLogic Server 6.1 Gold through SP7, 7.0 Gold through SP7, and 8.1 Gold throug...
S
CVE-2007-4614 BEA WebLogic Server 9.1 does not properly handle propagation of an admin server's security policy ch...
S
CVE-2007-4615 The SSL client implementation in BEA WebLogic Server 7.0 SP7, 8.1 SP2 through SP6, 9.0, 9.1, 9.2 Gol...
S
CVE-2007-4616 The SSL server implementation in BEA WebLogic Server 7.0 Gold through SP7, 8.1 Gold through SP6, 9.0...
S
CVE-2007-4617 Unspecified vulnerability in BEA WebLogic Server 6.1 Gold through SP7, 7.0 Gold through SP7, and 8.1...
CVE-2007-4618 Unspecified vulnerability in BEA WebLogic Server 6.1 Gold through SP7 and 7.0 Gold through SP7 allow...
S
CVE-2007-4619 Multiple integer overflows in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1, as used in Wina...
S
CVE-2007-4620 Multiple stack-based buffer overflows in Computer Associates (CA) Alert Notification Service (Alert....
CVE-2007-4621 Buffer overflow in crontab in IBM AIX 5.2 allows local users to gain privileges via long command lin...
S
CVE-2007-4622 Integer underflow in the dns_name_fromtext function in (1) libdns_nonsecure.a and (2) libdns_secure....
S
CVE-2007-4623 Stack-based buffer overflow in the sendrmt function in bellmail in IBM AIX 5.2 and 5.3 allows local ...
S
CVE-2007-4624 Cross-site scripting (XSS) vulnerability in pframe.php in AbleDesign Dynamic Picture Frame 1.00 allo...
CVE-2007-4625 Polipo before 1.0.2 allows remote HTTP servers to cause a denial of service (daemon crash) by aborti...
S
CVE-2007-4626 Unspecified vulnerability in Polipo before 1.0.2 allows remote attackers to cause a denial of servic...
S
CVE-2007-4627 SQL injection vulnerability in index.php in ABC eStore 3.0 allows remote attackers to execute arbitr...
E
CVE-2007-4628 SQL injection vulnerability in shownews.php in phpns 1.1 allows remote attackers to execute arbitrar...
E
CVE-2007-4629 Buffer overflow in the processLine function in maptemplate.c in MapServer before 4.10.3 allows attac...
S
CVE-2007-4630 Cross-site scripting (XSS) vulnerability in xlaapmview.asp in Absolute Poll Manager XE 4.1 allows re...
CVE-2007-4631 The DataLoader::doStart function in dataloader.cpp in QGit 1.5.6 and other versions up to 2pre1 allo...
S
CVE-2007-4632 Cisco IOS 12.2E, 12.2F, and 12.2S places a "no login" line into the VTY configuration when an admini...
S
CVE-2007-4633 Multiple cross-site scripting (XSS) vulnerabilities in Cisco CallManager and Unified Communications ...
S
CVE-2007-4634 Multiple SQL injection vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM...
E
CVE-2007-4635 Yahoo! Messenger 8.1.0.209 and 8.1.0.402 allows remote attackers to cause a denial of service (appli...
E
CVE-2007-4636 Multiple PHP remote file inclusion vulnerabilities in phpBG 0.9.1 allow remote attackers to execute ...
E
CVE-2007-4637 xGB.php in xGB 2.0 does not require authentication for an admin edit action, which allows remote att...
E
CVE-2007-4638 Blizzard Entertainment StarCraft Brood War 1.15.1 and earlier allows remote attackers to cause a den...
E
CVE-2007-4639 EnterpriseDB Advanced Server 8.2 does not properly handle certain debugging function calls that occu...
E
CVE-2007-4640 Unrestricted file upload vulnerability in index.php in Pakupaku CMS 0.4 and earlier allows remote at...
E
CVE-2007-4641 Directory traversal vulnerability in index.php in Pakupaku CMS 0.4 and earlier allows remote attacke...
E
CVE-2007-4642 Multiple buffer overflows in Doomsday (aka deng) 1.9.0-beta5.1 and earlier allow remote attackers to...
E
CVE-2007-4643 Integer underflow in Doomsday (aka deng) 1.9.0-beta5.1 and earlier allows remote attackers to cause ...
E
CVE-2007-4644 Format string vulnerability in the Cl_GetPackets function in cl_main.c in the client in Doomsday (ak...
E
CVE-2007-4645 SQL injection vulnerability in index.php in NMDeluxe 2.0.0 allows remote attackers to execute arbitr...
E
CVE-2007-4646 Buffer overflow in the pop3 service in Hexamail Server 3.0.0.001 Lite allows remote attackers to cau...
E
CVE-2007-4647 newswire/uploadmedia.cgi in 2coolcode Our Space (Ourspace) 2.0.9 allows remote attackers to upload c...
E
CVE-2007-4648 The nvcoaft51 driver in Norman Virus Control (NVC) 5.82 uses weak permissions (unrestricted write ac...
E
CVE-2007-4649 MicroWorld eScan Virus Control 9.0.722.1, Anti-Virus 9.0.722.1, and Internet Security 9.0.722.1 use ...
E
CVE-2007-4650 Multiple unspecified vulnerabilities in Gallery before 2.2.3 allow attackers to (1) rename items, (2...
S
CVE-2007-4651 Unspecified vulnerability in Adobe Connect Enterprise Server 6 allows remote attackers to read certa...
S
CVE-2007-4652 The session extension in PHP before 5.2.4 might allow local users to bypass open_basedir restriction...
S
CVE-2007-4653 SQL injection vulnerability in links.php in the Links MOD 1.2.2 and earlier for phpBB 2.0.22 and ear...
E
CVE-2007-4654 Unspecified vulnerability in SSHield 1.6.1 with OpenSSH 3.0.2p1 on Cisco WebNS 8.20.0.1 on Cisco Con...
CVE-2007-4655 Multiple directory traversal vulnerabilities in CGI RESCUE Shopping Basket Professional 7.51 and ear...
