CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
14601 CVE-2007-1701 502 Exec Code 2007-03-26 2018-10-19
6.8
User Remote Medium Not required Partial Partial Partial
PHP 4 before 4.4.5, and PHP 5 before 5.2.1, when register_globals is enabled, allows context-dependent attackers to execute arbitrary code via deserialization of session data, which overwrites arbitrary global variables, as demonstrated by calling session_decode on a string beginning with "_SESSION|s:39:".
14602 CVE-2007-1691 Exec Code Overflow 2007-04-19 2017-07-28
6.8
User Remote Medium Not required Partial Partial Partial
Stack-based buffer overflow in Second Sight Software ActiveMod ActiveX control (ActiveMod.ocx) allows remote attackers to execute arbitrary code via unspecified vectors.
14603 CVE-2007-1690 Exec Code Overflow 2007-04-19 2017-07-28
6.8
User Remote Medium Not required Partial Partial Partial
Multiple stack-based buffer overflows in Second Sight Software ActiveGS ActiveX control (ActiveGS.ocx) allow remote attackers to execute arbitrary code via unspecified vectors.
14604 CVE-2007-1683 Exec Code Overflow 2007-04-26 2017-07-28
6.8
User Remote Medium Not required Partial Partial Partial
Stack-based buffer overflow in the DoWebMenuAction function in the IncrediMail IMMenuShellExt ActiveX control (ImShExt.dll) allows remote attackers to execute arbitrary code via unspecified vectors.
14605 CVE-2007-1677 Exec Code Overflow 2007-03-29 2017-07-28
6.6
Admin Local Medium Single system Complete Complete Complete
Multiple buffer overflows in the ISO network protocol support in the NetBSD kernel 2.0 through 4.0_BETA2, and NetBSD-current before 20070329, allow local users to execute arbitrary code via long parameters to certain functions, as demonstrated by a long sockaddr structure argument to the clnp_route function.
14606 CVE-2007-1661 DoS +Info 2007-11-07 2018-10-16
6.4
None Remote Low Not required Partial None Partial
Perl-Compatible Regular Expression (PCRE) library before 7.3 backtracks too far when matching certain input bytes against some regex patterns in non-UTF-8 mode, which allows context-dependent attackers to obtain sensitive information or cause a denial of service (crash), as demonstrated by the "\X?\d" and "\P{L}?\d" patterns.
14607 CVE-2007-1660 119 DoS Exec Code Overflow 2007-11-07 2018-10-16
6.8
User Remote Medium Not required Partial Partial Partial
Perl-Compatible Regular Expression (PCRE) library before 7.0 does not properly calculate sizes for unspecified "multiple forms of character class", which triggers a buffer overflow that allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code.
14608 CVE-2007-1659 119 DoS Exec Code Overflow 2007-11-07 2018-10-16
6.8
User Remote Medium Not required Partial Partial Partial
Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via regex patterns containing unmatched "\Q\E" sequences with orphan "\E" codes.
14609 CVE-2007-1651 CSRF 2007-03-23 2008-11-13
6.8
User Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in OpenID allows remote attackers to restore the login session of a user on an OpenID enabled site via unspecified vectors related to an arbitrary remote web site and cached tokens, after the user has signed into an OpenID server, logged into the OpenID enabled site, and then logged out of the OpenID enabled site.
14610 CVE-2007-1638 CSRF 2007-03-23 2018-10-16
6.8
User Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in the check_csrftoken function in lib/lib.inc.php in PHProjekt 5.2.0, when magic_quotes_gpc is disabled, allow remote attackers to perform unauthorized actions as an arbitrary user via the (1) Projects, (2) Contacts, (3) Helpdesk, (4) Notes, (5) Search, (6) Mail, or (7) Filemanager module; the (9) summary page; or unspecified other files.
14611 CVE-2007-1599 +Info 2007-03-22 2018-10-16
6.5
None Remote Low Single system Partial Partial Partial
wp-login.php in WordPress allows remote attackers to redirect authenticated users to other websites and potentially obtain sensitive information via the redirect_to parameter.
14612 CVE-2007-1598 Exec Code Overflow 2007-03-22 2017-07-28
6.8
User Remote Medium Not required Partial Partial Partial
Stack-based buffer overflow in InterVations FileCOPA FTP Server 1.01 allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by filecopa.tar by Immunity. NOTE: some of these details are obtained from third party information. NOTE: As of 20070322, this disclosure has no actionable information. However, since it is from a reliable researcher, it is being assigned a CVE identifier for tracking purposes.
