Primary Vendor -- Product | Description | | CVSS Score | Source & Patch Info | Admin Phorum -- Admin Phorum
| PHP remote file inclusion vulnerability in actions/del.php in Admin Phorum 3.3.1a allows remote attackers to execute arbitrary PHP code via a URL in the include_path parameter. | | 7.0 | CVE-2007-1219 MILW0RM BID FRSIRT
| AJ Forum -- AJ Forum
| SQL injection vulnerability in topic_title.php in AJ Forum 1.0 allows remote attackers to execute arbitrary SQL commands via the td_id parameter. | | 7.0 | CVE-2007-1295 MILW0RM BID SECUNIA
| AJ Square -- AJ Classifieds
| SQL injection vulnerability in postingdetails.php in AJ Classifieds 1.0 allows remote attackers to execute arbitrary SQL commands via the postingid parameter. | | 7.0 | CVE-2007-1296 MILW0RM BID
| AJ Square -- AJDating
| SQL injection vulnerability in view_profile.php in AJDating 1.0 allows remote attackers to execute arbitrary SQL commands via the user_id parameter. | | 7.0 | CVE-2007-1297 MILW0RM BID
| AJ Square -- AJAuction
| SQL injection vulnerability in subcat.php in AJ Auction 1.0 allows remote attackers to execute arbitrary SQL commands via the cate_id parameter. | | 7.0 | CVE-2007-1298 MILW0RM BID
| Angel Learning -- Learning Management Suite
| SQL injection vulnerability in section/default.asp in ANGEL Learning Management Suite (LMS) 7.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | | 7.0 | CVE-2007-1250 BUGTRAQ BUGTRAQ MILW0RM BID
| Apple -- Quicktime
| Integer overflow in Apple QuickTime before 7.1.5, when installed on Windows operating systems, allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted 3GP video file. | | 8.0 | CVE-2007-0711 APPLE OTHER-REF
| Apple -- Quicktime
| Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MIDI file. | | 8.0 | CVE-2007-0712 APPLE OTHER-REF
| Apple -- Quicktime
| Integer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QuickTime movie, related to UDTA atoms. | | 8.0 | CVE-2007-0714 APPLE OTHER-REF
| Apple -- AirPort Extreme
| The default configuration of the AirPort utility in Apple AirPort Extreme creates an IPv6 tunnel but does not enable the "Block incoming IPv6 connections" setting, which might allow remote attackers to bypass intended access restrictions by establishing IPv6 sessions that would have been rejected over IPv4. | | 7.0 | CVE-2007-1338 OTHER-REF
| Aspindir -- HazirSite
| SQL injection vulnerability in giris_yap.asp in Hazir Site 2.0 allows remote attackers to bypass authentication via the (1) k_a class or (2) sifre parameter. | | 7.0 | CVE-2006-7161 BUGTRAQ BID XF
| Audins Audiens -- Audins Audiens
| SQL injection vulnerability in system/index.php in Audins Audiens 3.3 allows remote attackers to execute arbitrary SQL commands via the PHPSESSID cookie. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | | 7.0 | CVE-2007-1242 BID
| Audins Audiens -- Audins Audiens
| Audins Audiens 3.3 allows remote attackers to bypass authentication and perform certain privileged actions, possibly an uninstall of the product, by calling unistall.php with the values cnf=disinstalla and status=on. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | | 7.0 | CVE-2007-1243 BID SECUNIA XF
| Bell Labs -- Plan 9
| Integer overflow in the envwrite function in the Alcatel-Lucent Bell Labs Plan 9 kernel allows local users to overwrite certain memory addresses with kernel memory via a large n argument, as demonstrated by (1) modifying the iseve function to gain privileges and (2) making the devpermcheck function grant unrestricted device permissions. | | 7.0 | CVE-2007-1189 MILW0RM MLIST OTHER-REF BID
| BJ Sintay -- SiteX