CVE-2007-4656 backup-manager-upload in Backup Manager before 0.6.3 provides the FTP server hostname, username, and...
S
CVE-2007-4657 Multiple integer overflows in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to ...
S
CVE-2007-4658 The money_format function in PHP 5 before 5.2.4, and PHP 4 before 4.4.8, permits multiple (1) %i and...
S
CVE-2007-4659 The zend_alter_ini_entry function in PHP before 5.2.4 does not properly handle an interruption to th...
S
CVE-2007-4660 Unspecified vulnerability in the chunk_split function in PHP before 5.2.4 has unknown impact and att...
S
CVE-2007-4661 The chunk_split function in string.c in PHP 5.2.3 does not properly calculate the needed buffer size...
E S
CVE-2007-4662 Buffer overflow in the php_openssl_make_REQ function in PHP before 5.2.4 has unknown impact and atta...
S
CVE-2007-4663 Directory traversal vulnerability in PHP before 5.2.4 allows attackers to bypass open_basedir restri...
S
CVE-2007-4664 Unspecified vulnerability in the (1) attach database and (2) create database functionality in Firebi...
S
CVE-2007-4665 Unspecified vulnerability in the server in Firebird before 2.0.2 allows remote attackers to cause a ...
S
CVE-2007-4666 Unspecified vulnerability in the server in Firebird before 2.0.2, when a Superserver/TCP/IP environm...
S
CVE-2007-4667 Unspecified vulnerability in the Services API in Firebird before 2.0.2 allows remote attackers to ca...
S
CVE-2007-4668 Unspecified vulnerability in the server in Firebird before 2.0.2 allows remote attackers to determin...
S
CVE-2007-4669 The Services API in Firebird before 2.0.2 allows remote authenticated users without SYSDBA privilege...
S
CVE-2007-4670 Unspecified vulnerability in PHP before 5.2.4 has unknown impact and attack vectors, related to an "...
CVE-2007-4671 Unspecified vulnerability in Safari in Apple iPhone 1.1.1, and Safari 3 before Beta Update 3.0.4 on ...
S
CVE-2007-4672 Stack-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitra...
CVE-2007-4673 Argument injection vulnerability in Apple QuickTime 7.2 for Windows XP SP2 and Vista allows remote a...
S
CVE-2007-4674 An "integer arithmetic" error in Apple QuickTime 7.2 allows remote attackers to execute arbitrary co...
S
CVE-2007-4675 Heap-based buffer overflow in the QuickTime VR extension 7.2.0.240 in QuickTime.qts in Apple QuickTi...
S
CVE-2007-4676 Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrar...
CVE-2007-4677 Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrar...
CVE-2007-4678 AppleRAID in Apple Mac OS X 10.3.9 and 10.4 through 10.4.10 allows attackers to cause a denial of se...
S
CVE-2007-4679 CFFTP in CFNetwork for Apple Mac OS X 10.4 through 10.4.10 allows remote FTP servers to force client...
CVE-2007-4680 CFNetwork in Apple Mac OS X 10.3.9 and 10.4 through 10.4.10 does not properly validate certificates,...
S
CVE-2007-4681 Buffer overflow in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4 through 10.4.10 allows local use...
CVE-2007-4682 CoreText in Apple Mac OS X 10.4 through 10.4.10 allows attackers to cause a denial of service (appli...
S
CVE-2007-4683 Directory traversal vulnerability in the kernel in Apple Mac OS X 10.4 through 10.4.10 allows local ...
S
CVE-2007-4684 Integer overflow in the kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute ...
CVE-2007-4685 The kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to gain privileges by executing...
S
CVE-2007-4686 Integer signedness error in the ttioctl function in bsd/kern/tty.c in the xnu kernel in Apple Mac OS...
S
CVE-2007-4687 The remote_cmds component in Apple Mac OS X 10.4 through 10.4.10 contains a symbolic link from the t...
S
CVE-2007-4688 The Networking component in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to obtain al...
S
CVE-2007-4689 Double free vulnerability in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows ...
S
CVE-2007-4690 Double free vulnerability in the NFS component in Apple Mac OS X 10.4 through 10.4.10 allows remote ...
S
CVE-2007-4691 The NSURL component in Apple Mac OS X 10.4 through 10.4.10 performs case-sensitive comparisons that ...
S
CVE-2007-4692 The tabbed browsing feature in Apple Safari 3 before Beta Update 3.0.4 on Windows, and Mac OS X 10.4...
S
CVE-2007-4693 The SecurityAgent component in Mac OS X 10.4 through 10.4.10 allows attackers with physical access t...
S
CVE-2007-4694 Safari in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to access local content via fi...
S
CVE-2007-4695 Unspecified "input validation" vulnerability in WebCore in Apple Mac OS X 10.4 through 10.4.10 allow...
S
CVE-2007-4696 Race condition in WebCore in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to obtain i...
S
CVE-2007-4697 Unspecified vulnerability in WebCore in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers ...
S
CVE-2007-4698 Apple Safari 3 before Beta Update 3.0.4 on Windows, and Mac OS X 10.4 through 10.4.10, allows remote...
S
CVE-2007-4699 The default configuration of Safari in Apple Mac OS X 10.4 through 10.4.10 adds a private key to the...
S
CVE-2007-4700 Unspecified vulnerability in WebKit on Apple Mac OS X 10.4 through 10.4.10 allows remote attackers t...
S
CVE-2007-4701 WebKit on Apple Mac OS X 10.4 through 10.4.10 does not create temporary files securely when Safari i...
S
CVE-2007-4702 The Application Firewall in Apple Mac OS X 10.5, when "Block all incoming connections" is enabled, d...
S
CVE-2007-4703 The Application Firewall in Apple Mac OS X 10.5 does not prevent a root process from accepting incom...
S
CVE-2007-4704 The Application Firewall in Apple Mac OS X 10.5 does not apply changed settings to processes that ar...
S
CVE-2007-4706 Heap-based buffer overflow in Apple QuickTime before 7.3.1 allows remote attackers to execute arbitr...
