CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
14051 CVE-2007-2003 Exec Code 2007-04-12 2017-10-10
6.8
User Remote Medium Not required Partial Partial Partial
InoutMailingListManager 3.1 and earlier sends a Location redirect header but does not exit after an authorization check fails, which allows remote attackers to access certain restricted functionality, and upload and execute arbitrary PHP code, by ignoring the redirect.
14052 CVE-2007-2002 Exec Code 2007-04-12 2017-10-10
6.8
User Remote Medium Not required Partial Partial Partial
InoutMailingListManager 3.1 and earlier allows remote attackers to access certain restricted functionality, and upload and execute arbitrary PHP code, by setting an arbitrary admin cookie.
14053 CVE-2007-2001 Exec Code 2007-04-12 2017-10-10
6.5
User Remote Low Single system Partial Partial Partial
Multiple direct static code injection vulnerabilities in admin/configurer2.php in Crea-Book 1.0 and earlier allow remote authenticated administrators to execute arbitrary PHP code via the "Fond de la page" (background color) field and other unspecified fields, which injects into config.inc.php3.
14054 CVE-2007-1996 94 Exec Code File Inclusion 2007-04-12 2018-10-16
6.8
None Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in codebreak.php in CodeBreak, probably 1.1.2 and earlier, allows remote attackers to execute arbitrary PHP code via a URL in the process_method parameter.
14055 CVE-2007-1995 20 DoS 2007-04-12 2017-10-10
6.3
None Remote Medium Single system None None Complete
bgpd/bgp_attr.c in Quagga 0.98.6 and earlier, and 0.99.6 and earlier 0.99 versions, does not validate length values in the MP_REACH_NLRI and MP_UNREACH_NLRI attributes, which allows remote attackers to cause a denial of service (daemon crash or exit) via crafted UPDATE messages that trigger an assertion error or out of bounds read.
14056 CVE-2007-1973 +Priv 2007-04-11 2018-10-16
6.9
Admin Local Medium Not required Complete Complete Complete
Race condition in the Virtual DOS Machine (VDM) in the Windows Kernel in Microsoft Windows NT 4.0 allows local users to modify memory and gain privileges via the temporary \Device\PhysicalMemory section handle, a related issue to CVE-2007-1206.
14057 CVE-2007-1968 Exec Code File Inclusion 2007-04-11 2018-10-16
6.8
User Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in games.php in Sam Crew MyBlog, possibly 1.0 through 1.6, allows remote attackers to execute arbitrary PHP code via a URL in the scoreid parameter.
14058 CVE-2007-1967 Exec Code File Inclusion 2007-04-11 2018-10-16
6.8
User Remote Medium Not required Partial Partial Partial
** DISPUTED ** PHP remote file inclusion vulnerability in index.php in stat12 allows remote attackers to execute arbitrary PHP code via a URL in the langpath parameter. NOTE: this issue was published by an unreliable researcher, and there is little information to determine which product is actually affected. This is probably an invalid report based on analysis by CVE and a third party.
14059 CVE-2007-1964 2007-04-11 2018-10-16
6.0
User Remote Medium Single system Partial Partial Partial
member.php in MyBB (aka MyBulletinBoard), when debug mode is available, allows remote authenticated users to change the password of any account by providing the account's registered e-mail address in a debug request for a do_lostpw action, which prints the change password verification code in the debug output.
14060 CVE-2007-1957 Exec Code File Inclusion 2007-04-10 2018-10-16
6.8
User Remote Medium Not required Partial Partial Partial
Multiple PHP remote file inclusion vulnerabilities in Guernion Sylvain Portail Web Php (aka Gsylvain35 Portail Web, PwP) allow remote attackers to execute arbitrary PHP code via a URL in the pageAll parameter to index.php in (1) template/Vert/, or (2) template/Noir/.
14061 CVE-2007-1939 XSS 2007-04-10 2008-09-05
6.8
User Remote Medium Not required Partial Partial Partial
Cross-site scripting (XSS) vulnerability in the embedded webserver in Daniel Naber LanguageTool before 0.8.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving an error message, possibly the demultiplex method in HTTPServer.java.
14062 CVE-2007-1937 Exec Code File Inclusion 2007-04-10 2018-10-16
6.8
User Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in smilies.php in Scorp Book 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the config parameter.
14063 CVE-2007-1936 Exec Code File Inclusion 2007-04-10 2017-10-10
6.8
User Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in scaradcontrol.php in ScarAdControl (ScarAdController) 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the sac_config_dir parameter.
14064 CVE-2007-1935 Exec Code File Inclusion 2007-04-10 2017-10-10
6.8
User Remote Medium Not required Partial Partial Partial
PHP file inclusion vulnerability in admin/index.php in ScarAdControl (ScarAdController) 1.1 allows remote attackers to execute arbitrary PHP code via a UNC share pathname or a local file pathname in the site parameter, which is accessed by the file_exists function.