| Multiple cross-site scripting (XSS) vulnerabilities in sitex allow remote attackers to inject arbitrary web script or HTML via (1) the sxYear parameter to calendar.php, (2) the search parameter to search.php, (3) the linkid parameter to redirect.php, or (4) the page parameter to calendar_events.php. | | 7.0 | CVE-2007-1234 BUGTRAQ
| BJ Sintay -- SiteX
| Unrestricted file upload vulnerability in sitex allows remote attackers to upload arbitrary PHP code via an avatar filename with a double extension such as .php.jpg, which fails verification and is saved as a .php file. | | 7.0 | CVE-2007-1235 BUGTRAQ
| BJ Sintay -- SiteX
| sitex allows remote attackers to obtain potentially sensitive information via a ' (quote) value for certain parameters, as demonstrated by parameters used in forum and search, which forces a SQL error. | | 7.0 | CVE-2007-1237 BUGTRAQ
| Call-Center-Software -- Call-Center-Software
| SQL injection vulnerability in Call Center Software 0.93 and earlier allows remote attackers to execute arbitrary SQL commands and bypass authentication via the user name in the login page. | | 7.0 | CVE-2006-7144 BUGTRAQ FULLDISC OTHER-REF BID SECUNIA
| Cisco -- Catalyst 7600 Cisco -- Catalyst 6000 Cisco -- Catalyst 6500 Cisco -- Network Analysis Module
| The Network Analysis Module (NAM) in Cisco Catalyst Series 6000, 6500, and 7600 allows remote attackers to execute arbitrary commands via certain SNMP packets that are spoofed from the NAM's own IP address. | | 10.0 | CVE-2007-1257 CISCO
| Cisco -- Catalyst 6500
| Unspecified vulnerability in Cisco IOS 12.2SXA, SXB, SXD, and SXF; and the MSFC2, MSFC2a and MSFC3 running in Hybrid Mode on Cisco Catalyst 6000, 6500 and Cisco 7600 series systems; allows remote attackers on a local network segment to cause a denial of service (software reload) via a certain MPLS packet. | | 7.0 | CVE-2007-1258 CISCO
| Citrix -- Presentation Server Client
| Unspecified vulnerability in Citrix Presentation Server Client for Windows before 10.0 allows remote web sites to execute arbitrary code via unspecified vectors, related to the implementation of ICA connectivity through proxy servers. | | 8.0 | CVE-2007-1196 Citrix FRSIRT
| Coalescent Systems -- freePBX
| PHP remote file inclusion vulnerability in upgrade.php in Coalescent Systems freePBX 2.1.3 allows remote attackers to execute arbitrary PHP code via a URL in the amp_conf[AMPWEBROOT] parameter. | | 7.0 | CVE-2006-7107 MILW0RM BID XF
| Cuttlefish Multimedia Ltd. -- Leicestershire communityPortals
| ** DISPUTED ** PHP remote file inclusion vulnerability in bug.php in Leicestershire communityPortals 1.0 build 20051018 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cp_root_path parameter, a different vector than CVE-2006-5280. NOTE: CVE disputes this issue, since bug.php is not in communityPortals source distributions. | | 8.0 | CVE-2006-7146 BUGTRAQ BID
| Cynux Softwares -- PHPMyDesk
| Directory traversal vulnerability in pmd-config.php in PHPMyDesk 1.0beta allows remote attackers to include arbitrary local files via the pmdlang parameter to viewticket.php. | | 10.0 | CVE-2006-7132 MILW0RM XF
| DBScripts -- DBImageGallery
| Multiple PHP remote file inclusion vulnerabilities in DBImageGallery 1.2.2 allow remote attackers to execute arbitrary PHP code via a URL in the donsimg_base_path parameter to (1) attributes.php, (2) images.php, or (3) scan.php in admin/; or (4) attributes.php, (5) db_utils.php, (6) images.php, (7) utils.php, or (8) values.php in includes/. | | 7.0 | CVE-2007-1164 MILW0RM BID
| DBScripts -- DBGuestbook
| Multiple PHP remote file inclusion vulnerabilities in DBGuestbook 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the dbs_base_path parameter to (1) utils.php, (2) guestbook.php, or (3) views.php in includes/. | | 7.0 | CVE-2007-1165 MILW0RM BID