CVE-2007-4707 Multiple unspecified vulnerabilities in the Flash media handler in Apple QuickTime before 7.3.1 allo...
S
CVE-2007-4708 Format string vulnerability in Address Book in Apple Mac OS X 10.4.11 allows remote attackers to exe...
CVE-2007-4709 Directory traversal vulnerability in CFNetwork in Apple Mac OS X 10.5.1 allows remote attackers to o...
CVE-2007-4710 Unspecified vulnerability in ColorSync in Apple Mac OS X 10.4.11 allows remote attackers to cause a ...
CVE-2007-4711 Multiple cross-site scripting (XSS) vulnerabilities in Toms Gaestebuch 1.00 allow remote attackers t...
E S
CVE-2007-4712 PHP remote file inclusion vulnerability in index.php in eNetman 1 allows remote attackers to execute...
E
CVE-2007-4713 Multiple cross-site scripting (XSS) vulnerabilities in urchin.cgi in Urchin 5.6.00r2 allow remote at...
CVE-2007-4714 SQL injection vulnerability in error_view.php in Yvora 1.0 allows remote attackers to execute arbitr...
E
CVE-2007-4715 Multiple PHP remote file inclusion vulnerabilities in Weblogicnet allow remote attackers to execute ...
E
CVE-2007-4716 Multiple SQL injection vulnerabilities in PHD Help Desk before 1.31 allow remote attackers to execut...
S
CVE-2007-4717 Multiple cross-site scripting (XSS) vulnerabilities in Claroline before 1.8.6 allow remote authentic...
E S
CVE-2007-4718 Directory traversal vulnerability in inc/lib/language.lib.php in Claroline before 1.8.6 allows remot...
E S
CVE-2007-4719 SQL injection vulnerability in read.php in 212cafeBoard 6.30 Beta allows remote attackers to execute...
CVE-2007-4720 Unspecified vulnerability in the Shared Trace Service in Hitachi JP1/Cm2/Network Node Manager (NNM) ...
CVE-2007-4721 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6113. Reason: This candida...
R
CVE-2007-4722 Multiple stack-based buffer overflows in the Quantum Streaming Internet Explorer Player ActiveX cont...
E
CVE-2007-4723 Directory traversal vulnerability in Ragnarok Online Control Panel 4.3.4a, when the Apache HTTP Serv...
CVE-2007-4724 Cross-site request forgery (CSRF) vulnerability in cal2.jsp in the calendar examples application in ...
CVE-2007-4725 Stack consumption vulnerability in AkkyWareHOUSE 7-zip32.dll before 4.42.00.04, as derived from Igor...
CVE-2007-4726 Directory traversal vulnerability in Web Oddity 0.09b allows remote attackers to read arbitrary file...
E
CVE-2007-4727 Buffer overflow in the fcgi_env_add function in mod_proxy_backend_fastcgi.c in the mod_fastcgi exten...
CVE-2007-4730 Buffer overflow in the compNewPixmap function in compalloc.c in the Composite extension for the X.or...
S
CVE-2007-4731 Stack-based buffer overflow in the TMregChange function in TMReg.dll in Trend Micro ServerProtect be...
S
CVE-2007-4732 Unspecified vulnerability in the strfreectty function in the Special File System (SPECFS) in Sun Sol...
S
CVE-2007-4733 The Aztech DSL600EU router, when WAN access to the web interface is disabled, does not properly bloc...
CVE-2007-4734 Buffer overflow in Ots Labs OTSTurntables 1.00 allows user-assisted remote attackers to execute arbi...
E
CVE-2007-4735 Buffer overflow in Next Generation Software Virtual DJ (VDJ) 5.0 allows user-assisted remote attacke...
E
CVE-2007-4736 SQL injection vulnerability in category.php in CartKeeper CKGold Shopping Cart 2.0 allows remote att...
E
CVE-2007-4737 Multiple PHP remote file inclusion vulnerabilities in SpeedTech PHP Library (STPHPLibrary) 0.8.0 all...
E
CVE-2007-4738 Multiple PHP remote file inclusion vulnerabilities in SpeedTech PHP Library (STPHPLibrary) 0.8.0 all...
CVE-2007-4739 reprepro 1.3.0 through 2.2.3 does not properly verify signatures when updating repositories, which a...
S
CVE-2007-4740 The HPRevolutionRegistryManager ActiveX control in Hp.Revolution.RegistryManager.dll 1 in Telecom It...
E
CVE-2007-4741 Cross-site scripting (XSS) vulnerability in admin/adminusers.php in Claroline before 1.8.6 allows re...
S
CVE-2007-4742 Claroline before 1.8.6 allows remote authenticated administrators to obtain sensitive information vi...
CVE-2007-4743 The original patch for CVE-2007-3999 in svc_auth_gss.c in the RPCSEC_GSS RPC library in MIT Kerberos...
S
CVE-2007-4744 PHP remote file inclusion vulnerability in environment.php in AnyInventory 1.9.1 and 2.0, when regis...
E
CVE-2007-4745 Multiple cross-site scripting (XSS) vulnerabilities in the AkoBook 3.42 and earlier component (com_a...
CVE-2007-4746 The Cisco Video Surveillance IP Gateway Encoder/Decoder (Standalone and Module) firmware 1.8.1 and e...
CVE-2007-4747 The telnet service in Cisco Video Surveillance IP Gateway Encoder/Decoder (Standalone and Module) fi...
CVE-2007-4748 Buffer overflow in the PowerPlayer.dll ActiveX control in PPStream 2.0.1.3829 allows remote attacker...
E
CVE-2007-4749 The cmdjob utility in Autodesk Backburner 3.0.2 allows remote attackers to execute arbitrary command...
CVE-2007-4750 Unspecified vulnerability in RemoteDocs R-Viewer before 1.6.3768 allows user-assisted remote attacke...
CVE-2007-4751 RemoteDocs R-Viewer before 1.6.3768 stores encrypted RDZ file data in unencrypted temporary files, w...
CVE-2007-4752 ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and us...
