CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
15251 CVE-2007-2024 2007-04-13 2018-10-16
6.8
User Remote Medium Not required Partial Partial Partial
Unrestricted file upload vulnerability in the UpLoad feature (lib/plugin/UpLoad.php) in PhpWiki 1.3.x allows remote attackers to upload arbitrary PHP files with a (1) php3, (2) php4, or (3) php5 extension.
15252 CVE-2007-2022 200 +Info 2007-04-13 2017-10-10
6.8
None Remote Medium Not required Partial Partial Partial
Adobe Macromedia Flash Player 7 and 9, when used with Opera before 9.20 or Konqueror before 20070613, allows remote attackers to obtain sensitive information (browser keystrokes), which are leaked to the Flash Player applet.
15253 CVE-2007-2018 Exec Code Sql 2007-04-12 2017-07-28
6.5
User Remote Low Single system Partial Partial Partial
SQL injection vulnerability in msg.php in AlstraSoft Video Share Enterprise allows remote authenticated users to execute arbitrary SQL commands via the id parameter.
15254 CVE-2007-2015 Exec Code File Inclusion 2007-04-12 2018-10-16
6.8
User Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in index.php in Request It 1.0b allows remote attackers to execute arbitrary PHP code via a URL in the id parameter.
15255 CVE-2007-2010 119 DoS Overflow 2007-04-12 2017-07-28
6.8
None Remote Low Single system None None Complete
Double free vulnerability in bftpd before 1.8 allows remote authenticated users to cause a denial of service (daemon crash) via a (1) get or (2) mget command.
15256 CVE-2007-2009 Exec Code File Inclusion 2007-04-12 2018-10-16
6.8
User Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in index.php in SimpCMS Light 04.10.2007 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the site parameter.
15257 CVE-2007-2005 94 Exec Code File Inclusion 2007-04-12 2017-10-10
6.8
User Remote Medium Not required Partial Partial Partial
Multiple PHP remote file inclusion vulnerabilities in the Taskhopper 1.1 component for Mambo and Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) contact_type.php, (2) itemstatus_type.php, (3) projectstatus_type.php, (4) request_type.php, (5) responses_type.php, (6) timelog_type.php, or (7) urgency_type.php in inc/.
15258 CVE-2007-2003 Exec Code 2007-04-12 2017-10-10
6.8
User Remote Medium Not required Partial Partial Partial
InoutMailingListManager 3.1 and earlier sends a Location redirect header but does not exit after an authorization check fails, which allows remote attackers to access certain restricted functionality, and upload and execute arbitrary PHP code, by ignoring the redirect.
15259 CVE-2007-2002 Exec Code 2007-04-12 2017-10-10
6.8
User Remote Medium Not required Partial Partial Partial
InoutMailingListManager 3.1 and earlier allows remote attackers to access certain restricted functionality, and upload and execute arbitrary PHP code, by setting an arbitrary admin cookie.
15260 CVE-2007-2001 Exec Code 2007-04-12 2017-10-10
6.5
User Remote Low Single system Partial Partial Partial
Multiple direct static code injection vulnerabilities in admin/configurer2.php in Crea-Book 1.0 and earlier allow remote authenticated administrators to execute arbitrary PHP code via the "Fond de la page" (background color) field and other unspecified fields, which injects into config.inc.php3.
15261 CVE-2007-1996 94 Exec Code File Inclusion 2007-04-12 2018-10-16
6.8
None Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in codebreak.php in CodeBreak, probably 1.1.2 and earlier, allows remote attackers to execute arbitrary PHP code via a URL in the process_method parameter.
15262 CVE-2007-1995 20 DoS 2007-04-12 2017-10-10
6.3
None Remote Medium Single system None None Complete
bgpd/bgp_attr.c in Quagga 0.98.6 and earlier, and 0.99.6 and earlier 0.99 versions, does not validate length values in the MP_REACH_NLRI and MP_UNREACH_NLRI attributes, which allows remote attackers to cause a denial of service (daemon crash or exit) via crafted UPDATE messages that trigger an assertion error or out of bounds read.
15263 CVE-2007-1973 +Priv 2007-04-11 2018-10-16
6.9
Admin Local Medium Not required Complete Complete Complete
Race condition in the Virtual DOS Machine (VDM) in the Windows Kernel in Microsoft Windows NT 4.0 allows local users to modify memory and gain privileges via the temporary \Device\PhysicalMemory section handle, a related issue to CVE-2007-1206.
15264 CVE-2007-1968 Exec Code File Inclusion 2007-04-11 2018-10-16
6.8
User Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in games.php in Sam Crew MyBlog, possibly 1.0 through 1.6, allows remote attackers to execute arbitrary PHP code via a URL in the scoreid parameter.