14065 CVE-2007-1934 Dir. Trav. 2007-04-10 2017-10-10
6.8
User Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in member.php in the eBoard 1.0.7 module for PHP-Nuke allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the GLOBALS[name] parameter.
14066 CVE-2007-1926 XSS 2007-04-10 2018-10-16
6.8
User Remote Medium Not required Partial Partial Partial
Cross-site scripting (XSS) vulnerability in JBMC Software DirectAdmin before 1.293 does not properly display log files, which allows remote authenticated users to inject arbitrary web script or HTML via (1) http or (2) ftp requests logged in /var/log/directadmin/security.log; (3) allows context-dependent attackers to inject arbitrary web script or HTML into /var/log/messages via a PHP script that invokes /usr/bin/logger; (4) allows local users to inject arbitrary web script or HTML into /var/log/messages by invoking /usr/bin/logger at the command line; and allows remote attackers to inject arbitrary web script or HTML via remote requests logged in the (5) /var/log/exim/rejectlog, (6) /var/log/exim/mainlog, (7) /var/log/proftpd/auth.log, (8) /var/log/httpd/error_log, (9) /var/log/httpd/access_log, (10) /var/log/directadmin/error.log, and (11) /var/log/directadmin/security.log files.
14067 CVE-2007-1925 2007-04-10 2017-07-28
6.5
User Remote Low Single system Partial Partial Partial
The borrado function in modules/Your_Account/index.php in Tru-Zone Nuke ET 3.4 before fix 7 does not verify that account deletion requests come from the account owner, which allows remote authenticated users to delete arbitrary accounts via a modified cookie.
14068 CVE-2007-1924 Exec Code File Inclusion 2007-04-10 2018-10-16
6.8
User Remote Medium Not required Partial Partial Partial
** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in phpContact allow remote attackers to execute arbitrary PHP code via a URL in the include_path parameter to (1) contact_business.php or (2) contact_person.php. NOTE: this issue is disputed by CVE and a reliable third party, because include_path is initialized to a fixed value before use.
14069 CVE-2007-1912 Overflow 2007-04-10 2017-10-10
6.8
User Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in Microsoft Windows allows user-assisted remote attackers to have an unknown impact via a crafted .HLP file.
14070 CVE-2007-1910 DoS Exec Code Overflow 2007-04-10 2017-10-18
6.8
User Remote Medium Not required Partial Partial Partial
Buffer overflow in wwlib.dll in Microsoft Word 2007 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted document, as demonstrated by file789-1.doc.
14071 CVE-2007-1908 Exec Code File Inclusion 2007-04-10 2017-10-10
6.8
User Remote Medium Not required Partial Partial Partial
PHP file inclusion vulnerability in php121db.php in PHP121 Instant Messenger 2.2 allows remote attackers to execute arbitrary PHP code via a UNC share pathname or a local file pathname in the php121dir parameter, which is accessed by the file_exists function.
14072 CVE-2007-1907 Exec Code File Inclusion 2007-04-10 2017-10-10
6.8
User Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in warn.php in Pathos Content Management System (CMS) 0.92-2 allows remote attackers to execute arbitrary PHP code via a URL in the file parameter.
14073 CVE-2007-1906 Dir. Trav. 2007-04-10 2018-10-16
6.8
User Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in richedit/keyboard.php in eCardMAX HotEditor (Hot Editor) 4.0, and the HotEditor plugin for MyBB, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the first parameter.
14074 CVE-2007-1902 Exec Code Sql 2007-05-14 2018-10-16
6.8
User Remote Medium Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in SonicBB 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) part and (2) by parameters to (a) search.php, or the (2) id parameter to (b) viewforum.php.
14075 CVE-2007-1897 89 Exec Code Sql 2007-04-09 2017-10-10
6.5
User Remote Low Single system Partial Partial Partial
SQL injection vulnerability in xmlrpc (xmlrpc.php) in WordPress 2.1.2, and probably earlier, allows remote authenticated users to execute arbitrary SQL commands via a string parameter value in an XML RPC mt.setPostCategories method call, related to the post_id variable.
14076 CVE-2007-1895 Exec Code File Inclusion 2007-04-09 2017-10-10
6.8
User Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in chat.php in Sky GUNNING MySpeach 3.0.7 and earlier, when used with PHP 5, allows remote attackers to execute arbitrary PHP code via an ftp URL in a my_ms[root] cookie, a different vector than CVE-2007-0491 and CVE-2006-4630.
14077 CVE-2007-1886 Overflow 2007-04-05 2017-07-28
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in the str_replace function in PHP 4.4.5 and PHP 5.2.1 allows context-dependent attackers to have an unknown impact via a single character search string in conjunction with a single character replacement string, which causes an "off by one overflow."