S
CVE-2007-4753 The Thomson ST 2030 SIP phone with software 1.52.1 allows remote attackers to cause a denial of serv...
CVE-2007-4754 Format string vulnerability in the safe_bprintf function in acesrc/acebot_cmds.c in Alien Arena 2007...
E
CVE-2007-4755 Alien Arena 2007 6.10 and earlier allows remote attackers to cause a denial of service (client disco...
E
CVE-2007-4756 Directory traversal vulnerability in the FTP client in Total Commander before 7.02 allows remote FTP...
E S
CVE-2007-4757 PHP remote file inclusion vulnerability in menu.php in phpMytourney allows remote attackers to execu...
E
CVE-2007-4758 Multiple buffer overflows in the image-processing APIs in Cosminexus Developer's Kit for Java in Cos...
CVE-2007-4759 Multiple unspecified vulnerabilities in the image-processing APIs in Cosminexus Developer's Kit for ...
CVE-2007-4760 The javadoc tool in Cosminexus Developer's Kit for Java in Cosminexus 7 and 7.5 can generate HTML do...
S
CVE-2007-4761 Unrestricted file upload vulnerability in upload.php in Barbo91 1.1 allows remote attackers to uploa...
CVE-2007-4762 Multiple SQL injection vulnerabilities in embadmin/login.asp in E-SMARTCART 1.0 allow remote attacke...
E
CVE-2007-4763 PHP remote file inclusion vulnerability in dbmodules/DB_adodb.class.php in PHP Object Framework (PHP...
E
CVE-2007-4764 Directory traversal vulnerability in pawfaliki.php in Pawfaliki 0.5.1 allows remote attackers to lis...
CVE-2007-4766 Multiple integer overflows in Perl-Compatible Regular Expression (PCRE) library before 7.3 allow con...
S
CVE-2007-4767 Perl-Compatible Regular Expression (PCRE) library before 7.3 does not properly compute the length of...
CVE-2007-4768 Heap-based buffer overflow in Perl-Compatible Regular Expression (PCRE) library before 7.3 allows co...
CVE-2007-4769 The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 befo...
S
CVE-2007-4770 libicu in International Components for Unicode (ICU) 3.8.1 and earlier attempts to process backrefer...
S
CVE-2007-4771 Heap-based buffer overflow in the doInterval function in regexcmp.cpp in libicu in International Com...
S
CVE-2007-4772 The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 befo...
E S
CVE-2007-4773 Systrace before 1.6.0 has insufficient escape policy enforcement....
CVE-2007-4774 The Linux kernel before 2.4.36-rc1 has a race condition. It was possible to bypass systrace policies...
CVE-2007-4776 Buffer overflow in Microsoft Visual Basic 6.0 and Enterprise Edition 6.0 SP6 allows user-assisted re...
E
CVE-2007-4777 SQL injection vulnerability in Joomla! 1.5 before RC2 (aka Endeleo) allows remote attackers to execu...
E S
CVE-2007-4778 Multiple SQL injection vulnerabilities in the content component (com_content) in Joomla! 1.5 Beta1, ...
S
CVE-2007-4779 Cross-site scripting (XSS) vulnerability in Joomla! 1.5 before RC2 (aka Endeleo) allows remote attac...
E S
CVE-2007-4780 Joomla! 1.5 before RC2 (aka Endeleo) allows remote attackers to obtain sensitive information (the fu...
E S
CVE-2007-4781 administrator/index.php in the installer component (com_installer) in Joomla! 1.5 Beta1, Beta2, and ...
E S
CVE-2007-4782 PHP before 5.2.3 allows context-dependent attackers to cause a denial of service (application crash)...
E
CVE-2007-4783 The iconv_substr function in PHP 5.2.4 and earlier allows context-dependent attackers to cause (1) a...
CVE-2007-4784 The setlocale function in PHP before 5.2.4 allows context-dependent attackers to cause a denial of s...
CVE-2007-4785 Sony Micro Vault Fingerprint Access Software, as distributed with Sony Micro Vault USM-F USB flash d...
CVE-2007-4786 Cisco Adaptive Security Appliance (ASA) running PIX 7.0 before 7.0.7.1, 7.1 before 7.1.2.61, 7.2 bef...
CVE-2007-4787 The virus detection engine in Sophos Anti-Virus before 2.49.0 does not properly process malformed (1...
S
CVE-2007-4788 Cisco Content Switching Modules (CSM) 4.2 before 4.2.3a, and Cisco Content Switching Module with SSL...
S
CVE-2007-4789 Cisco Content Switching Modules (CSM) 4.2 before 4.2.7, and Cisco Content Switching Module with SSL ...
S
CVE-2007-4790 Stack-based buffer overflow in certain ActiveX controls in (1) FPOLE.OCX 6.0.8450.0 and (2) Foxtlib....
E
CVE-2007-4791 Buffer overflow in the swcons command in bos.rte.console in IBM AIX 5.2 and 5.3 allows local users t...
S
CVE-2007-4792 Buffer overflow in ibstat in devices.common.IBM.ib.rte in IBM AIX 5.3 allows local users to gain pri...
S
CVE-2007-4793 Buffer overflow in xlplm in plm.server.rte in IBM AIX 5.2 and 5.3 allows local users to gain privile...
S
CVE-2007-4794 Buffer overflow in fcstat in devices.common.IBM.fc.rte in IBM AIX 5.2 and 5.3 allows local users to ...
S
CVE-2007-4795 Buffer overflow in mkpath in bos.rte.methods in IBM AIX 5.2 and 5.3 allows local users to gain privi...
S
CVE-2007-4796 Buffer overflow in uucp in bos.net.uucp in IBM AIX 5.2 and 5.3 allows local users to gain privileges...
S
CVE-2007-4797 Multiple buffer overflows in unspecified svprint (System V print) commands in bos.svprint.rte in IBM...
S
CVE-2007-4798 Unspecified vulnerability in invscout in Inventory Scout in invscout.rte in IBM AIX 5.2 and 5.3 allo...
S
CVE-2007-4799 The perfstat kernel extension in bos.perf.perfstat in AIX 5.3 does not verify privileges when proces...
