Primary Vendor -- Product | Description | | CVSS Score | Source & Patch Info | ABC-View -- ABC-View Manager
| Buffer overflow in ABC-View Manager 1.42 allows user-assisted remote attackers to execute arbitrary code via a crafted .PSP file. | | 8.0 | CVE-2007-2284 MILW0RM BID FRSIRT SECUNIA XF
| ACDSee -- ACDSee ACDSee -- Photo Editor ACDSee -- ACDSee Pro
| Stack-based buffer overflow in the ID_X.apl plugin in ACDSee 9.0 Build 108, Pro 8.1 Build 99, and Photo Editor 4.0 Build 195 allows user-assisted remote attackers to execute arbitrary code via a crafted XPM file with a long section string. NOTE: some of these details are obtained from third party information. | | 8.0 | CVE-2007-2193 MILW0RM FRSIRT SECUNIA BID XF
| Adobe -- Photoshop
| Multiple buffer overflows in Adobe Photoshop CS2 and CS3 allow user-assisted remote attackers to execute arbitrary code via a crafted (1) BMP, (2) DIB, or (3) RLE file. | | 8.0 | CVE-2007-2244 MILW0RM BID FRSIRT SECUNIA XF
| Advanced Webhost Billing System -- Advanced Webhost Billing System
| PHP remote file inclusion vulnerability in docs/front-end-demo/cart2.php in Advanced Webhost Billing System (AWBS) 2.4.0 allows remote attackers to execute arbitrary PHP code via a URL in the workdir parameter. | | 7.0 | CVE-2007-2272 MILW0RM BID XF
| AimStats -- AimStats
| Static code injection vulnerability in process.php in AimStats 3.2 allows remote attackers to inject PHP code into config.php via the number parameter in an update action. | | 7.0 | CVE-2007-2167 MILW0RM FRSIRT OTHER-REF BID SECUNIA XF
| Alessandro Lulli -- wavewoo
| PHP remote file inclusion vulnerability in include/loading.php in Alessandro Lulli wavewoo 0.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the path_include parameter. | | 7.0 | CVE-2007-2273 MILW0RM SECUNIA BID FRSIRT
| Alexscriptengine -- Download-Engine
| Multiple PHP remote file inclusion vulnerabilities in Download-Engine 1.4.3 allow remote attackers to execute arbitrary PHP code via a URL in the (1) eng_dir parameter to addmember.php, (2) lang_path parameter to admin/enginelib/class.phpmailer.php, and the (3) spaw_root parameter to admin/includes/spaw/dialogs/colorpicker.php, different vectors than CVE-2006-5291 and CVE-2006-5459. NOTE: vector 3 might be an issue in SPAW. | | 7.0 | CVE-2007-2255 BUGTRAQ XF
| Alexscriptengine -- Download-Engine
| PHP remote file inclusion vulnerability in admin/includes/spaw/dialogs/insert_link.php in download engine (Download-Engine) 1.4.1 allows remote authenticated users to execute arbitrary PHP code via a URL in the spaw_root parameter, a different vector than CVE-2007-2255. NOTE: this may be an issue in SPAW. | | 7.0 | CVE-2007-2289 BUGTRAQ
| Antonio Da Cruz -- Photofiltre Studio
| Buffer overflow in Photofiltre Studio 8.1.1 allows user-assisted remote attackers to execute arbitrary code via a crafted .tif file. | | 8.0 | CVE-2007-2192 MILW0RM BID FRSIRT SECUNIA XF
| Apple -- Mac OS X Server Apple -- Mac OS X
| Buffer overflow in the AirPortDriver module for AirPort in Apple Mac OS X 10.3.9 through 10.4.9, when running on hardware with the original AirPort wireless card, allows local users to execute arbitrary code by "sending malformed control commands." | | 7.0 | CVE-2007-0725 OTHER-REF APPLE FRSIRT BID SECUNIA
| Apple -- Mac OS X Server Apple -- Mac OS X
| Apple File Protocol (AFP) Client in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment before executing commands, which allows local users to gain privileges by setting unspecified environment variables. | | 7.0 | CVE-2007-0729 OTHER-REF APPLE CERT-VN FRSIRT BID SECTRACK SECUNIA
| Apple -- Mac OS X Server Apple -- Mac OS X