14078 CVE-2007-1884 Exec Code Bypass 2007-04-05 2018-10-30
6.8
User Remote Medium Not required Partial Partial Partial
Multiple integer signedness errors in the printf function family in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 on 64 bit machines allow context-dependent attackers to execute arbitrary code via (1) certain negative argument numbers that arise in the php_formatted_print function because of 64 to 32 bit truncation, and bypass a check for the maximum allowable value; and (2) a width and precision of -1, which make it possible for the php_sprintf_appendstring function to place an internal buffer at an arbitrary memory location.
14079 CVE-2007-1882 Exec Code 2007-04-05 2017-07-28
6.5
User Remote Low Single system Partial Partial Partial
qcbin/servlet/tdservlet/TDAPI_GeneralWebTreatment in HP Mercury Quality Center 9.0 build 9.1.0.4352 allows remote authenticated users to execute arbitrary SQL commands via the RunQuery method.
14080 CVE-2007-1881 +Priv 2007-04-05 2008-09-05
6.8
Admin Local Low Single system Complete Complete Complete
Unspecified vulnerability in KLIF (klif.sys) in Kaspersky Anti-Virus, Anti-Virus for Workstations, and Anti-Virus for File Servers 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows local users to gain Ring-0 privileges via unspecified vectors.
14081 CVE-2007-1880 Exec Code Overflow 2007-04-05 2017-07-28
6.6
Admin Local Medium Single system Complete Complete Complete
Integer overflow in the _NtSetValueKey function in klif.sys in Kaspersky Anti-Virus, Anti-Virus for Workstations, Anti-Virus for File Server 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows context-dependent attackers to execute arbitrary code via a large, unsigned "data size argument," which results in a heap overflow.
14082 CVE-2007-1878 Exec Code Bypass 2007-04-05 2018-10-16
6.8
User Remote Medium Not required Partial Partial Partial
Cross-zone scripting vulnerability in the DOM templates (domplates) used by the console.log function in the Firebug extension before 1.03 for Mozilla Firefox allows remote attackers to bypass zone restrictions, read arbitrary file:// URIs, or execute arbitrary code in the browser chrome, as demonstrated via the runFile function, related to lack of HTML escaping in the property name.
14083 CVE-2007-1852 Exec Code File Inclusion 2007-04-03 2018-10-16
6.8
None Remote Medium Not required Partial Partial Partial
** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in 2BGal 3.1.1 allow remote attackers to execute arbitrary PHP code via a URL in the lang_filename parameter to (1) index.php or (2) backupdb.inc.php in admin/, or other unspecified files, different vectors than CVE-2006-5505. NOTE: this issue has been disputed by CVE, since the lang_filename variable is defined before it is used.
14084 CVE-2007-1843 94 Exec Code File Inclusion 2007-04-03 2018-10-16
6.8
User Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in gmapfactory/params.php in MapLab 2.2.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the gszAppPath parameter.
14085 CVE-2007-1831 2007-04-02 2008-11-15
6.0
None Remote Medium Single system Partial Partial Partial
web-app.org WebAPP before 0.9.9.6 allows remote authenticated users to open files and write "wrong data" via a crafted QUERY_STRING.
14086 CVE-2007-1827 Exec Code 2007-04-02 2008-11-15
6.0
User Remote Medium Single system Partial Partial Partial
Multiple unspecified vulnerabilities in form input validation in web-app.org WebAPP before 0.9.9.6 allow remote authenticated users to corrupt data files, gain access to private files, and execute arbitrary code via "certain characters."
14087 CVE-2007-1802 XSS 2007-04-02 2017-07-28
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site scripting (XSS) vulnerability in MailDwarf 3.01 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
14088 CVE-2007-1799 Dir. Trav. 2007-04-02 2017-07-28
6.4
None Remote Low Not required None Partial Partial
Directory traversal vulnerability in torrent.cpp in KTorrent before 2.1.3 only checks for the ".." string, which allows remote attackers to overwrite arbitrary files via modified ".." sequences in a torrent filename, as demonstrated by "../" sequences, due to an incomplete fix for CVE-2007-1384.
14089 CVE-2007-1797 189 Exec Code Overflow 2007-04-02 2017-10-10
6.8
User Remote Medium Not required Partial Partial Partial
Multiple integer overflows in ImageMagick before 6.3.3-5 allow remote attackers to execute arbitrary code via (1) a crafted DCM image, which results in a heap-based overflow in the ReadDCMImage function, or (2) the (a) colors or (b) comments field in a crafted XWD image, which results in a heap-based overflow in the ReadXWDImage function, different issues than CVE-2007-1667.