S
CVE-2007-4802 Multiple heap-based buffer overflows in GlobalLink 2.7.0.8 allow remote attackers to execute arbitra...
E
CVE-2007-4803 Buffer overflow in AtomixMP3 2.3 allows user-assisted remote attackers to execute arbitrary code via...
E
CVE-2007-4804 Multiple SQL injection vulnerabilities in AuraCMS 1.5rc allow remote attackers to execute arbitrary ...
E
CVE-2007-4805 Directory traversal vulnerability in getgalldata.php in fuzzylime (cms) 3.0 and earlier allows remot...
E
CVE-2007-4806 PHP remote file inclusion vulnerability in modules/Discipline/CategoryBreakdownTime.php in Focus/SIS...
E
CVE-2007-4807 Multiple PHP remote file inclusion vulnerabilities in Focus/SIS 2.2 allow remote attackers to execut...
E
CVE-2007-4808 Multiple SQL injection vulnerabilities in TLM CMS 3.2 allow remote attackers to execute arbitrary SQ...
E
CVE-2007-4809 Multiple PHP remote file inclusion vulnerabilities in Online Fantasy Football League (OFFL) 0.2.6 al...
E
CVE-2007-4810 Multiple SQL injection vulnerabilities in Netjuke 1.0-rc2 allow remote attackers to execute arbitrar...
CVE-2007-4811 Multiple cross-site scripting (XSS) vulnerabilities in Netjuke 1.0-rc2 allow remote attackers to inj...
E
CVE-2007-4812 Buffer overflow in Apple Safari 3.0.3 522.15.5, and other versions before Beta Update 3.0.4, allows ...
CVE-2007-4813 Cross-site scripting (XSS) vulnerability in Domino Blogsphere 3.01 Beta 7 allows remote attackers to...
CVE-2007-4814 Buffer overflow in the SQLServer ActiveX control in the Distributed Management Objects OLE DLL (sqld...
E
CVE-2007-4815 Multiple PHP remote file inclusion vulnerabilities in WebED in Markus Iser ED Engine 0.8999 alpha al...
E
CVE-2007-4816 Multiple buffer overflows in the BaoFeng2 storm ActiveX control in Mps.dll allow remote attackers to...
E
CVE-2007-4817 Unrestricted file upload vulnerability in the Restaurante (com_restaurante) component for Joomla! al...
E
CVE-2007-4818 Multiple PHP remote file inclusion vulnerabilities in Txx CMS 0.2 allow remote attackers to execute ...
E
CVE-2007-4819 Multiple cross-site scripting (XSS) vulnerabilities in Txx CMS 0.2 allow remote attackers to inject ...
E
CVE-2007-4820 Absolute path traversal vulnerability in blanko.preview.php in Sisfo Kampus 2006 allows remote attac...
E
CVE-2007-4821 Buffer overflow in a certain ActiveX control in officeviewer.ocx 5.2.218.1 in EDraw Office Viewer Co...
E
CVE-2007-4822 Cross-site request forgery (CSRF) vulnerability in the device management interface in Buffalo AirSta...
E
CVE-2007-4823 Multiple buffer overflows in Google Picasa have unspecified attack vectors and impact. NOTE: this i...
CVE-2007-4824 Multiple cross-application scripting (XAS) vulnerabilities in Google Picasa have unspecified attack ...
CVE-2007-4825 Directory traversal vulnerability in PHP 5.2.4 and earlier allows attackers to bypass open_basedir r...
CVE-2007-4826 bgpd in Quagga before 0.99.9 allows explicitly configured BGP peers to cause a denial of service (cr...
S
CVE-2007-4827 Unspecified vulnerability in the Modbus/TCP Diagnostic function in MiniHMI.exe for the Automated Sol...
S
CVE-2007-4828 Cross-site scripting (XSS) vulnerability in the API pretty-printing mode in MediaWiki 1.8.0 through ...
S
CVE-2007-4829 Directory traversal vulnerability in the Archive::Tar Perl module 1.36 and earlier allows user-assis...
CVE-2007-4830 Cross-site scripting (XSS) vulnerability in CMD_BANDWIDTH_BREAKDOWN in DirectAdmin 1.30.2 and earlie...
CVE-2007-4831 Multiple cross-site scripting (XSS) vulnerabilities in account_settings.php in TorrentTrader 1.07 al...
CVE-2007-4832 Format string vulnerability in CellFactor Revolution 1.03 and earlier allows remote attackers to exe...
E
CVE-2007-4833 Unspecified vulnerability in the Edge Component in IBM WebSphere Application Server (WAS) 6.1 before...
S
CVE-2007-4834 Multiple PHP remote file inclusion vulnerabilities in phpRealty 0.02 allow remote attackers to execu...
E
CVE-2007-4835 SQL injection vulnerability in index.php in phpMyQuote 0.20 allows remote attackers to execute arbit...
CVE-2007-4836 Cross-site scripting (XSS) vulnerability in index.php in phpMyQuote 0.20 allows remote attackers to ...
CVE-2007-4837 SQL injection vulnerability in anket.asp in Proxy Anket 3.0.1 allows remote attackers to execute arb...
CVE-2007-4838 Multiple buffer overflows in CellFactor Revolution 1.03 and earlier allow remote attackers to execut...
E
CVE-2007-4839 Unspecified vulnerability in the PD tools component in IBM WebSphere Application Server (WAS) 6.1 be...
S
CVE-2007-4840 PHP 5.2.4 and earlier allows context-dependent attackers to cause a denial of service (application c...
CVE-2007-4841 Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote...
CVE-2007-4842 Directory traversal vulnerability in Enriva Development Magellan Explorer 3.32 build 2305 and earlie...
CVE-2007-4843 Directory traversal vulnerability in X-Diesel Unreal Commander 0.92 build 565 and 573 allows remote ...
E
CVE-2007-4844 X-Diesel Unreal Commander 0.92 build 565 and 573 does not properly react to an FTP server's behavior...