| Unspecified vulnerability in the CoreServices daemon in CarbonCore in Apple Mac OS X 10.4 through 10.4.9 allows local users to gain privileges via unspecified vectors involving "obtaining a send right to [the] Mach task port." | | 7.0 | CVE-2007-0732 OTHER-REF APPLE FRSIRT BID SECTRACK SECUNIA
| Apple -- Mac OS X Server Apple -- Mac OS X
| Use-after-free vulnerability in Libinfo in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors involving crafted web pages that trigger certain error conditions that are not properly reported in certain circumstances, resulting in accessing deallocated memory. | | 8.0 | CVE-2007-0735 OTHER-REF APPLE BID FRSIRT SECTRACK SECUNIA
| Apple -- Mac OS X Server Apple -- Mac OS X
| Integer overflow in the RPC library in Libinfo in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to execute arbitrary code via crafted requests to portmap. | | 8.0 | CVE-2007-0736 OTHER-REF APPLE BID FRSIRT SECTRACK SECUNIA XF
| Apple -- Mac OS X
| Buffer overflow in natd in network_cmds in Apple Mac OS X 10.3.9 through 10.4.9, when Internet Sharing is enabled, allows remote attackers to execute arbitrary code via malformed RTSP packets. | | 7.0 | CVE-2007-0741 OTHER-REF APPLE BID FRSIRT SECTRACK SECUNIA
| Apple -- Mac OS X Server Apple -- Mac OS X
| SMB in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment when executing commands, which allows local users to gain privileges by setting unspecified environment variables. | | 7.0 | CVE-2007-0744 OTHER-REF APPLE BID FRSIRT SECUNIA
| Apple -- Mac OS X Server Apple -- Mac OS X
| Heap-based buffer overflow in the VideoConference framework in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to execute arbitrary code via a "crafted SIP packet when initializing an audio/video conference". | | 10.0 | CVE-2007-0746 OTHER-REF APPLE CERT-VN BID FRSIRT SECTRACK SECUNIA
| Apple -- Mac OS X Server Apple -- Mac OS X
| load_webdav in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment when mounting a WebDAV filesystem, which allows local users to gain privileges by setting unspecified environment variables. | | 7.0 | CVE-2007-0747 OTHER-REF APPLE BID FRSIRT CERT-VN SECTRACK SECUNIA
| Apple -- Safari
| Unspecified vulnerability in Apple QuickTime, as used in Safari and other browsers, and when Java is enabled, allows remote attackers to execute arbitrary code via unspecified vectors involving Javascript errors, as demonstrated during the "PWN 2 0WN" contest at CanSecWest 2007. | | 10.0 | CVE-2007-2175 OTHER-REF OTHER-REF OTHER-REF OTHER-REF SECTRACK XF
| Apple -- Quicktime
| Heap-based buffer overflow in the JVTCompEncodeFrame function in Apple Quicktime 7.1.5 and earlier allows remote attackers to execute arbitrary code via a crafted MOV file. | | 8.0 | CVE-2007-2295 OTHER-REF BID
| Apple -- Quicktime
| Integer overflow in the FlipFileTypeAtom_BtoN function in Apple Quicktime 7.1.5 and earlier allows remote attackers to execute arbitrary code via a crafted MP4 file. | | 8.0 | CVE-2007-2296 OTHER-REF BID
| Arash -- AudioCMS
| Multiple PHP remote file inclusion vulnerabilities in audioCMS arash 0.1.4 allow remote attackers to execute arbitrary PHP code via a URL in the arashlib_dir parameter to (1) edit.inc.php and (2) list_features.inc.php in arash_lib/include, and (3) arash_gadmin.class.php and (4) arash_sadmin.class.php in arash_lib/class/. | | 7.0 | CVE-2007-2301 MILW0RM BID FRSIRT
| Asterisk -- Asterisk
| Multiple stack-based buffer overflows in the process_sdp function in chan_sip.c of the SIP channel T.38 SDP parser in Asterisk before 1.4.3 allow remote attackers to execute arbitrary code via a long (1) T38FaxRateManagement or (2) T38FaxUdpEC SDP parameter in an SIP message, as demonstrated using SIP INVITE. | | 8.0 | CVE-2007-2293 BUGTRAQ OTHER-REF BID SECTRACK SECUNIA
| Autostand Category -- Autostand Category