| Delmaa.com -- arabhost
| PHP remote file inclusion vulnerability in function.php in arabhost allows remote attackers to execute arbitrary PHP code via a URL in the adminfolder parameter. | | 7.0 | CVE-2007-1146 BUGTRAQ VIM
| dmxReady -- Site Engine Manager
| SQL injection vulnerability in index.asp in DMXReady Site Engine Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the mid parameter. | | 8.0 | CVE-2006-7118 BUGTRAQ BID XF
| Docebo -- Docebo
| Multiple cross-site scripting (XSS) vulnerabilities in Docebo CMS 3.0.3 through 3.0.5 allow remote attackers to inject arbitrary web script or HTML via (1) the searchkey parameter to index.php, or the (2) sn or (3) ri parameter to modules/htmlframechat/index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | | 7.0 | CVE-2007-1240 OTHER-REF BID
| Dxmsoft -- XM Easy Personal FTP Server
| Multiple buffer overflows in XM Easy Personal FTP Server 5.3.0 allow remote attackers to execute arbitrary code via unspecified vectors. NOTE: this issue might overlap CVE-2006-2225, CVE-2006-2226, or CVE-2006-5728. | | 7.0 | CVE-2007-1195 OTHER-REF BID
| Epiware -- Epiware
| Multiple unspecified vulnerabilities in Epiware before 4.7.5 have unknown impact and attack vectors, possibly related to cross-site scripting (XSS) and other unspecified issues. | | 7.0 | CVE-2007-1197 OTHER-REF
| Futomi's CGI Cafe -- KMail CGI
| Unspecified vulnerability in Futomi's CGI Cafe KMail CGI 1.0.3 and earlier allows remote attackers to bypass authentication and obtain unauthorized email access via unspecified vectors. | | 7.0 | CVE-2006-7111 OTHER-REF BID SECUNIA XF
| Gnu -- libtool-ltdl
| Untrusted search path vulnerability in the libtool-ltdl library (libltdl.so) 1.5.22-2.3 in Fedora Core 5 might allow local users to execute arbitrary code via a malicious library in the (1) hwcap, (2) 0, and (3) nosegneg subdirectories. | | 8.0 | CVE-2006-7151 BUGTRAQ OTHER-REF BID
| Grok Developments -- NetProxy
| The connection log file implementation in Grok Developments NetProxy 4.03 does not record requests that omit http:// in a URL, which might allow remote attackers to conduct unauthorized activities and avoid detection. | | 10.0 | CVE-2007-1225 MILW0RM BID FRSIRT XF
| Hitachi -- OSAS
| Unspecified vulnerability in Hitachi OSAS/FT/W before 20070223 allows attackers to cause a denial of service (responder control processing halt) by sending "data unexpectedly through the port". | | 7.0 | CVE-2007-1223 OTHER-REF XF
| Icecast -- Ezstream
| Multiple buffer overflows in src/ezstream.c in Ezstream before 0.3.0 allow remote attackers to execute arbitrary code via a crafted XML configuration file processed by the (1) urlParse function, which causes a stack-based overflow and the (2) ReplaceString function, which causes a heap-based overflow. NOTE: some of these details are obtained from third party information. | | 8.0 | CVE-2007-1344 OTHER-REF SECUNIA
| JBoss -- JBoss
| Cross-site request forgery (CSRF) vulnerability in jmx-console/HtmlAdaptor in JBoss allows remote attackers to perform privileged actions as administrators via certain MBean operations, a different vulnerability than CVE-2006-3733. | | 8.0 | CVE-2007-1157 BUGTRAQ BUGTRAQ
| Jelsoft -- vBulletin
| SQL injection vulnerability in inlinemod.php in Jelsoft vBulletin before 3.5.8, and before 3.6.5 in the 3.6.x series, might allow remote authenticated users to execute arbitrary SQL commands via the postids parameter. NOTE: the vendor states that the attack is feasible only in circumstances "almost impossible to achieve." | | 7.0 | CVE-2007-1292 MILW0RM OTHER-REF BID SECUNIA XF
| Jinzora -- Jinzora