E
CVE-2007-4845 Multiple SQL injection vulnerabilities in UPLOAD/index.php in RW::Download 2.0.3 lite allow remote a...
E
CVE-2007-4846 SQL injection vulnerability in start.php in Webace-Linkscript (wls) 1.3 Special Edition (SE) allows ...
E
CVE-2007-4847 Google Picasa allows remote attackers to read image files stored by Picasa via unspecified vectors i...
CVE-2007-4848 Microsoft Internet Explorer 4.0 through 7 allows remote attackers to determine the existence of loca...
E
CVE-2007-4849 JFFS2, as used on One Laptop Per Child (OLPC) build 542 and possibly other Linux systems, when POSIX...
CVE-2007-4850 curl/interface.c in the cURL library (aka libcurl) in PHP 5.2.4 and 5.2.5 allows context-dependent a...
E
CVE-2007-4851 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-5137. Reason: This candida...
R
CVE-2007-4861 SAXON 5.4, with display_errors enabled, allows remote attackers to obtain sensitive information via ...
CVE-2007-4862 Cross-site scripting (XSS) vulnerability in admin/menu.php in SAXON 5.4 allows remote attackers to i...
E S
CVE-2007-4863 SQL injection vulnerability in example.php in SAXON 5.4 allows remote attackers to execute arbitrary...
E S
CVE-2007-4872 SimpNews 2.41.03 allows remote attackers to obtain sensitive information via (1) an invalid lang par...
CVE-2007-4873 SimpNews 2.41.03 stores sensitive information under the web root with insufficient access control, w...
CVE-2007-4874 Multiple cross-site scripting (XSS) vulnerabilities in SimpNews 2.41.03 allow remote attackers to in...
CVE-2007-4879 Mozilla Firefox before Firefox 2.0.0.13, and SeaMonkey before 1.1.9, can automatically install TLS c...
CVE-2007-4880 Buffer overflow in the Client Acceptor Daemon (CAD), dsmcad.exe, in certain IBM Tivoli Storage Manag...
S
CVE-2007-4881 SQL injection vulnerability in profile/myprofile.php in psi-labs.com social networking script (psisn...
CVE-2007-4882 Multiple cross-site scripting (XSS) vulnerabilities in TechExcel CustomerWise (formerly TechExcel CR...
CVE-2007-4883 Cross-site scripting (XSS) vulnerability in the BotQuery extension in MediaWiki 1.7.x and earlier be...
S
CVE-2007-4884 Media Player Classic (MPC) allows user-assisted remote attackers to cause a denial of service (appli...
CVE-2007-4885 Avnex AV MP3 Player allows user-assisted remote attackers to cause a denial of service (application ...
CVE-2007-4886 Incomplete blacklist vulnerability in index.php in AuraCMS 1.x and probably 2.x allows remote attack...
E
CVE-2007-4887 The dl function in PHP 5.2.4 and earlier allows context-dependent attackers to cause a denial of ser...
CVE-2007-4888 The "You are not allowed..." error handler in XWiki 1.0 B1 and 1.0 B2 associates the doc variable wi...
CVE-2007-4889 The MySQL extension in PHP 5.2.4 and earlier allows remote attackers to bypass safe_mode and open_ba...
CVE-2007-4890 Absolute directory traversal vulnerability in a certain ActiveX control in the VB To VSI Support Lib...
E
CVE-2007-4891 A certain ActiveX control in PDWizard.ocx 6.0.0.9782 and earlier in Microsoft Visual Studio 6.0 expo...
E
CVE-2007-4892 Multiple SQL injection vulnerabilities in SWSoft Plesk 7.6.1, 8.1.0, 8.1.1, and 8.2.0 for Windows al...
E S
CVE-2007-4893 wp-admin/admin-functions.php in Wordpress before 2.2.3 and Wordpress multi-user (MU) before 1.2.5a d...
CVE-2007-4894 Multiple SQL injection vulnerabilities in Wordpress before 2.2.3 and Wordpress multi-user (MU) befor...
S
CVE-2007-4895 Directory traversal vulnerability in dwoprn.php in Sisfo Kampus 2006 (Semarang 3) allows remote atta...
E
CVE-2007-4896 Multiple cross-site scripting (XSS) vulnerabilities in admin/header.php in Toms Gaestebuch 1.01 and ...
E
CVE-2007-4897 pwlib, as used by Ekiga 2.0.5 and possibly other products, allows remote attackers to cause a denial...
CVE-2007-4898 Unspecified vulnerability in the Multiwiki plugin in XWiki before 1.1 Enterprise RC2 allows remote a...
S
CVE-2007-4899 Multiple cross-site scripting (XSS) vulnerabilities in Boinc Forum 5.10.20 and earlier allow remote ...
CVE-2007-4900 Cross-site scripting (XSS) vulnerability in the logon page in RSA EnVision 3.3.6 Build 0115 allows r...
CVE-2007-4901 The embedded Internet Explorer server control in AOL Instant Messenger (AIM) 6.1.41.2 and 6.2.32.1, ...
CVE-2007-4902 Absolute path traversal vulnerability in a certain ActiveX control in CryptoX.dll 2.0 and earlier in...
E
CVE-2007-4903 Multiple buffer overflows in a certain ActiveX control in CryptoX.dll 2.0 and earlier in the Ultra C...
E
CVE-2007-4904 RealNetworks RealPlayer 10.1.0.3114 and earlier, and Helix Player 1.0.6.778 on Fedora Core 6 (FC6) a...
E
CVE-2007-4905 Unrestricted file upload vulnerability in mod/contak.php in AuraCMS 2.1 allows remote attackers to u...
E
CVE-2007-4906 PHP remote file inclusion vulnerability in tasks/send_queued_emails.php in NuclearBB Alpha 2, when r...
E
CVE-2007-4907 Multiple PHP remote file inclusion vulnerabilities in X-Cart allow remote attackers to execute arbit...
E
CVE-2007-4908 Directory traversal vulnerability in index.php in AuraCMS 2.1 and earlier allows remote attackers to...
E
CVE-2007-4909 Interpretation conflict in WinSCP before 4.0.4 allows remote attackers to perform arbitrary file tra...