| PHP remote file inclusion vulnerability in the AutoStand 1.1 and earlier module for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to mod_as_category.php in (1) modules/mod_as_category/ or (2) modules/. | | 7.0 | CVE-2007-2319 MILW0RM BID FRSIRT XF
| Bibtex -- Mase
| Multiple PHP remote file inclusion vulnerabilities in bibtex mase beta 2.0 allow remote attackers to execute arbitrary PHP code via a URL in the bibtexrootrel parameter to (1) unavailable.php, (2) source.php, (3) log.php, (4) latex.php, (5) indexinfo.php, (6) index.php, (7) importinfo.php, (8) import.php, (9) examplefile.php, (10) clearinfo.php, (11) clear.php, (12) aboutinfo.php, (13) about.php, and other unspecified files. | | 7.0 | CVE-2007-2260 BUGTRAQ
| BloofoxCMS -- BloofoxCMS
| ** DISPUTED ** PHP remote file inclusion vulnerability in install/index.php in BlooFoxCMS 0.2.2 allows remote attackers to execute arbitrary PHP code via a URL in the content_php parameter. NOTE: this issue has been disputed by a reliable third party, stating that content_php is initialized before use. | | 7.0 | CVE-2007-2311 BUGTRAQ VIM
| Built2Go -- PHP Link Portal
| PHP remote file inclusion vulnerability in config.php in Built2Go PHP Link Portal 1.79 allows remote attackers to execute arbitrary PHP code via a URL in the full_path_to_db parameter. | | 7.0 | CVE-2007-2286 BUGTRAQ BID
| CA -- CleverPath Portal
| SQL injection vulnerability in CA Clever Path Portal allows remote attackers to execute limited SQL commands and retrieve arbitrary database contents via (1) the ofinterest parameter in a light search query, (2) description parameter in the advanced search query, and possiby other vectors. | | 7.0 | CVE-2007-2230 FULLDISC OTHER-REF
| CafeLog -- b2
| Multiple PHP remote file inclusion vulnerabilities in B2 Weblog and News Publishing Tool 0.6.1 allow remote attackers to execute arbitrary PHP code via a URL in the b2inc parameter to (1) b2archives.php, (2) b2categories.php, or (3) b2mail.php. NOTE: this may overlap CVE-2002-1466. | | 7.0 | CVE-2007-2290 BUGTRAQ BID
| Check Point Software -- ZoneAlarm
| The IOCTL handling in srescan.sys in the ZoneAlarm Spyware Removal Engine (SRE) in Check Point ZoneAlarm before 5.0.156.0 allows local users to execute arbitrary code via certain IOCTL lrp parameter addresses. | | 7.0 | CVE-2007-2174 IDEFENSE BID SECTRACK SECUNIA BUGTRAQ FRSIRT XF
| Cisco -- Netflow Collection Engine
| Cisco Network Services (CNS) NetFlow Collection Engine (NFC) before 6.0 has an nfcuser account with the default password nfcuser, which allows remote attackers to modify the product configuration and, when installed on Linux, obtain login access to the host operating system. | | 10.0 | CVE-2007-2282 CISCO BID FRSIRT SECTRACK XF
| Computer Associates -- BrightStor ARCserve Backup Computer Associates -- Server Protection Suite Computer Associates -- Business Protection Suite
| Multiple stack-based buffer overflows in the SUN RPC service in CA (formerly Computer Associates) BrightStor ARCserve Media Server, as used in BrightStor ARCserve Backup 9.01 through 11.5 SP2, BrightStor Enterprise Backup 10.5, Server Protection Suite 2, and Business Protection Suite 2, allow remote attackers to execute arbitrary code via malformed RPC strings, a different vulnerability than CVE-2006-5171, CVE-2006-5172, and CVE-2007-1785. | | 10.0 | CVE-2007-2139 BUGTRAQ OTHER-REF OTHER-REF BID CERT-VN FRSIRT SECUNIA XF
| Comus -- Comus
| PHP remote file inclusion vulnerability in accept.php in comus 2.0 Final allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter. | | 7.0 | CVE-2007-2287 BUGTRAQ BID
| CoSign -- CoSign
| The CHECK command in Cosign 2.0.1 and earlier allows remote attackers to bypass authentication requirements via CR (\r) sequences in the cosign cookie parameter. | | 7.0 | CVE-2007-2232 BUGTRAQ OTHER-REF FRSIRT SECUNIA