14613 CVE-2007-1584 Exec Code Bypass 2007-03-21 2017-10-10
6.8
User Remote Medium Not required Partial Partial Partial
Buffer underflow in the header function in PHP 5.2.0 allows context-dependent attackers to execute arbitrary code by passing an all-whitespace string to this function, which causes it to write '\0' characters in whitespace that precedes the string.
14614 CVE-2007-1583 2007-03-21 2018-10-30
6.8
User Remote Medium Not required Partial Partial Partial
The mb_parse_str function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 sets the internal register_globals flag and does not disable it in certain cases when a script terminates, which allows remote attackers to invoke available PHP scripts with register_globals functionality that is not detectable by these scripts, as demonstrated by forcing a memory_limit violation.
14615 CVE-2007-1582 Exec Code 2007-03-21 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
The resource system in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows context-dependent attackers to execute arbitrary code by interrupting certain functions in the GD (ext/gd) extension and unspecified other extensions via a userspace error handler, which can be used to destroy and modify internal resources.
14616 CVE-2007-1580 119 DoS Overflow 2007-03-21 2017-10-10
6.3
None Remote Medium Single system None None Complete
FTPDMIN 0.96 allows remote attackers to cause a denial of service (daemon crash) via a LIST command for a Windows drive letter, as demonstrated using "//A:". NOTE: this has been reported as a buffer overflow by some sources, but there is not a long argument.
14617 CVE-2007-1573 89 Exec Code Sql 2007-03-21 2018-10-16
6.0
User Remote Medium Single system Partial Partial Partial
SQL injection vulnerability in admincp/attachment.php in Jelsoft vBulletin 3.6.5 allows remote authenticated administrators to execute arbitrary SQL commands via the "Attached Before" field.
14618 CVE-2007-1572 Exec Code Sql 2007-03-21 2008-09-05
6.8
User Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in search.asp in JGBBS 3.0 Beta 1 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter, a different vector than CVE-2007-1440. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
14619 CVE-2007-1571 Exec Code File Inclusion 2007-03-21 2018-10-16
6.8
User Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in includes/base.php in Radical Designs Activist Mobilization Platform (AMP) 3.2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the base_path parameter.
14620 CVE-2007-1564 200 +Info 2007-03-21 2017-10-10
6.8
None Remote Medium Not required Partial Partial Partial
The FTP protocol implementation in Konqueror 3.5.5 allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response.
14621 CVE-2007-1563 200 +Info 2007-03-21 2011-07-08
6.8
None Remote Medium Not required Partial Partial Partial
The FTP protocol implementation in Opera 9.10 allows remote attackers to allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response.
14622 CVE-2007-1562 200 +Info 2007-03-21 2018-10-19
6.8
None Remote Medium Not required Partial Partial Partial
The FTP protocol implementation in Mozilla Firefox before 1.5.0.11 and 2.x before 2.0.0.3 allows remote attackers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response.
14623 CVE-2007-1554 2007-03-20 2008-09-05
6.8
User Remote Medium Not required Partial Partial Partial
Direct static code injection vulnerability in admin/configuration.php in Guestbara 1.2 and earlier allows remote authenticated users to inject arbitrary PHP code into config.php via the (1) admin_mail, (2) emotpatch, (3) login, (4) pass, and unspecified other parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
14624 CVE-2007-1549 2007-03-20 2018-10-16
6.8
User Remote Medium Not required Partial Partial Partial
Unrestricted file upload vulnerability in gallery.php in phpx 3.5.15 allows remote attackers to upload and execute arbitrary PHP scripts via an addImage action, which places scripts into the gallery/shelties/ directory.
14625 CVE-2007-1532 2007-03-20 2018-10-16
6.4
None Remote Low Not required Partial Partial None
The neighbor discovery implementation in Microsoft Windows Vista allows remote attackers to conduct a redirect attack by (1) responding to queries by sending spoofed Neighbor Advertisements or (2) blindly sending Neighbor Advertisements.
14626 CVE-2007-1526 Bypass 2007-03-20 2008-11-13
6.0
User Remote Medium Single system Partial Partial Partial
Sun Java System Web Server 6.1 before 20070314 allows remote authenticated users with revoked client certificates to bypass the Certificate Revocation List (CRL) authorization control and access secure web server instances running under an account different from that used for the admin server via unspecified vectors.