S
CVE-2007-4910 Unspecified vulnerability in netInvoicing before 2.7.3 has unknown impact and attack vectors, relate...
CVE-2007-4911 JSMP3OGGWt.dll in JetCast Server 2.0.0.4308 allows remote attackers to cause a denial of service (da...
E
CVE-2007-4912 Cross-site scripting (XSS) vulnerability in ips_kernel/class_ajax.php in Invision Power Board (IPB o...
S
CVE-2007-4913 ips_kernel/class_upload.php in Invision Power Board (IPB or IP.Board) 2.3.1 up to 20070912 allows re...
S
CVE-2007-4914 Unspecified vulnerability in the subscriptions manager in Invision Power Board (IPB or IP.Board) 2.3...
S
CVE-2007-4915 The Intersil isl3893 extensions for Boa 0.93.15, as used on the FreeLan RO80211G-AP and other device...
E
CVE-2007-4916 Heap-based buffer overflow in the FileFind::FindFile method in (1) MFC42.dll, (2) MFC42u.dll, (3) MF...
CVE-2007-4917 Cross-site scripting (XSS) vulnerability in tracking.php in PHP-Stats 0.1.9.2 allows remote attacker...
E
CVE-2007-4918 SQL injection vulnerability in classes/gelato.class.php in Gelato allows remote attackers to execute...
E
CVE-2007-4919 Multiple SQL injection vulnerabilities in JBlog 1.0 allow (1) remote attackers to execute arbitrary ...
E
CVE-2007-4920 SQL injection vulnerability in soporte_derecha_w.php in PHP Webquest 2.5 and earlier allows remote a...
E
CVE-2007-4921 PHP remote file inclusion vulnerability in _includes/settings.inc.php in Ajax File Browser 3 Beta al...
E
CVE-2007-4922 SQL injection vulnerability in play.php in the jeuxflash 1.0 module for KwsPHP allows remote authent...
E
CVE-2007-4923 PHP remote file inclusion vulnerability in admin.joomlaradiov5.php in the Joomla Radio 5 (com_joomla...
E
CVE-2007-4924 The Open Phone Abstraction Library (opal), as used by (1) Ekiga before 2.0.10 and (2) OpenH323 befor...
E S
CVE-2007-4925 The ewirePC_Decrypt function in ewirepcfunctions.php in eWire Payment Client (ePC) 1.60 and 1.70 all...
CVE-2007-4926 The AXIS 207W camera uses a base64-encoded cleartext username and password for authentication, which...
CVE-2007-4927 axis-cgi/buffer/command.cgi on the AXIS 207W camera allows remote authenticated users to cause a den...
E
CVE-2007-4928 The AXIS 207W camera stores a WEP or WPA key in cleartext in the configuration file, which might all...
CVE-2007-4929 Multiple cross-site scripting (XSS) vulnerabilities in the AXIS 207W camera allow remote attackers t...
E
CVE-2007-4930 Multiple cross-site request forgery (CSRF) vulnerabilities in the AXIS 207W camera allow remote atta...
E
CVE-2007-4931 HP System Management Homepage (SMH) for Windows, when used in conjunction with HP Version Control Ag...
CVE-2007-4932 admin.php in Shop-Script FREE 2.0 and earlier sends a redirect to the web browser but does not exit ...
E
CVE-2007-4933 Direct static code injection vulnerability in includes/admin/sub/conf_appearence.php in Shop-Script ...
E
CVE-2007-4934 Multiple PHP remote file inclusion vulnerabilities in phpFFL 1.24 allow remote attackers to execute ...
E S
CVE-2007-4935 Multiple PHP remote file inclusion vulnerabilities in phpFFL 1.24 allow remote attackers to execute ...
CVE-2007-4936 Unspecified vulnerability in Office Efficiencies SafeSquid 4.1.x has unknown impact and attack vecto...
S
CVE-2007-4937 CS Guestbook stores sensitive information under the web root with insufficient access control, which...
E
CVE-2007-4938 Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote att...
E
CVE-2007-4939 Heap-based buffer overflow in mplayerc.exe in Media Player Classic (MPC) 6.4.9.0 and earlier, as use...
E
CVE-2007-4940 Multiple integer overflows in Media Player Classic (MPC) 6.4.9.0 and earlier, as used standalone and...
E
CVE-2007-4941 KMPlayer 2.9.3.1210 and earlier allows remote attackers to cause a denial of service (CPU consumptio...
E
CVE-2007-4942 PHP remote file inclusion vulnerability in modules/Discipline/StudentFieldBreakdown.php in Focus/SIS...
CVE-2007-4943 Multiple buffer overflows in a certain ActiveX control in sparser.dll in Baofeng Storm 2.8 and earli...
CVE-2007-4944 The canvas.createPattern function in Opera 9.x before 9.22 for Linux, FreeBSD, and Solaris does not ...
CVE-2007-4945 Multiple cross-site scripting (XSS) vulnerabilities in LetterGrade allow remote attackers to inject ...
CVE-2007-4946 LetterGrade allows remote attackers to obtain sensitive information (installation path or account ex...
CVE-2007-4947 Multiple PHP remote file inclusion vulnerabilities in myphpPagetool 0.4.3 allow remote attackers to ...
E
CVE-2007-4948 Multiple PHP remote file inclusion vulnerabilities in Webmedia Explorer (webmex) 3.2.2 allow remote ...
CVE-2007-4949 Multiple PHP remote file inclusion vulnerabilities in php(Reactor) 1.2.7pl1 allow remote attackers t...
E
CVE-2007-4950 PHP remote file inclusion vulnerability in form/db_form/employee.php in PHPortal 0.2.7 allows remote...
CVE-2007-4951 PHP remote file inclusion vulnerability in sample.php in YaPiG 0.95b allows remote attackers to exec...
E
CVE-2007-4952 SQL injection vulnerability in article.php in OmniStar Article Manager allows remote attackers to ex...
E
CVE-2007-4953 SQL injection vulnerability in index.php in SimpCMS allows remote attackers to execute arbitrary SQL...