| PHP remote file inclusion vulnerability in backend/primitives/cache/media.php in Jinzora 2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the include_path parameter, a different vector than CVE-2006-6770. | | 10.0 | CVE-2006-7130 BUGTRAQ MILW0RM BID XF
| Jinzora -- Jinzora
| PHP remote file inclusion vulnerability in extras/mt.php in Jinzora 2.6 allows remote attackers to execute arbitrary PHP code via the web_root parameter. | | 10.0 | CVE-2006-7131 BUGTRAQ MILW0RM XF
| Joomla! -- BSQ Sitestats
| Cross-site scripting (XSS) vulnerability in the IP Address Lookup functionality in BSQ Sitestats (component for Joomla) 1.8.0, and possibly other versions before 2.2.1, allows remote attackers to inject arbitrary web script and HTML via the ip parameter. | | 7.0 | CVE-2006-7122 BUGTRAQ OTHER-REF BID XF
| Joomla! -- BSQ Sitestats
| Multiple SQL injection vulnerabilities in BSQ Sitestats (component for Joomla) 1.8.0, and possibly other versions before 2.2.1, allow remote attackers to execute arbitrary SQL commands via (1) unspecified parameters when importing the (a) ip-to-country.csv file; and the (2) HTTP Referer, (3) HTTP User Agent, and (4) HTTP Accept Language headers to (b) bsqtemplateinc.php. | | 7.0 | CVE-2006-7123 BUGTRAQ OTHER-REF BID XF
| Joomla! -- BSQ Sitestats
| PHP remote file inclusion vulnerability in external/rssfeeds.php in BSQ Sitestats (component for Joomla) 1.8.0, and possibly other versions before 2.2.1, allows remote attackers to execute arbitrary PHP code via the baseDir parameter. | | 7.0 | CVE-2006-7124 BUGTRAQ OTHER-REF OTHER-REF BID OSVDB XF
| KDE -- K-Mail
| Kmail 1.9.1 on KDE 3.5.2, with "Prefer HTML to Plain Text" enabled, allows remote attackers to cause a denial of service (crash) via an HTML e-mail with certain table and frameset tags that trigger a segmentation fault, possibly involving invalid free or delete operations. | | 7.0 | CVE-2006-7139 BUGTRAQ BUGTRAQ FULLDISC BID XF
| Kubix -- Kubix
| SQL injection vulnerability in includes/functions.php in Kubix 0.7 and earlier allows remote attackers to execute arbitrary SQL commands and bypass authentication via the member_id parameter ($id variable) to index.php. | | 10.0 | CVE-2006-7116 MILW0RM BID XF
| Kubix -- Kubix
| Multiple directory traversal vulnerabilities in Kubix 0.7 and earlier allow remote attackers to (1) include and execute arbitrary local files via ".." sequences in the theme cookie to index.php, which is not properly handled by includes/head.php; and (2) read arbitrary files via ".." sequences in the file parameter in an add_dl action to adm_index.php, as demonstrated by reading connect.php. | | 10.0 | CVE-2006-7117 MILW0RM BID XF XF
| LedgerSMB -- LedgerSMB SQL-Ledger -- SQL-Ledger
| Directory traversal vulnerability in SQL-Ledger, and LedgerSMB before 1.1.5, allows remote attackers to read and overwrite arbitrary files, and execute arbitrary code, via . (dot) characters adjacent to (1) users and (2) users/members strings, which are removed by blacklisting functions that filter these strings and collapse into .. (dot dot) sequences. | | 10.0 | CVE-2007-1329 BUGTRAQ SECTRACK XF
| Linux -- Kernel
| Buffer overflow in the bufprint function in capiutil.c in libcapi, as used in Linux kernel 2.6.9 to 2.6.20 and isdn4k-utils, allows local users to cause a denial of service (crash) and possibly gain privileges via a crafted CAPI packet. | | 7.0 | CVE-2007-1217 OTHER-REF OTHER-REF
| Mambo -- MostlyCE
| PHP remote file inclusion vulnerability in htmltemplate.php in the Chad Auld MOStlyContent Editor (MOStlyCE) on May 2006, a component for Mambo 4.5.4, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | | 7.0 | CVE-2006-7104 BUGTRAQ BID XF
| Mambo -- Mambo Open Source