14627 CVE-2007-1525 Exec Code 2007-03-20 2017-10-10
6.8
User Remote Medium Not required Partial Partial Partial
Direct static code injection vulnerability in postpost.php in Dayfox Blog (dfblog) 4 allows remote attackers to execute arbitrary PHP code via the cat parameter, which can be executed via a request to posts.php.
14628 CVE-2007-1522 Exec Code 2007-03-20 2008-09-05
6.8
User Remote Medium Not required Partial Partial Partial
Double free vulnerability in the session extension in PHP 5.2.0 and 5.2.1 allows context-dependent attackers to execute arbitrary code via illegal characters in a session identifier, which is rejected by an internal session storage module, which calls the session identifier generator with an improper environment, leading to code execution when the generator is interrupted, as demonstrated by triggering a memory limit violation or certain PHP errors.
14629 CVE-2007-1521 Exec Code 2007-03-20 2008-09-05
6.8
User Remote Medium Not required Partial Partial Partial
Double free vulnerability in PHP before 4.4.7, and 5.x before 5.2.2, allows context-dependent attackers to execute arbitrary code by interrupting the session_regenerate_id function, as demonstrated by calling a userspace error handler or triggering a memory limit violation.
14630 CVE-2007-1520 352 CSRF 2007-03-20 2018-10-16
6.8
None Remote Medium Not required Partial Partial Partial
The cross-site request forgery (CSRF) protection in PHP-Nuke 8.0 and earlier does not ensure the SERVER superglobal is an array before validating the HTTP_REFERER, which allows remote attackers to conduct CSRF attacks.
14631 CVE-2007-1516 Exec Code File Inclusion 2007-03-20 2017-10-10
6.8
User Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in functions/update.php in Cicoandcico CcMail 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the functions_dir parameter.
14632 CVE-2007-1514 Exec Code File Inclusion 2007-03-20 2018-10-16
6.8
User Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in index.php in ViperWeb Portal alpha 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the modpath parameter.
14633 CVE-2007-1513 Exec Code File Inclusion 2007-03-20 2018-10-16
6.8
User Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in comanda.php in GraFX Company WebSite Builder (CWB) PRO 1.9.8, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the INCLUDE_PATH parameter.
14634 CVE-2007-1502 Exec Code Overflow 2007-03-19 2018-10-16
6.8
User Remote Medium Not required Partial Partial Partial
Multiple buffer overflows in Rhapsody IRC 0.28b allow remote attackers to execute arbitrary code via a (1) long command, (2) long server argument to the (a) connect or (b) server commands, (3) long nick argument to the (c) nick command, or a long (4) nick or (5) message argument to the (d) ctcp, (e) chat, (f) notice, (g) message (msg), or (h) query commands.
14635 CVE-2007-1494 XSS 2007-03-16 2008-11-13
6.8
User Remote Medium Not required Partial Partial Partial
Cross-site scripting (XSS) vulnerability in NukeSentinel before 2.5.06 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the "filters for https:// and http://".
14636 CVE-2007-1490 Exec Code 2007-03-16 2008-09-05
6.0
User Remote Medium Single system Partial Partial Partial
Unspecified maintenance web pages in Avaya S87XX, S8500, and S8300 before CM 3.1.3, and Avaya SES allow remote authenticated users to execute arbitrary commands via shell metacharacters in unspecified vectors (aka "shell command injection").
14637 CVE-2007-1489 352 CSRF 2007-03-16 2008-11-23
6.8
None Remote Medium Not required Partial Partial Partial
Unspecified vulnerability in web-app.org Web Automated Perl Portal (WebAPP) 0.9.9.4 to 0.9.9.6 allows remote attackers to obtain admin access by modifying cookies and performing "certain consecutive actions," possibly due to a cross-site request forgery (CSRF) vulnerability.
14638 CVE-2007-1474 +Priv 2007-03-16 2017-07-28
6.8
User Remote Medium Not required Partial Partial Partial
Argument injection vulnerability in the cleanup cron script in Horde Project Horde and IMP before Horde Application Framework 3.1.4 allows local users to delete arbitrary files and possibly gain privileges via multiple space-delimited pathnames.
14639 CVE-2007-1472 94 Exec Code File Inclusion 2007-03-16 2018-10-16
6.8
User Remote Medium Not required Partial Partial Partial
Variable overwrite vulnerability in groupit/base/groupit.start.inc in Groupit 2.00b5 allows remote attackers to conduct remote file inclusion attacks and execute arbitrary PHP code via arguments that are written to $_GLOBALS, as demonstrated using a URL in the c_basepath parameter to (1) content.php, (2) userprofile.php, (3) password.php, (4) dispatch.php, and (5) deliver.php in html/, and possibly (6) load.inc.php and related files.