E
CVE-2007-4954 PHP remote file inclusion vulnerability in admin.joom12pic.php in the joom12Pic (com_joom12pic) 1.0 ...
E
CVE-2007-4955 PHP remote file inclusion vulnerability in admin.joomlaflashfun.php in the Flash Fun! (com_joomlafla...
E
CVE-2007-4956 Multiple SQL injection vulnerabilities in KwsPHP 1.0 allow remote attackers to execute arbitrary SQL...
E
CVE-2007-4957 Multiple directory traversal vulnerabilities in download.php in Chupix CMS 0.2.3 allow remote attack...
E
CVE-2007-4958 Multiple cross-site scripting (XSS) vulnerabilities in TinyWebGallery (TWG) 1.6.3.4 allow remote att...
CVE-2007-4959 Cross-site scripting (XSS) vulnerability in catalog_products_with_images.php in osCMax 2.0.0-RC3-0-1...
CVE-2007-4960 Argument injection vulnerability in the Linden Lab Second Life secondlife:// protocol handler, as us...
CVE-2007-4961 The login_to_simulator method in Linden Lab Second Life, as used by the secondlife:// protocol handl...
E
CVE-2007-4962 Directory traversal vulnerability in WinImage 8.10 and earlier allows user-assisted remote attackers...
E
CVE-2007-4963 Visual truncation vulnerability in WinImage 8.10 and earlier allows remote attackers to spoof a dest...
CVE-2007-4964 WinImage 8.10 and earlier allows remote attackers to cause a denial of service (infinite loop) via a...
E
CVE-2007-4965 Multiple integer overflows in the imageop module in Python 2.5.1 and earlier allow context-dependent...
E
CVE-2007-4966 SQL injection vulnerability in www/people/editprofile.php in GForge 4.6b2 and earlier allows remote ...
E
CVE-2007-4967 Online Armor Personal Firewall 2.0.1.215 does not properly validate certain parameters to System Ser...
CVE-2007-4968 Privatefirewall 5.0.14.2 does not properly validate certain parameters to System Service Descriptor ...
CVE-2007-4969 Process Monitor 1.22 does not properly validate certain parameters to System Service Descriptor Tabl...
CVE-2007-4970 ProcessGuard 3.410 does not properly validate certain parameters to System Service Descriptor Table ...
CVE-2007-4971 ProSecurity 1.40 Beta 2 does not properly validate certain parameters to System Service Descriptor T...
CVE-2007-4972 RegMon 7.04 does not properly validate certain parameters to System Service Descriptor Table (SSDT) ...
CVE-2007-4974 Heap-based buffer overflow in the flac_buffer_copy function in libsndfile 1.0.17 and earlier might a...
CVE-2007-4975 Cross-site scripting (XSS) vulnerability in hilfe.php in b1gMail 6.3.1 allows remote attackers to in...
E
CVE-2007-4976 Directory traversal vulnerability in viewlog.php in Coppermine Photo Gallery (CPG) 1.4.12 and earlie...
S
CVE-2007-4977 Cross-site scripting (XSS) vulnerability in mode.php in Coppermine Photo Gallery (CPG) 1.4.12 and ea...
E S
CVE-2007-4978 Multiple PHP remote file inclusion vulnerabilities in phpSyncML 0.1.2 and earlier allow remote attac...
E
CVE-2007-4979 SQL injection vulnerability in index.php in the sondages module in KwsPHP 1.0 allows remote attacker...
E
CVE-2007-4980 The readRequest method in org/gcaldaemon/core/http/HTTPListener.java in GCALDaemon 1.0-beta13 allows...
CVE-2007-4981 Cross-site scripting (XSS) vulnerability in the save function in Obedit 3.03 allows user-assisted re...
CVE-2007-4982 Multiple absolute path traversal vulnerabilities in the MW6QRCode.QRCode.1 ActiveX control in MW6QRC...
E
CVE-2007-4983 Directory traversal vulnerability in the JetAudio.Interface.1 ActiveX control in JetFlExt.dll in jet...
E
CVE-2007-4984 SQL injection vulnerability in index.php in the Ktauber.com StylesDemo mod for phpBB 2.0.xx allows r...
E
CVE-2007-4985 ImageMagick before 6.3.5-9 allows context-dependent attackers to cause a denial of service via a cra...
S
CVE-2007-4986 Multiple integer overflows in ImageMagick before 6.3.5-9 allow context-dependent attackers to execut...
S
CVE-2007-4987 Off-by-one error in the ReadBlobString function in blob.c in ImageMagick before 6.3.5-9 allows conte...
E S
CVE-2007-4988 Sign extension error in the ReadDIBImage function in ImageMagick before 6.3.5-9 allows context-depen...
E S
CVE-2007-4989 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-4568. Reason: This candida...
R
CVE-2007-4990 The swap_char2b function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attacker...
CVE-2007-4991 The SOCKS4 Proxy in Microsoft Internet Security and Acceleration (ISA) Server 2004 SP1 and SP2 allow...
S
CVE-2007-4992 Stack-based buffer overflow in the process_packet function in fbserver.exe in Firebird SQL 2.0.2 all...
CVE-2007-4993 pygrub (tools/pygrub/src/GrubConf.py) in Xen 3.0.3, when booting a guest domain, allows local users ...
CVE-2007-4994 Certificate Server 7.2 in Red Hat Certificate System (RHCS) does not properly handle new revocations...
CVE-2007-4995 Off-by-one error in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8f allows remote attackers t...
S
CVE-2007-4996 libpurple in Pidgin before 2.2.1 does not properly handle MSN nudge messages from users who are not ...
S
CVE-2007-4997 Integer underflow in the ieee80211_rx function in net/ieee80211/ieee80211_rx.c in the Linux kernel 2...
S
CVE-2007-4998 cp, when running with an option to preserve symlinks on multiple OSes, allows local, user-assisted a...
CVE-2007-4999 libpurple in Pidgin 2.1.0 through 2.2.1, when using HTML logging, allows remote attackers to cause a...
S
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.