| Multiple SQL injection vulnerabilities in Mambo 4.6.x allow remote attackers to execute arbitrary SQL commands via the mcname parameter to (1) moscomment.php and (2) com_comment.php. | | 7.0 | CVE-2006-7150 BUGTRAQ OTHER-REF BID XF
| Man Machine Systems -- JBrowser
| JBrowser allows remote attackers to bypass authentication and access certain administrative capabilities via a direct request for _admin/. | | 7.0 | CVE-2007-1156 BUGTRAQ OTHER-REF
| Mani Stats Reader -- Mani Stats Reader
| PHP remote file inclusion vulnerability in index.php in Mani Stats Reader 1.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the ipath parameter. | | 7.0 | CVE-2007-1299 MILW0RM BID XF
| Microsoft -- Xbox 360 kernel
| The Hypervisor in Microsoft Xbox 360 kernel 4532 and 4548 allows attackers with physical access to force execution of the hypervisor syscall with a certain register set, which bypasses intended code protection. | | 7.0 | CVE-2007-1221 BUGTRAQ BID
| MiniBB -- Forum
| PHP remote file inclusion vulnerability in index.php in MiniBB Forum 2 allows remote attackers to execute arbitrary code via a URL in the pathToFiles parameter. | | 7.0 | CVE-2006-7153 BUGTRAQ XF
| MiniBB -- Keyword Replacer
| PHP remote file inclusion vulnerability in addon_keywords.php in Keyword Replacer (keyword_replacer) 1.0 and earlier, a module for miniBB, allows remote attackers to execute arbitrary PHP code via a URL in the pathToFiles parameter. | | 7.0 | CVE-2006-7156 MILW0RM VIM BID FRSIRT OSVDB SECUNIA
| Monitor-Line -- Links Management
| SQL injection vulnerability in index.php in Links Management Application 1.0 allows remote attackers to execute arbitrary SQL commands via the lcnt parameter. | | 7.0 | CVE-2007-1339 MILW0RM BID SECUNIA
| Mozilla -- SeaMonkey Mozilla -- Thunderbird
| Integer overflow in Mozilla Thunderbird before 1.5.0.10 and SeaMonkey before 1.0.8 allows remote attackers to trigger a buffer overflow and possibly execute arbitrary code via a text/enhanced or text/richtext e-mail message with an extremely long line. | | 10.0 | CVE-2007-1282 REDHAT OTHER-REF OTHER-REF
| Mplayer -- Mplayer
| The DMO_VideoDecoder_Open function in loader/dmo/DMO_VideoDecoder.c in MPlayer 1.0rc1 and earlier does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code. | | 8.0 | CVE-2007-1246 OTHER-REF OTHER-REF FRSIRT XF
| Nabocorp -- nabopoll
| SQL injection vulnerability in result.php in Nabopoll 1.2 allows remote attackers to execute arbitrary SQL commands via the surv parameter. | | 7.0 | CVE-2007-1166 BUGTRAQ MILW0RM BID
| Noah Spurrier -- Upload Tool for PHP
| Unrestricted file upload vulnerability in main_user.php in Upload Tool for PHP 1.0 allows remote attackers to upload and execute arbitrary files with executable extensions such as .php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | | 10.0 | CVE-2006-7134 BID FRSIRT SECUNIA XF
| Novell -- BorderManager
| Novell BorderManager 3.8 SP4 generates the same ISAKMP cookies for the same source IP and port number during the same day, which allows remote attackers to conduct denial of service and replay attacks. NOTE: this issue might be related to CVE-2006-5286. | | 7.0 | CVE-2006-7155 OTHER-REF VIM BID FRSIRT OSVDB SECTRACK SECUNIA XF
| Oracle -- Application Express
| Cross-site scripting (XSS) vulnerability in Oracle Application Express (APEX) before 2.2.1, aka Oracle HTML DB, allows remote attackers to inject arbitrary web script or HTML via the NOTIFICATION_MSG parameter. NOTE: it is likely that this issue overlaps one of the identifiers in CVE-2006-5351. | | 8.0 | CVE-2006-7158 BUGTRAQ OTHER-REF SECUNIA XF
| OrangeHRM -- OrangeHRM
| Multiple unspecified vulnerabilities in the Login page in OrangeHRM before 20070212 have unknown impact and attack vectors. | | 7.0 | CVE-2007-1193 OTHER-REF BID FRSIRT