| DCP-Portal -- DCP-Portal
| Multiple PHP remote file inclusion vulnerabilities in DCP-Portal 6.1.1 allow remote attackers to execute arbitrary PHP code via a URL in (1) the path parameter to library/adodb/adodb.inc.php, (2) the abs_path_editor parameter to library/editor/editor.php, or (3) the cfgfile_to_load parameter to admin/phpMyAdmin/libraries/common.lib.php. | | 7.0 | CVE-2007-2278 BUGTRAQ
| DeltaScripts -- PHP Classifieds
| PHP remote file inclusion vulnerability in admin/setup/level2.php in PHP Classifieds 6.04, and probably earlier versions, allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter. NOTE: this product was referred to as "Allfaclassfieds" in the original disclosure. | | 7.0 | CVE-2007-2254 BUGTRAQ VIM XF
| DmCMS -- DmCMS
| Unrestricted file upload vulnerability in includes/upload_file.php in DmCMS allows remote attackers to upload arbitrary PHP scripts by placing a script's contents in both the File2 and File3 parameters, and sending a ok.php?do=act Referer. | | 7.0 | CVE-2007-2214 BUGTRAQ BID FRSIRT
| Doruk100.net -- Doruk100net
| PHP remote file inclusion vulnerability in info.php in Doruk100.net doruk100net allows remote attackers to execute arbitrary PHP code via a URL in the file parameter. | | 7.0 | CVE-2007-2288 BUGTRAQ BID
| Double Precision Incorporated -- Courier-IMAP
| Eval injection vulnerability in (1) courier-imapd.indirect and (2) courier-pop3d.indirect in Courier-IMAP before 4.0.6-r2, and 4.1.x before 4.1.2-r1, on Gentoo Linux allows remote attackers to execute arbitrary commands via the XMAILDIR variable, related to the LOGINRUN variable. | | 10.0 | CVE-2007-2173 OTHER-REF GENTOO SECUNIA BID XF
| DynaTracker -- DynaTracker
| PHP remote file inclusion vulnerability in includes_handler.php in DynaTracker 151 allows remote attackers to execute arbitrary PHP code via a URL in the base_path parameter. | | 7.0 | CVE-2007-2330 BUGTRAQ
| EsForum -- EsForum
| SQL injection vulnerability in forum.php in EsForum 3.0 allows remote attackers to execute arbitrary SQL commands via the idsalon parameter. | | 7.0 | CVE-2007-2259 BUGTRAQ BID FRSIRT SECUNIA XF
| Expow -- Expow
| PHP remote file inclusion vulnerability in autoindex.php in Expow 0.8 allows remote attackers to execute arbitrary PHP code via a URL in the cfg_file parameter. | | 7.0 | CVE-2007-2302 MILW0RM BID XF
| eXtremail -- eXtremail
| Stack-based buffer overflow in eXtremail 2.1.1 and earlier allows remote attackers to execute arbitrary code via a long DNS response. NOTE: this might be related to CVE-2006-6926. | | 10.0 | CVE-2007-2187 FULLDISC MILW0RM OTHER-REF BID
| eXtremail -- eXtremail
| eXtremail 2.1.1 and earlier does not verify the ID field (aka transaction id) in DNS responses, which makes it easier for remote attackers to conduct DNS spoofing. | | 10.0 | CVE-2007-2188 FULLDISC BID
| Extreme phpBB -- Extreme phpBB
| Multiple PHP remote file inclusion vulnerabilities in Extreme PHPBB2 3.0 Pre Final allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter to (1) functions.php or (2) functions_portal.php in includes/. | | 7.0 | CVE-2007-2208 BUGTRAQ XF
| FileZilla -- FileZilla
| Multiple format string vulnerabilities in FileZilla before 2.2.32 allow remote attackers to execute arbitrary code via format string specifiers in (1) FTP server responses or (2) data sent by an FTP server. NOTE: some of these details are obtained from third party information. | | 10.0 | CVE-2007-2318 OTHER-REF BID SECUNIA
| FreshDevices -- FreshView
| Buffer overflow in Fresh View 7.15 allows user-assisted remote attackers to execute arbitrary code via a crafted .PSP file. | | 8.0 | CVE-2007-2283 MILW0RM BID FRSIRT
| Frogss -- Frogss CMS
