Primary Vendor -- Product | Description | | CVSS Score | Source & Patch Info | @lexPHPTeam -- @lex Guestbook
| SQL injection vulnerability in index.php in @lex Guestbook 4.0.2 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the lang parameter. | | 7.0 | CVE-2007-0202 BUGTRAQ OTHER-REF OTHER-REF BID SECUNIA
| @lexPHPTeam -- @lex Guestbook
| Multiple directory traversal vulnerabilities in @lex Guestbook 4.0.2 and earlier allow remote attackers to (1) include and execute arbitrary local files via a relative pathname in the lang parameter to index.php, which is handled in livre_include.php, and (2) possibly access arbitrary directories via the aj_skin and skin_edit parameters to admin/skins.php. | | 7.0 | CVE-2007-0205 BUGTRAQ OTHER-REF OTHER-REF BID
| Adam Jarret -- AJLogin
| AJLogin 3.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for ajlogin.mdb. | | 7.0 | CVE-2007-0153 BUGTRAQ XF
| Adobe -- Acrobat Reader
| The Adobe PDF specification 1.3, as implemented by Adobe Acrobat before 8.0.0, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node. | | 7.0 | CVE-2007-0103 BID OTHER-REF XF
| AllMyPHP -- AllMyVisitors
| PHP remote file inclusion vulnerability in index.php in AllMyVisitors 0.4.0 allows remote attackers to execute arbitrary PHP code via a URL in the AMV_serverpath parameter. | | 7.0 | CVE-2007-0170 OTHER-REF BID XF
| Apple -- Mac OS X Preview.app
| The Adobe PDF specification 1.3, as implemented by Apple Mac OS X Preview, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node. | | 7.0 | CVE-2007-0102 OTHER-REF BID XF
| Apple -- Mac OS X Server Apple -- Mac OS X
| DiskManagementTool in the DiskManagement.framework 92.29 on Mac OS X 10.4.8 does not properly validate Bill of Materials (BOM) files, which allows attackers to gain privileges via a BOM file under /Library/Receipts/, which triggers arbitrary file permission changes upon execution of a diskutil permission repair operation. | | 10.0 | CVE-2007-0117 OTHER-REF BID FRSIRT SECUNIA
| b2evolution -- b2evolution
| Cross-site scripting (XSS) vulnerability in htsrv/login.php in b2evolution 1.8.6 allows remote attackers to inject arbitrary web script or HTML via scriptable attributes in the redirect_to parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | | 7.0 | CVE-2007-0175 SECUNIA
| BinGo News -- BinGo News
| PHP remote file inclusion vulnerability in bn_smrep1.php in BinGoPHP News (BP News) 3.01 allows remote attackers to execute arbitrary PHP code via a URL in the bnrep parameter, a different vector than CVE-2006-4648 and CVE-2006-4649. | | 7.0 | CVE-2007-0145 SECTRACK XF
| Cisco -- Secure Access Control Server
| Stack-based buffer overflow in the CSAdmin service in Cisco Secure Access Control Server (ACS) for Windows before 4.1 and ACS Solution Engine before 4.1 allows remote attackers to execute arbitrary code via a crafted HTTP GET request. | | 10.0 | CVE-2007-0105 CISCO BID FRSIRT SECTRACK SECUNIA XF
| Computer Associates -- Server/Business Protection Suite Computer Associates -- BrightStor ARCserve Backup Computer Associates -- Enterprise Backup
| The Tape Engine service in Computer Associates (CA) BrightStor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Server/Business Protection Suite r2 allows remote attackers to execute arbitrary code via certain data in opnum 0xBF in an RPC request, which is directly executed. | | 7.0 | CVE-2007-0168 OTHER-REF OTHER-REF