| OSU Open Source Lab -- Maintain
| ** DISPUTED ** PHP remote file inclusion vulnerability in lib/php/phphtmllib-2.5.4/examples/example6.php for maintain 3.0.0-RC2 allows remote attackers to execute arbitrary PHP code via a URL in the phphtmllib parameter. NOTE: this issue might be in phpHtmlLib. NOTE: CVE disputes this issue for proper installations of maintain, since $phphtmllib is set in includes.inc before being used in example6.php. | | 10.0 | CVE-2006-7120 BUGTRAQ BID XF
| Parallels -- Parallels Desktop
| Parallels Desktop for Mac before 20070216 implements Drag and Drop by sharing the entire host filesystem as the .psf share, which allows local users of the guest operating system to write arbitrary files to the host filesystem, and execute arbitrary code via launchd by writing a plist file to a LaunchAgents directory. | | 7.0 | CVE-2007-1222 MLIST SECUNIA
| PHP Poll Creator -- PHP Poll Creator
| PHP remote file inclusion vulnerability in lib/functions.inc.php in PHP Poll Creator (phpPC) 1.04 allows remote attackers to execute arbitrary PHP code via a URL in the relativer_pfad parameter, a different vector and version than CVE-2005-1755. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | | 7.0 | CVE-2006-7135 SECUNIA XF
| phpBB -- Import Tools
| PHP remote file inclusion vulnerability in includes/functions_mod_user.php in phpBB Import Tools Mod 0.1.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | | 7.0 | CVE-2006-7147 MILW0RM BID XF
| phpBB -- maluinfo
| PHP remote file inclusion vulnerability in includes/bb_usage_stats.php in maluinfo 206.2.38 for Brazilian PHPBB allows remote attackers to execute arbitrary PHP code via the phpbb_root_path parameter. NOTE: this might be the same issues as CVE-2006-4893. | | 7.0 | CVE-2006-7148 BUGTRAQ BID XF
| PHPGiggle -- PHPGiggle
| PHP remote file inclusion vulnerability in kernel/system/startup.php in J. He PHPGiggle 12.08 and earlier, as distributed on comscripts.com, allows remote attackers to execute arbitrary PHP code via a URL in the CFG_PHPGIGGLE_ROOT parameter. | | 7.0 | CVE-2006-7119 MILW0RM XF
| PHPKIT -- PHPKIT
| SQL injection vulnerability in PHPKit 1.6.1 RC2 allows remote attackers to inject arbitrary SQL commands via the catid parameter to include.php when the path parameter is set to faq/faq.php, and other unspecified vectors involving guestbook/print.php. | | 7.0 | CVE-2006-7115 BUGTRAQ OTHER-REF BID OSVDB SECUNIA XF
| phpMyAdmin -- phpMyAdmin
| The PMA_ArrayWalkRecursive function in libraries/common.lib.php in phpMyAdmin before 2.10.0.2 does not limit recursion on arrays provided by users, which allows context-dependent attackers to cause a denial of service (web server crash) via an array with many dimensions. NOTE: it could be argued that this vulnerability is caused by a problem in PHP (CVE-2006-1549) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in phpMyAdmin. | | 8.0 | CVE-2007-1325 OTHER-REF OTHER-REF OTHER-REF BID FRSIRT
| phpPC -- PHP Poll Creator
| Multiple PHP remote file inclusion vulnerabilities in PHP Poll Creator (phpPC) 1.04 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the relativer_pfad parameter to (1) poll.php, (2) poll_kommentar.php, and (3) poll_sm.php, different vectors and version than CVE-2005-1755. | | 10.0 | CVE-2006-7136 MILW0RM BID SECUNIA XF
| Planerd.net -- P-News
| Unrestricted file upload vulnerability in P-News 2.0 allows remote attackers to upload and execute arbitrary files via an avatar file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | | 10.0 | CVE-2006-7113 BID FRSIRT SECUNIA XF
| Planerd.net -- P-News