15265 CVE-2007-1967 Exec Code File Inclusion 2007-04-11 2018-10-16
6.8
User Remote Medium Not required Partial Partial Partial
** DISPUTED ** PHP remote file inclusion vulnerability in index.php in stat12 allows remote attackers to execute arbitrary PHP code via a URL in the langpath parameter. NOTE: this issue was published by an unreliable researcher, and there is little information to determine which product is actually affected. This is probably an invalid report based on analysis by CVE and a third party.
15266 CVE-2007-1964 2007-04-11 2018-10-16
6.0
User Remote Medium Single system Partial Partial Partial
member.php in MyBB (aka MyBulletinBoard), when debug mode is available, allows remote authenticated users to change the password of any account by providing the account's registered e-mail address in a debug request for a do_lostpw action, which prints the change password verification code in the debug output.
15267 CVE-2007-1957 Exec Code File Inclusion 2007-04-10 2018-10-16
6.8
User Remote Medium Not required Partial Partial Partial
Multiple PHP remote file inclusion vulnerabilities in Guernion Sylvain Portail Web Php (aka Gsylvain35 Portail Web, PwP) allow remote attackers to execute arbitrary PHP code via a URL in the pageAll parameter to index.php in (1) template/Vert/, or (2) template/Noir/.
15268 CVE-2007-1939 XSS 2007-04-10 2008-09-05
6.8
User Remote Medium Not required Partial Partial Partial
Cross-site scripting (XSS) vulnerability in the embedded webserver in Daniel Naber LanguageTool before 0.8.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving an error message, possibly the demultiplex method in HTTPServer.java.
15269 CVE-2007-1937 Exec Code File Inclusion 2007-04-10 2018-10-16
6.8
User Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in smilies.php in Scorp Book 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the config parameter.
15270 CVE-2007-1936 Exec Code File Inclusion 2007-04-10 2017-10-10
6.8
User Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in scaradcontrol.php in ScarAdControl (ScarAdController) 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the sac_config_dir parameter.
15271 CVE-2007-1935 Exec Code File Inclusion 2007-04-10 2017-10-10
6.8
User Remote Medium Not required Partial Partial Partial
PHP file inclusion vulnerability in admin/index.php in ScarAdControl (ScarAdController) 1.1 allows remote attackers to execute arbitrary PHP code via a UNC share pathname or a local file pathname in the site parameter, which is accessed by the file_exists function.
15272 CVE-2007-1934 Dir. Trav. 2007-04-10 2017-10-10
6.8
User Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in member.php in the eBoard 1.0.7 module for PHP-Nuke allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the GLOBALS[name] parameter.
15273 CVE-2007-1926 XSS 2007-04-10 2018-10-16
6.8
User Remote Medium Not required Partial Partial Partial
Cross-site scripting (XSS) vulnerability in JBMC Software DirectAdmin before 1.293 does not properly display log files, which allows remote authenticated users to inject arbitrary web script or HTML via (1) http or (2) ftp requests logged in /var/log/directadmin/security.log; (3) allows context-dependent attackers to inject arbitrary web script or HTML into /var/log/messages via a PHP script that invokes /usr/bin/logger; (4) allows local users to inject arbitrary web script or HTML into /var/log/messages by invoking /usr/bin/logger at the command line; and allows remote attackers to inject arbitrary web script or HTML via remote requests logged in the (5) /var/log/exim/rejectlog, (6) /var/log/exim/mainlog, (7) /var/log/proftpd/auth.log, (8) /var/log/httpd/error_log, (9) /var/log/httpd/access_log, (10) /var/log/directadmin/error.log, and (11) /var/log/directadmin/security.log files.
15274 CVE-2007-1925 2007-04-10 2017-07-28
6.5
User Remote Low Single system Partial Partial Partial
The borrado function in modules/Your_Account/index.php in Tru-Zone Nuke ET 3.4 before fix 7 does not verify that account deletion requests come from the account owner, which allows remote authenticated users to delete arbitrary accounts via a modified cookie.
15275 CVE-2007-1924 Exec Code File Inclusion 2007-04-10 2018-10-16
6.8
User Remote Medium Not required Partial Partial Partial
** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in phpContact allow remote attackers to execute arbitrary PHP code via a URL in the include_path parameter to (1) contact_business.php or (2) contact_person.php. NOTE: this issue is disputed by CVE and a reliable third party, because include_path is initialized to a fixed value before use.
15276 CVE-2007-1912 Overflow 2007-04-10 2017-10-10
6.8
User Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in Microsoft Windows allows user-assisted remote attackers to have an unknown impact via a crafted .HLP file.
15277 CVE-2007-1910 DoS Exec Code Overflow 2007-04-10 2017-10-18
6.8
User Remote Medium Not required Partial Partial Partial
Buffer overflow in wwlib.dll in Microsoft Word 2007 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted document, as demonstrated by file789-1.doc.