| Computer Associates -- Server/Business Protection Suite Computer Associates -- BrightStor ARCserve Backup Computer Associates -- Enterprise Backup
| Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Server/Business Protection Suite r2 allow remote attackers to execute arbitrary code via RPC requests with crafted data for opnums (1) 0x2F and (2) 0x75 in the (a) Message Engine RPC service , or opnum (3) 0xCF in the Tape Engine service. | | 7.0 | CVE-2007-0169 OTHER-REF OTHER-REF OTHER-REF
| CreateAuction -- CreateAuction
| SQL injection vulnerability in cats.asp in createauction allows remote attackers to execute arbitrary SQL commands via the catid parameter. | | 7.0 | CVE-2007-0112 BUGTRAQ BID XF
| Dayfox Designs -- Dayfox Blog
| Multiple PHP remote file inclusion vulnerabilities in index.php in Dayfox Blog allow remote attackers to execute arbitrary PHP code via a URL in the (1) page, (2) subject, and (3) q parameters. | | 7.0 | CVE-2007-0150 BUGTRAQ FRSIRT SECUNIA XF
| Digger Solutions -- Intranet Open Source
| Digger Solutions Intranet Open Source (IOS) stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for data/intranet.mdb. | | 7.0 | CVE-2007-0116 BUGTRAQ XF
| DigiAppz -- DigiRez
| SQL injection vulnerability in info_book.asp in Digirez 3.4 and earlier allows remote attackers to execute arbitrary SQL commands via the book_id parameter. | | 7.0 | CVE-2007-0128 OTHER-REF FRSIRT SECUNIA
| Digitizing Quote And Ordering System -- Digitizing Quote And Ordering System
| Cross-site scripting (XSS) vulnerability in search.asp in Digitizing Quote And Ordering System 1.0 allows remote authenticated attackers to inject arbitrary web script or HTML via the ordernum parameter. | | 7.0 | CVE-2007-0144 OTHER-REF SECUNIA XF
| Edit-X -- eCommerce
| PHP remote file inclusion vulnerability in edit_address.php in edit-x ecommerce allows remote attackers to execute arbitrary PHP code via a URL in the include_dir parameter. | | 7.0 | CVE-2007-0190 BUGTRAQ
| EditTag -- EditTag
| Multiple cross-site scripting (XSS) vulnerabilities in EditTag 1.2 allow remote attackers to inject arbitrary web script or HTML via the plain parameter to (1) mkpw_mp.cgi, (2) mkpw.pl, or (3) mkpw.cgi. | | 7.0 | CVE-2007-0119 BUGTRAQ BID
| EF Software -- EF Commander
| Stack-based buffer overflow in EF Commander 5.75 allows user-assisted attackers to execute arbitrary code via a crafted ISO file containing a file within several nested directories, which produces a large filename that triggers the overflow. | | 8.0 | CVE-2007-0180 OTHER-REF SECUNIA
| EMembersPro -- EMembersPro
| EMembersPro 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for users.mdb. | | 7.0 | CVE-2007-0149 BUGTRAQ XF
| F5 -- FirePass SSL VPN
| Multiple cross-site scripting (XSS) vulnerabilities in F5 FirePass SSL VPN allow remote attackers to inject arbitrary web script or HTML via (1) the xcho parameter to my.logon.php3; the (2) topblue, (3) midblue, (4) wtopblue, and certain other Custom color parameters in a per action to vdesk/admincon/index.php; the (5) h321, (6) h311, (7) h312, and certain other Front Door custom text color parameters in a per action to vdesk/admincon/index.php; the (8) ua parameter in a bro action to vdesk/admincon/index.php; the (9) app_param and (10) app_name parameters to webyfiers.php; (11) double eval functions; (12) JavaScript contained in an <FP_DO_NOT_TOUCH> element; and (13) the vhost parameter to my.activation.php. NOTE: it is possible that this candidate overlaps CVE-2006-3550. | | 7.0 | CVE-2007-0186 OTHER-REF OTHER-REF OTHER-REF BID