14090 CVE-2007-1790 94 Exec Code File Inclusion 2007-03-31 2017-10-10
6.8
User Remote Medium Not required Partial Partial Partial
Multiple PHP remote file inclusion vulnerabilities in Kaqoo Auction Software Free Edition allow remote attackers to execute arbitrary PHP code via a URL in the install_root parameter to (1) support.inc.php, (2) function.inc.php, (3) rdal_object.inc.php, (4) rdal_editor.inc.php. (5) login.inc.php, (6) request.inc.php, and (7) categories.inc.php in include/core/; (8) save.inc.php, (9) preview.inc.php, (10) edit_item.inc.php, (11) new_item.inc.php, and (12) item_info.inc.php in include/display/item/; (13) search.inc.php, (14) item_edit.inc.php, (15) register_succsess.inc.php, (16) context_menu.inc.php, (17) item_repost.inc.php, (18) balance.inc.php, (19) featured.inc.php, (20) user.inc.php, (21) buynow.inc.php, (22) install_complete.inc.php, (23) fees_info.inc.php, (24) user_feedback.inc.php, (25) admin_balance.inc.php, (26) activate.inc.php, (27) user_info.inc.php, (28) member.inc.php, (29) add_bid.inc.php, (30) items_filter.inc.php, (31) my_info.inc.php, (32) register.inc.php, (33) leave_feedback.inc.php, and (34) user_auctions.inc.php in include/display/; and (35) design/form.inc.php, (36) processor.inc.php, (37) interfaces.inc.php (38) left_menu.inc.php, (39) login.inc.php, and (40) categories.inc.php in include/.
14091 CVE-2007-1789 +Info 2007-03-31 2008-11-13
6.8
User Remote Medium Not required Partial Partial Partial
Flyspray 0.9.9 allows remote attackers to obtain sensitive information (private project summaries) via direct requests.
14092 CVE-2007-1788 Bypass 2007-03-31 2008-09-05
6.8
User Remote Medium Not required Partial Partial Partial
Flyspray 0.9.9, when output_buffering is disabled or "set to a low value," allows remote attackers to bypass authentication via a crafted post request.
14093 CVE-2007-1786 Exec Code Sql 2007-03-31 2017-07-28
6.8
User Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in Hitachi Collaboration - Online Community Management 01-00 through 01-30, as used in Groupmax Collaboration Portal, Groupmax Collaboration Web Client, uCosminexus Collaboration Portal, Cosminexus Collaboration Portal, and uCosminexus Content Manager, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
14094 CVE-2007-1776 89 Exec Code Sql 2007-03-29 2017-10-10
6.8
User Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in index.php in the DesignForJoomla.com D4J eZine (com_ezine) 2.8 and earlier component for Joomla! allows remote attackers to execute arbitrary SQL commands via the article parameter in a read action.
14095 CVE-2007-1775 Exec Code 2007-03-29 2008-11-13
6.8
User Remote Medium Not required Partial Partial Partial
Unrestricted file upload vulnerability in upload.php3 in JBrowser 2.4 and earlier allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
14096 CVE-2007-1764 Exec Code Overflow 2007-03-29 2018-10-16
6.0
User Remote Medium Single system Partial Partial Partial
Stack-based buffer overflow in FastStone Image Viewer 2.8 allows user-assisted remote attackers to execute arbitrary code via a crafted JPG image.
14097 CVE-2007-1744 Dir. Trav. 2007-05-02 2018-10-16
6.3
None Local Medium Not required Complete Complete None
Directory traversal vulnerability in the Shared Folders feature for VMware Workstation before 5.5.4, when a folder is shared, allows users on the guest system to write to arbitrary files on the host system via the "Backdoor I/O Port" interface.
14098 CVE-2007-1741 362 Exec Code +Priv 2007-04-13 2017-07-28
6.2
Admin Local High Not required Complete Complete Complete
Multiple race conditions in suexec in Apache HTTP Server (httpd) 2.2.3 between directory and file validation, and their usage, allow local users to gain privileges and execute arbitrary code by renaming directories or performing symlink attacks. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because "the attacks described rely on an insecure server configuration" in which the user "has write access to the document root."
14099 CVE-2007-1738 DoS +Priv 2007-03-28 2018-10-16
6.9
Admin Local Medium Not required Complete Complete Complete
TrueCrypt 4.3, when installed setuid root, allows local users to cause a denial of service (filesystem unavailability) or gain privileges by mounting a crafted TrueCrypt volume, as demonstrated using (1) /usr/bin or (2) another user's home directory, a different issue than CVE-2007-1589.
14100 CVE-2007-1730 DoS 2007-03-28 2018-10-16
6.6
None Local Low Not required Complete None Complete
Integer signedness error in the DCCP support in the do_dccp_getsockopt function in net/dccp/proto.c in Linux kernel 2.6.20 and later allows local users to read kernel memory or cause a denial of service (oops) via a negative optlen value.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.