14640 CVE-2007-1470 119 Exec Code Overflow 2007-03-16 2018-10-16
6.8
User Remote Medium Not required Partial Partial Partial
Multiple buffer overflows in LIBFtp 5.0 allow user-assisted remote attackers to execute arbitrary code via certain long arguments to the (1) FtpArchie, (2) FtpDebugDebug, (3) FtpOpenDir, (4) FtpSize, or (5) FtpChmod function.
14641 CVE-2007-1466 189 DoS Exec Code Overflow 2007-03-16 2018-10-16
6.8
User Remote Medium Not required Partial Partial Partial
Integer overflow in the WP6GeneralTextPacket::_readContents function in WordPerfect Document importer/exporter (libwpd) before 0.8.9 allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted WordPerfect file, a different vulnerability than CVE-2007-0002.
14642 CVE-2007-1464 Exec Code 2007-03-21 2018-10-16
6.8
User Remote Medium Not required Partial Partial Partial
Format string vulnerability in the whiteboard Jabber protocol in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors.
14643 CVE-2007-1463 Exec Code 2007-03-21 2018-10-16
6.8
User Remote Medium Not required Partial Partial Partial
Format string vulnerability in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a URI, which is not properly handled by certain dialogs.
14644 CVE-2007-1459 Exec Code File Inclusion 2007-03-14 2018-10-16
6.8
None Remote Medium Not required Partial Partial Partial
Multiple PHP remote file inclusion vulnerabilities in WebCreator 0.2.6-rc3 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the moddir parameter to (1) content/load.inc.php, (2) config/load.inc.php, (3) http/load.inc.php, and unspecified other files.
14645 CVE-2007-1458 Exec Code File Inclusion 2007-03-14 2018-10-16
6.8
None Remote Medium Not required Partial Partial Partial
Multiple PHP remote file inclusion vulnerabilities in CARE2X 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) inc_checkdate_lang.php, (2) inc_charset_fx.php, (3) inc_config_color.php, (4) inc_currency_set.php, (5) inc_db_makelink.php, (6) inc_diagnostics_report_fx.php, (7) inc_environment_global.php, (8) inc_front_chain_lang.php, (9) inc_init_crypt.php, (10) inc_load_copyrite.php, or (11) inc_news_save.php in include/; (12) diagnostics-report-index.php, (13) config_options_mascot.php, (14) barcode-labels.php, (15) chg-color.php, or (16) config_options_gui_template.php in main/; or unspecified other files.
14646 CVE-2007-1451 2007-03-14 2018-10-16
6.4
None Remote Low Not required None Partial Partial
GuppY 4.0 allows remote attackers to delete arbitrary files via a direct request to install/install.php, then selecting "Installation propre" (cleanup.php) and then "Suppression des fichiers d'installation" (delete.php).
14647 CVE-2007-1411 Exec Code Overflow 2007-03-10 2018-10-19
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in PHP 4.4.6 and earlier, and unspecified PHP 5 versions, allows local and possibly remote attackers to execute arbitrary code via long server name arguments to the (1) mssql_connect and (2) mssql_pconnect functions.
14648 CVE-2007-1401 Overflow +Priv 2007-03-10 2018-10-16
6.9
Admin Local Medium Not required Complete Complete Complete
Buffer overflow in the crack extension (CrackLib), as bundled with PHP 4.4.6 and other versions before 5.0.0, might allow local users to gain privileges via a long argument to the crack_opendict function.
14649 CVE-2007-1400 Exec Code 2007-03-10 2008-09-05
6.9
Admin Local Medium Not required Complete Complete Complete
Plash permits sandboxed processes to open /dev/tty, which allows local users to escape sandbox restrictions and execute arbitrary commands by sending characters to a shell process on the same termimal via the TIOCSTI ioctl.
14650 CVE-2007-1396 2007-03-10 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
The import_request_variables function in PHP 4.0.7 through 4.4.6, and 5.x before 5.2.2, when called without a prefix, does not prevent the (1) GET, (2) POST, (3) COOKIE, (4) FILES, (5) SERVER, (6) SESSION, and other superglobals from being overwritten, which allows remote attackers to spoof source IP address and Referer data, and have other unspecified impact. NOTE: it could be argued that this is a design limitation of PHP and that only the misuse of this feature, i.e. implementation bugs in applications, should be included in CVE. However, it has been fixed by the vendor.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.