15278 CVE-2007-1908 Exec Code File Inclusion 2007-04-10 2017-10-10
6.8
User Remote Medium Not required Partial Partial Partial
PHP file inclusion vulnerability in php121db.php in PHP121 Instant Messenger 2.2 allows remote attackers to execute arbitrary PHP code via a UNC share pathname or a local file pathname in the php121dir parameter, which is accessed by the file_exists function.
15279 CVE-2007-1907 Exec Code File Inclusion 2007-04-10 2017-10-10
6.8
User Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in warn.php in Pathos Content Management System (CMS) 0.92-2 allows remote attackers to execute arbitrary PHP code via a URL in the file parameter.
15280 CVE-2007-1906 Dir. Trav. 2007-04-10 2018-10-16
6.8
User Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in richedit/keyboard.php in eCardMAX HotEditor (Hot Editor) 4.0, and the HotEditor plugin for MyBB, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the first parameter.
15281 CVE-2007-1902 Exec Code Sql 2007-05-14 2018-10-16
6.8
User Remote Medium Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in SonicBB 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) part and (2) by parameters to (a) search.php, or the (2) id parameter to (b) viewforum.php.
15282 CVE-2007-1897 89 Exec Code Sql 2007-04-09 2017-10-10
6.5
User Remote Low Single system Partial Partial Partial
SQL injection vulnerability in xmlrpc (xmlrpc.php) in WordPress 2.1.2, and probably earlier, allows remote authenticated users to execute arbitrary SQL commands via a string parameter value in an XML RPC mt.setPostCategories method call, related to the post_id variable.
15283 CVE-2007-1895 Exec Code File Inclusion 2007-04-09 2017-10-10
6.8
User Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in chat.php in Sky GUNNING MySpeach 3.0.7 and earlier, when used with PHP 5, allows remote attackers to execute arbitrary PHP code via an ftp URL in a my_ms[root] cookie, a different vector than CVE-2007-0491 and CVE-2006-4630.
15284 CVE-2007-1886 Overflow 2007-04-05 2017-07-28
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in the str_replace function in PHP 4.4.5 and PHP 5.2.1 allows context-dependent attackers to have an unknown impact via a single character search string in conjunction with a single character replacement string, which causes an "off by one overflow."
15285 CVE-2007-1884 Exec Code Bypass 2007-04-05 2018-10-30
6.8
User Remote Medium Not required Partial Partial Partial
Multiple integer signedness errors in the printf function family in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 on 64 bit machines allow context-dependent attackers to execute arbitrary code via (1) certain negative argument numbers that arise in the php_formatted_print function because of 64 to 32 bit truncation, and bypass a check for the maximum allowable value; and (2) a width and precision of -1, which make it possible for the php_sprintf_appendstring function to place an internal buffer at an arbitrary memory location.
15286 CVE-2007-1882 Exec Code 2007-04-05 2017-07-28
6.5
User Remote Low Single system Partial Partial Partial
qcbin/servlet/tdservlet/TDAPI_GeneralWebTreatment in HP Mercury Quality Center 9.0 build 9.1.0.4352 allows remote authenticated users to execute arbitrary SQL commands via the RunQuery method.
15287 CVE-2007-1881 +Priv 2007-04-05 2008-09-05
6.8
Admin Local Low Single system Complete Complete Complete
Unspecified vulnerability in KLIF (klif.sys) in Kaspersky Anti-Virus, Anti-Virus for Workstations, and Anti-Virus for File Servers 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows local users to gain Ring-0 privileges via unspecified vectors.
15288 CVE-2007-1880 Exec Code Overflow 2007-04-05 2017-07-28
6.6
Admin Local Medium Single system Complete Complete Complete
Integer overflow in the _NtSetValueKey function in klif.sys in Kaspersky Anti-Virus, Anti-Virus for Workstations, Anti-Virus for File Server 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows context-dependent attackers to execute arbitrary code via a large, unsigned "data size argument," which results in a heap overflow.
15289 CVE-2007-1878 Exec Code Bypass 2007-04-05 2018-10-16
6.8
User Remote Medium Not required Partial Partial Partial
Cross-zone scripting vulnerability in the DOM templates (domplates) used by the console.log function in the Firebug extension before 1.03 for Mozilla Firefox allows remote attackers to bypass zone restrictions, read arbitrary file:// URIs, or execute arbitrary code in the browser chrome, as demonstrated via the runFile function, related to lack of HTML escaping in the property name.