| F5 -- Firepass
| F5 FirePass 5.4 through 5.5.2 and 6.0 allows remote attackers to access restricted URLs via (1) a trailing null byte, (2) multiple leading slashes, (3) Unicode encoding, (4) URL-encoded directory traversal or same-directory characters, or (5) upper case letters in the domain name. | | 7.0 | CVE-2007-0187 OTHER-REF OTHER-REF BID
| FON -- La Fonera
| FON La Fonera routers do not properly limit DNS service access by unauthenticated clients, which allows remote attackers to tunnel traffic via DNS requests for hosts that should not be accessible before authentication. | | 7.0 | CVE-2007-0193 BUGTRAQ BUGTRAQ
| GeoBB -- GeoBB
| Unspecified vulnerability in the Admin login for Georgian discussion board (GeoBB) before 1.0 has unknown impact and attack vectors. | | 7.0 | CVE-2006-6918 OTHER-REF
| GeoBB -- Georgian Bulletin Board
| ** DISPUTED ** PHP remote file inclusion vulnerability in index.php in GeoBB Georgian Bulletin Board allows remote attackers to execute arbitrary PHP code via a URL in the action parameter. NOTE: CVE disputes this issue, since GeoBB 1.0 sets $action to a whitelisted value. | | 7.0 | CVE-2007-0189 BUGTRAQ VIM XF
| Geoffrey Golliher -- Axiom Photo/News Gallery
| PHP remote file inclusion vulnerability in template.php in Geoffrey Golliher Axiom Photo/News Gallery (axiompng) 0.8.6 allows remote attackers to execute arbitrary PHP code via a URL in the baseAxiomPath parameter. | | 7.0 | CVE-2007-0200 OTHER-REF VIM FRSIRT
| Getahead -- Direct Web Remoting
| Getahead Direct Web Remoting (DWR) before 1.1.4 allows attackers to obtain unauthorized access to public methods via a crafted request that bypasses the include/exclude checks. | | 7.0 | CVE-2007-0184 OTHER-REF BID FRSIRT SECUNIA
| GForge -- GForge
| Cross-site scripting (XSS) vulnerability in search/advanced_search.php in GForge 4.5.11 allows remote attackers to inject arbitrary web script or HTML via the words parameter. | | 7.0 | CVE-2007-0176 BUGTRAQ OTHER-REF BID SECTRACK SECUNIA
| HarikaOnline -- HarikaOnline
| HarikaOnline 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for harikaonline.mdb. | | 7.0 | CVE-2007-0155 BUGTRAQ XF
| HP -- DECnet/OSI
| Unspecified vulnerability in the DECnet-Plus 7.3-2 feature in DECnet/OSI 7.3-2 for OpenVMS ALPHA, and the DECnet-Plus 7.3 feature in DECnet/OSI 7.3 for OpenVMS VAX, allows attackers to obtain "unintended privileged access to data and system resources" via unspecified vectors, related to (1) [SYSEXE]CTF$UI.EXE, (2) [SYSMSG]CTF$MESSAGES.EXE, (3) [SYSHLP]CTF$HELP.HLB, and (4) [SYSMGR]CTF$STARTUP.COM. | | 7.0 | CVE-2007-0139 OTHER-REF OTHER-REF SECUNIA FRSIRT
| iGeneric -- iG Calendar
| SQL injection vulnerability in user.php in iGeneric iG Calendar 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | | 7.0 | CVE-2007-0130 OTHER-REF BID FRSIRT SECUNIA BUGTRAQ XF
| iGeneric -- iG Shop
| SQL injection vulnerability in compare_product.php in iGeneric iG Shop 1.4 allows remote attackers to execute arbitrary SQL commands via the id parameter. | | 7.0 | CVE-2007-0132 OTHER-REF OTHER-REF FRSIRT SECUNIA BUGTRAQ BID XF
| iGeneric -- iG Shop
| Multiple SQL injection vulnerabilities in display_review.php in iGeneric iG Shop 1.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id or (2) user_login_cookie parameter. | | 7.0 | CVE-2007-0133 FRSIRT
| iGeneric -- iG Shop