| P-News 2.0 stores db/user.txt under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as usernames and password hashes via a direct request. NOTE: this might be the same issue as CVE-2006-6888. | | 10.0 | CVE-2006-7114 FRSIRT SECUNIA XF
| PowerPhlogger -- PowerPhlogger
| PHP remote file inclusion vulnerability in config.inc.php3 in Power Phlogger 2.0.9 and earllier allows remote attackers to execute arbitrary PHP code via a URL in the rel_path parameter. | | 7.0 | CVE-2006-7106 MILW0RM BID BID XF
| Salims Softhouse -- JAF CMS
| Multiple PHP remote file inclusion vulnerabilities in JAF CMS 4.0 allow remote attackers to execute arbitrary PHP code via a URL in the main_dir parameter to (1) forum/main.php and (2) forum/headlines.php. | | 7.0 | CVE-2006-7127 MILW0RM OTHER-REF BID SECUNIA XF
| Salims Softhouse -- JAF CMS
| PHP remote file inclusion vulnerability in forum/forum.php JAF CMS 4.0 RC1 allows remote attackers to execute arbitrary PHP code via a URL in the website parameter. | | 7.0 | CVE-2006-7128 MILW0RM OTHER-REF BID SECUNIA XF
| Sava's Place -- Sava's Guestbook
| Multiple cross-site scripting (XSS) vulnerabilities in add2.php in Sava's Guestbook 23.11.2006 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) country, (3) email, and (4) website parameters. | | 7.0 | CVE-2007-1305 BUGTRAQ BID
| Serendipity -- Serendipity
| SQL injection vulnerability in index.php in Serendipity 1.1.1 allows remote attackers to execute arbitrary SQL commands via the serendipity[multiCat][] parameter. | | 7.0 | CVE-2007-1326 BUGTRAQ XF
| Smarty -- Smarty
| ** DISPUTED ** PHP remote file inclusion vulnerability in libs/Smarty.class.php in Smarty 2.6.9 allows remote attackers to execute arbitrary PHP code via a URL in the filename parameter. NOTE: in the original disclosure, filename is used in a function definition, so this report is probably incorrect. | | 10.0 | CVE-2006-7105 FULLDISC FULLDISC BID XF
| SourceForge -- phpBurningPortal
| Multiple PHP remote file inclusion vulnerabilities in phpBurningPortal quiz-modul 1.0.1, and possibly earlier, allow remote attackers to execute arbitrary PHP code via a URL in the lang_path parameter to (1) quest_delete.php, (2) quest_edit.php, or (3) quest_news.php. | | 10.0 | CVE-2006-7102 MILW0RM BID XF
| SQLite Manager -- SQLite Manager
| Directory traversal vulnerability in SQLiteManager 1.2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in a SQLiteManager_currentTheme cookie. | | 10.0 | CVE-2007-1232 BUGTRAQ BID
| STWC-Counter -- STWC-Counter
| PHP remote file inclusion vulnerability in downloadcounter.php in STWC-Counter 3.4.0.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the stwc_counter_verzeichniss parameter. | | 10.0 | CVE-2007-1233 MILW0RM BID XF
| TCPDump -- TCPDump
| Off-by-one buffer overflow in the parse_elements function in the 802.11 printer code (print-802_11.c) for tcpdump 3.9.5 and earlier allows remote attackers to cause a denial of service (crash) via a crafted 802.11 frame. NOTE: this was originally referred to as heap-based, but it might be stack-based. | | 7.0 | CVE-2007-1218 FULDISC OTHER-REF OTHER-REF
| TKS Banking Solutions -- ePortfolio
| Multiple cross-site request forgery (CSRF) vulnerabilities in TKS Banking Solutions ePortfolio 1.0 Java allow remote attackers to perform unspecified restricted actions in the context of certain accounts by bypassing the client-side protection scheme. | | 8.0 | CVE-2007-1332 BUGTRAQ OTHER-REF OTHER-REF BID
| Trend Micro -- ServerProtect
| Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 allows remote attackers to access arbitrary web pages and reconfigure the product via HTTP requests with the splx_2376_info cookie to the web interface port (14942/tcp). | | 7.0 | CVE-2007-1168 IDEFENSE OTHER-REF BID FRSIRT SECTRACK SECUNIA
| Tyger -- Bug Tracking System