15290 CVE-2007-1852 Exec Code File Inclusion 2007-04-03 2018-10-16
6.8
None Remote Medium Not required Partial Partial Partial
** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in 2BGal 3.1.1 allow remote attackers to execute arbitrary PHP code via a URL in the lang_filename parameter to (1) index.php or (2) backupdb.inc.php in admin/, or other unspecified files, different vectors than CVE-2006-5505. NOTE: this issue has been disputed by CVE, since the lang_filename variable is defined before it is used.
15291 CVE-2007-1843 94 Exec Code File Inclusion 2007-04-03 2018-10-16
6.8
User Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in gmapfactory/params.php in MapLab 2.2.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the gszAppPath parameter.
15292 CVE-2007-1831 2007-04-02 2008-11-15
6.0
None Remote Medium Single system Partial Partial Partial
web-app.org WebAPP before 0.9.9.6 allows remote authenticated users to open files and write "wrong data" via a crafted QUERY_STRING.
15293 CVE-2007-1827 Exec Code 2007-04-02 2008-11-15
6.0
User Remote Medium Single system Partial Partial Partial
Multiple unspecified vulnerabilities in form input validation in web-app.org WebAPP before 0.9.9.6 allow remote authenticated users to corrupt data files, gain access to private files, and execute arbitrary code via "certain characters."
15294 CVE-2007-1802 XSS 2007-04-02 2017-07-28
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site scripting (XSS) vulnerability in MailDwarf 3.01 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
15295 CVE-2007-1799 Dir. Trav. 2007-04-02 2017-07-28
6.4
None Remote Low Not required None Partial Partial
Directory traversal vulnerability in torrent.cpp in KTorrent before 2.1.3 only checks for the ".." string, which allows remote attackers to overwrite arbitrary files via modified ".." sequences in a torrent filename, as demonstrated by "../" sequences, due to an incomplete fix for CVE-2007-1384.
15296 CVE-2007-1797 189 Exec Code Overflow 2007-04-02 2017-10-10
6.8
User Remote Medium Not required Partial Partial Partial
Multiple integer overflows in ImageMagick before 6.3.3-5 allow remote attackers to execute arbitrary code via (1) a crafted DCM image, which results in a heap-based overflow in the ReadDCMImage function, or (2) the (a) colors or (b) comments field in a crafted XWD image, which results in a heap-based overflow in the ReadXWDImage function, different issues than CVE-2007-1667.
15297 CVE-2007-1790 94 Exec Code File Inclusion 2007-03-31 2017-10-10
6.8
User Remote Medium Not required Partial Partial Partial
Multiple PHP remote file inclusion vulnerabilities in Kaqoo Auction Software Free Edition allow remote attackers to execute arbitrary PHP code via a URL in the install_root parameter to (1) support.inc.php, (2) function.inc.php, (3) rdal_object.inc.php, (4) rdal_editor.inc.php. (5) login.inc.php, (6) request.inc.php, and (7) categories.inc.php in include/core/; (8) save.inc.php, (9) preview.inc.php, (10) edit_item.inc.php, (11) new_item.inc.php, and (12) item_info.inc.php in include/display/item/; (13) search.inc.php, (14) item_edit.inc.php, (15) register_succsess.inc.php, (16) context_menu.inc.php, (17) item_repost.inc.php, (18) balance.inc.php, (19) featured.inc.php, (20) user.inc.php, (21) buynow.inc.php, (22) install_complete.inc.php, (23) fees_info.inc.php, (24) user_feedback.inc.php, (25) admin_balance.inc.php, (26) activate.inc.php, (27) user_info.inc.php, (28) member.inc.php, (29) add_bid.inc.php, (30) items_filter.inc.php, (31) my_info.inc.php, (32) register.inc.php, (33) leave_feedback.inc.php, and (34) user_auctions.inc.php in include/display/; and (35) design/form.inc.php, (36) processor.inc.php, (37) interfaces.inc.php (38) left_menu.inc.php, (39) login.inc.php, and (40) categories.inc.php in include/.
15298 CVE-2007-1789 +Info 2007-03-31 2008-11-13
6.8
User Remote Medium Not required Partial Partial Partial
Flyspray 0.9.9 allows remote attackers to obtain sensitive information (private project summaries) via direct requests.
15299 CVE-2007-1788 Bypass 2007-03-31 2008-09-05
6.8
User Remote Medium Not required Partial Partial Partial
Flyspray 0.9.9, when output_buffering is disabled or "set to a low value," allows remote attackers to bypass authentication via a crafted post request.
15300 CVE-2007-1786 Exec Code Sql 2007-03-31 2017-07-28
6.8
User Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in Hitachi Collaboration - Online Community Management 01-00 through 01-30, as used in Groupmax Collaboration Portal, Groupmax Collaboration Web Client, uCosminexus Collaboration Portal, Cosminexus Collaboration Portal, and uCosminexus Content Manager, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.