| Multiple eval injection vulnerabilities in iGeneric iG Shop 1.0 allow remote attackers to execute arbitrary code via the action parameter, which is supplied to an eval function call in (1) cart.php and (2) page.php. | | 7.0 | CVE-2007-0134 OTHER-REF OTHER-REF FRSIRT SECUNIA BUGTRAQ BID XF
| JAMWiki -- JAMWiki
| JAMWiki before 0.5.0 does not properly check permissions during moves of "read-only or admin-only topics," which allows remote attackers to make unauthorized changes to the wiki. | | 7.0 | CVE-2007-0131 OTHER-REF SECUNIA BID XF
| Kolayindir Download -- Kolayindir Download
| SQL injection vulnerability in down.asp in Kolayindir Download (Yenionline) allows remote attackers to execute arbitrary SQL commands via the id parameter. | | 7.0 | CVE-2007-0140 BUGTRAQ BID FRSIRT SECUNIA XF
| LocazoList -- LocazoList Classifieds
| SQL injection vulnerability in main.asp in LocazoList 2.01a beta5 and earlier allows remote attackers to execute arbitrary SQL commands via the subcatID parameter. | | 7.0 | CVE-2007-0129 OTHER-REF XF FRSIRT
| M-Core -- M-Core
| M-Core stores the database under the web document root, which allows remote attackers to obtain sensitive information via a direct request to db/uyelik.mdb. | | 7.0 | CVE-2007-0156 BUGTRAQ XF
| Michael Romedahl -- RI Blog
| Cross-site scripting (XSS) vulnerability in search.asp in RI Blog 1.3 allows remote attackers to inject arbitrary web script or HTML via the q parameter. | | 7.0 | CVE-2007-0121 BUGTRAQ BID FRSIRT SECUNIA XF
| Microsoft -- Internet Explorer
| Integer overflow in the Vector Markup Language (VML) implementation (vgx.dll) in Microsoft Internet Explorer 5.01, 6, and 7 on Windows 2000 SP4, XP SP2, Server 2003, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted web page that contains unspecified integer properties that cause insufficient memory allocation and trigger a buffer overflow, aka the "VML Buffer Overrun Vulnerability." | | 8.0 | CVE-2007-0024 IDEFENSE MS MSKB CERT-VN BID FRSIRT OSVDB SECTRACK SECUNIA XF
| Microsoft -- Excel
| Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows remote attackers to execute arbitrary code via malformed IMDATA records that trigger memory corruption. | | 10.0 | CVE-2007-0027 MS CERT-VN BID FRSIRT SECTRACK
| Microsoft -- Excel
| Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows remote attackers to execute arbitrary code via a malformed record that triggers an "Improper Memory Access," a different issue than CVE-2007-0027. | | 10.0 | CVE-2007-0028 MS CERT-VN FRSIRT
| Microsoft -- Excel
| Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a malformed string, aka "Excel Malformed String Vulnerability." | | 8.0 | CVE-2007-0029 MS BID FRSIRT SECTRACK
| Microsoft -- Excel
| Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via an Excel file with an out-of-range Column field in certain BIFF8 record types, which references arbitrary memory. | | 8.0 | CVE-2007-0030 IDEFENSE MS CERT-VN BID FRSIRT SECTRACK
| Microsoft -- Excel
| Heap-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a BIFF8 spreadsheet with a PALETTE record that contains a large number of entries. | | 8.0 | CVE-2007-0031 IDEFENSE MS CERT-VN BID FRSIRT SECTRACK
| Microsoft -- Outlook
| Microsoft Outlook 2002 and 2003 allows user-assisted remote attackers to execute arbitrary code via a malformed VEVENT record in an .iCal meeting request or ICS file. | | 8.0 | CVE-2007-0033 MS CERT-VN BID FRSIRT SECTRACK SECUNIA
| Microsoft -- Outlook