| SQL injection vulnerability in ViewReport.php in Tyger Bug Tracking System (TygerBT) 1.1.3 allows remote attackers to execute arbitrary SQL commands via the bug parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | | 7.0 | CVE-2007-1290 SECUNIA
| WebAPP -- WebAPP
| WebAPP before 0.9.9.5 does not check access in certain contexts related to (1) Calendar Administration, (2) Instant Messages Administration, and (3) the Image Uploader, which has unknown impact and attack vectors. | | 7.0 | CVE-2007-1178 OTHER-REF BID FRSIRT SECUNIA
| WebAPP -- WebAPP
| WebAPP before 0.9.9.5 allows remote authenticated users to spoof another user's Real Name via whitespace, which has unknown impact and attack vectors. | | 7.0 | CVE-2007-1183 OTHER-REF BID FRSIRT SECUNIA
| WebAPP -- WebAPP
| The default configuration of WebAPP before 0.9.9.5 has a CAPTCHA setting of "no," which makes it easier for automated programs to submit false data. | | 7.0 | CVE-2007-1184 OTHER-REF BID FRSIRT SECUNIA
| WebAPP -- WebAPP
| WebAPP before 0.9.9.5 allows remote attackers to submit Search form input that is not checked for (1) composition or (2) length, which has unknown impact, possibly related to "search form hijacking". | | 7.0 | CVE-2007-1188 OTHER-REF BID FRSIRT SECUNIA
| WebAPP -- WebAPP
| Multiple unspecified vulnerabilities in WebAPP before 0.9.9.6 have unknown impact and attack vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended. | | 8.0 | CVE-2007-1259 OTHER-REF OTHER-REF FRSIRT SECUNIA
| WebCalendar -- WebCalendar
| includes/functions.php in Craig Knudsen WebCalendar before 1.0.5 does not protect the noSet variable from external modification, which allows remote attackers to set arbitrary global variables via a URL with modified values in the noSet parameter, which leads to resultant vulnerabilities that probably include remote file inclusion and other issues. | | 7.0 | CVE-2007-1343 OTHER-REF OTHER-REF OTHER-REF BID SECUNIA
| WebMobo -- WBNews
| Multiple PHP remote file inclusion vulnerabilities in Webmobo WB News 1.4.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the config[installdir] parameter to (1) comment.php, (2) themes.php, (3) directory.php, and (4) sendmsg.php in admin/. | | 10.0 | CVE-2007-1288 BUGTRAQ XF
| WebMod -- WebMod
| Stack-based buffer overflow in the connectHandle function in server.cpp in WebMod 0.48 allows remote attackers to execute arbitrary code via a long string in the Content-Length HTTP header. | | 7.0 | CVE-2007-1260 OTHER-REF SECUNIA
| webSPELL -- webSPELL
| webSPELL 4.0, and possibly later versions, allows remote attackers to bypass authentication via a ws_auth cookie, a different vulnerability than CVE-2006-4782. | | 10.0 | CVE-2007-1160 BUGTRAQ
| webSPELL -- webSPELL
| SQL injection vulnerability in printview.php in webSPELL 4.01.02 and earlier allows remote attackers to execute arbitrary SQL commands via the topic parameter, a different vector than CVE-2007-1019, CVE-2006-5388, and CVE-2006-4783. | | 7.0 | CVE-2007-1163 MILW0RM BID
| Weltennetz -- News-Letterman
| PHP remote file inclusion vulnerability in eintrag.php in Weltennetz News-Letterman 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the sqllog parameter. | | 7.0 | CVE-2007-1340 MILW0RM BID XF
| WordPress -- WordPress
| WordPress 2.1.1, as downloaded from some official distribution sites during February and March 2007, contains an externally introduced backdoor that allows remote attackers to execute arbitrary commands via (1) an eval injection vulnerability in the ix parameter to wp-includes/feed.php, and (2) an untrusted passthru call in the iz parameter to wp-includes/theme.php. | | 7.0 | CVE-2007-1277 OTHER-REF OTHER-REF CERT-VN CERT-VN
|