| Microsoft Outlook 2000, 2002, and 2003 allows user-assisted remote attackers to execute arbitrary code via a crafted Outlook Saved Searches (OSS) file that triggers memory corruption, aka "Microsoft Outlook Advanced Find Vulnerability". | | 8.0 | CVE-2007-0034 MS CERT-VN BID FRSIRT SECTRACK SECUNIA
| MitiSoft -- MitiSoft
| MitiSoft stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for access_MS/MitiSoft.mdb. | | 7.0 | CVE-2007-0151 BUGTRAQ XF
| MKPortal -- MKPortal
| Cross-site scripting (XSS) vulnerability in admin.php in MKPortal allows remote attackers to inject arbitrary web script or HTML via two certain fields in a contents_new operation in the ad_contents section. | | 7.0 | CVE-2007-0191 BUGTRAQ XF
| MKPortal -- MKPortal
| Cross-site request forgery (CSRF) vulnerability in the save_main operation in the ad_perms section in admin.php in MKPortal allows remote attackers to modify privilege settings, as demonstrated using a getURL of admin.php within a .swf file contained in an IFRAME element, aka the "All Guests are Admin" attack. | | 7.0 | CVE-2007-0192 BUGTRAQ
| Motionborg -- Motionborg Web Real Estate
| SQL injection vulnerability in admin_check_user.asp in Motionborg Web Real Estate 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the username field (txtUserName parameter) and possibly other parameters. NOTE: some details were obtained from third party information. | | 7.0 | CVE-2007-0196 OTHER-REF BID XF
| Novell -- Novell Access Manager Identity Server
| Cross-site scripting (XSS) vulnerability in nidp/idff/sso in Novell Access Manager Identity Server before 3.0.0-1013 allows remote attackers to inject arbitrary web script or HTML via the IssueInstant parameter, which is not properly handled in the resulting error message. | | 7.0 | CVE-2007-0110 OTHER-REF BID FRSIRT SECUNIA
| OhhASP -- OhhASP
| OhhASP stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for db/OhhASP.mdb. | | 7.0 | CVE-2007-0152 BUGTRAQ OTHER-REF XF
| Opera Software -- Opera
| The Javascript SVG support in Opera before 9.10 does not properly validate object types in a createSVGTransformFromMatrix request, which allows remote attackers to execute arbitrary code via JavaScript code that uses an invalid object in this request that causes a controlled pointer to be referenced during the virtual function call. | | 7.0 | CVE-2007-0127 IDEFENSE OTHER-REF FRSIRT SECUNIA SECTRACK
| PHP Web Scripts -- Easy Banner Pro
| PHP remote file inclusion vulnerability in info.php in Easy Banner Pro 2.8 allows remote attackers to execute arbitrary PHP code via a URL in the s[phppath] parameter. | | 7.0 | CVE-2007-0178 BUGTRAQ
| PHPKIT -- PHPKIT
| SQL injection vulnerability in comment.php in PHPKIT 1.6.1 R2 allows remote attackers to execute arbitrary SQL commands via the subid parameter. | | 7.0 | CVE-2007-0179 BUGTRAQ BID
| phpMyAdmin -- phpMyAdmin
| Multiple unspecified vulnerabilities in phpMyAdmin before 2.9.2-rc1 have unknown impact and attack vectors. | | 7.0 | CVE-2007-0203 OTHER-REF SECUNIA
| phpMyAdmin -- phpMyAdmin
| Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.9.2-rc1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information, | | 7.0 | CVE-2007-0204 OTHER-REF FRSIRT SECUNIA
| PPC Search Engine -- PPC Search Engine WGS-PPC -- WGS-PPC
| Multiple PHP file inclusion vulnerabilities in WGS-PPC (aka PPC Search Engine), as distributed with other aliases, allow remote attackers to execute arbitrary PHP code via a URL in the INC parameter in (1) config_admin.php, (2) config_main.php, (3) config_member.php, and (4) mysql_config.php in config/; (5) admin.php and (6) index.php in admini/; (7) paypalipn/ipnprocess.php; (8) index.php and (9) registration.php in members/; and (10) ppcbannerclick.php and (11) ppcclick.php in main/. | | 7.0 | CVE-2007-0167 BUGTRAQ VIM BID
| Scriptaty -- Magic Photo Storage Website
| PHP remote file inclusion vulnerability in include/common_function.php in magic photo storage website allows remote attackers to execute arbitrary PHP code via a URL in the _config[site_path] parameter. | | 7.0 | CVE-2007-0181 BUGTRAQ
| Scriptaty -- Magic Photo Storage Website
| Multiple PHP remote file inclusion vulnerabilities in magic photo storage website allow remote attackers to execute arbitrary PHP code via a URL in the _config[site_path] parameter to (1) admin_password.php, (2) add_welcome_text.php, (3) admin_email.php, (4) add_templates.php, (5) admin_paypal_email.php, (6) approve_member.php, (7) delete_member.php, (8) index.php, (9) list_members.php, (10) membership_pricing.php, or (11) send_email.php in admin/; (12) config.php or (13) db_config.php in include/; or (14) add_category.php, (15) add_news.php, (16) change_catalog_template.php, (17) couple_milestone.php, (18) couple_profile.php, (19) delete_category.php, (20) index.php, (21) login.php, (22) logout.php, (23) register.php, (24) upload_photo.php, (25) user_catelog_password.php, (26) user_email.php, (27) user_extend.php, or (28) user_membership_password.php in user/. NOTE: the include/common_function.php vector is already covered by another candidate from the same date. | | 7.0 | CVE-2007-0182 BUGTRAQ
| Shopstorenow -- E-commerce Shopping Cart
| SQL injection vulnerability in orange.asp in ShopStoreNow E-commerce Shopping Cart allows remote attackers to execute arbitrary SQL commands via the CatID parameter. | | 7.0 | CVE-2007-0142 BUGTRAQ BID FRSIRT SECUNIA XF
| Sina -- Sina
| Multiple stack-based multiple buffer overflows in the BRWOSSRE2UC.dll ActiveX Control in Sina UC2006 and earlier allow remote attackers to execute arbitrary code via a long string in the (1) astrVerion parameter to the SendChatRoomOpt function or (2) the astrDownDir parameter to the SendDownLoadFile function. | | 7.0 | CVE-2007-0174 FULLDISC OTHER-REF FRSIRT SECUNIA
| TIS -- Internet Firewall Toolkit
| Buffer overflow in the cmd_usr function in ftp-gw in TIS Internet Firewall Toolkit (FWTK) allows remote attackers to execute arbitrary code via a long destination hostname (dest). | | 10.0 | CVE-2007-0201 OTHER-REF BID SECTRACK XF
| Voice Of Web -- AllMyLinks
| PHP remote file inclusion vulnerability in index.php in AllMyLinks 0.5.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the AML_opensite parameter. | | 7.0 | CVE-2007-0171 OTHER-REF BID XF
| Voice Of Web -- AllMyGuests
| Multiple PHP remote file inclusion vulnerabilities in AllMyGuests 0.3.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the AMG_serverpath parameter to (1) comments.php and (2) signin.php; and possibly via a URL in unspecified parameters to (3) include/submit.inc.php, (4) admin/index.php, (5) include/cm_submit.inc.php, and (6) index.php. | | 7.0 | CVE-2007-0172 OTHER-REF BID XF
| Webulas -- Webulas
| Webulas stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for db/db.mdb. | | 7.0 | CVE-2007-0154 BUGTRAQ XF
| Xpdf -- Xpdf
| The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch 2, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node. | | 7.0 | CVE-2007-0104 BID OTHER-REF XF
|