| Multiple SQL injection vulnerabilities in Frogss CMS 0.7 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) dzial parameter to (a) katalog.php, or the (2) t parameter to (b) forum.php or (c) forum/viewtopic.php, different vectors than CVE-2006-4536. | | 7.0 | CVE-2007-2299 MILW0RM BID FRSIRT XF
| Fully Modded phpBB -- Fully Modded phpBB2
| PHP remote file inclusion vulnerability in subscp.php in Fully Modded phpBB2 allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | | 7.0 | CVE-2007-2257 BUGTRAQ BID XF
| Gentoo -- XnView
| Stack-based buffer overflow in XnView 1.90.3 allows user-assisted remote attackers to execute arbitrary code via a crafted XPM file with a long section string. NOTE: some of these details are obtained from third party information. | | 10.0 | CVE-2007-2194 MILW0RM FRSIRT SECUNIA BID XF
| GForge -- Garennes
| Multiple PHP remote file inclusion vulnerabilities in Garennes 0.6.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the repertoire_config parameter to index.php in (1) cpe/, (2) direction/, or (3) professeurs/. | | 7.0 | CVE-2007-2298 MILW0RM BID FRSIRT
| GoldCoders -- HYIP Manager Pro
| Multiple PHP remote file inclusion vulnerabilities in HYIP Manager Pro allow remote attackers to execute arbitrary PHP code via a URL in the plugin_file parameter to (1) Smarty.class.php and (2) Smarty_Compiler.class.php in inc/libs/; (3) core.display_debug_console.php, (4) core.load_plugins.php, (5) core.load_resource_plugin.php, (6) core.process_cached_inserts.php, (7) core.process_compiled_include.php, and (8) core.read_cache_file.php in inc/libs/core/; and other unspecified files. NOTE: (1) and (2) might be incorrectly reported vectors in Smarty. | | 7.0 | CVE-2007-2326 BUGTRAQ
| GPL PHP Board -- GPL PHP Board
| Multiple PHP remote file inclusion vulnerabilities in GPL PHP Board (GPB) unstable-2001.11.14-1 allow remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) db.mysql.inc.php or (2) gpb.inc.php in include/, or the (3) theme parameter to themes/ubb/login.php. | | 7.0 | CVE-2007-2204 MILW0RM BID FRSIRT XF
| GraceNote -- CDDBControl ActiveX Control
| Multiple buffer overflows in the CDDBControl ActiveX control in Gracenote CDDB before 20070418 allow remote attackers to execute arbitrary code via long values for certain Proxy configuration parameters. | | 8.0 | CVE-2007-0443 OTHER-REF OTHER-REF BID SECTRACK SECUNIA BUGTRAQ FRSIRT XF
| InterVideo -- Home Theater
| Multiple buffer overflows in the WinDVDX ActiveX control in InterVideo Home Theater 2.1.13.0 and 2.5.13.58 allow remote attackers to execute arbitrary code via a long string argument to the (1) GetDiscType or (2) AddFileList method. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | | 10.0 | CVE-2007-2323 SECUNIA
| Labs4 -- htmlEditbox
| PHP remote file inclusion vulnerability in _editor.php in HTMLeditbox 2.2 allows remote attackers to execute arbitrary PHP code via a URL in the settings[app_dir] parameter. | | 7.0 | CVE-2007-2327 BUGTRAQ
| LAN Management System -- LAN Management System
| PHP remote file inclusion vulnerability in modules/rtmessageadd.php in LAN Management System (LMS) 1.5.3, and possibly 1.5.4, allows remote attackers to execute arbitrary PHP code via a URL in the _LIB_DIR parameter, a different vector than CVE-2007-1643. | | 7.0 | CVE-2007-2205 BUGTRAQ BID VIM XF
| Microsoft -- Internet Explorer
| CRLF injection vulnerability in the Digest Authentication in Microsoft Internet Explorer 7.0.5730.11 allows remote attackers to conduct HTTP response splitting attacks via a LF (%0a) in the username attribute. | | 7.0 | CVE-2007-2291 BUGTRAQ OTHER-REF BID
| MiniBB -- MiniBB TOSMO Mambo -- TOSMO Mambo
| Multiple PHP remote file inclusion vulnerabilities in MiniBB Forum 1.5a and earlier, as used by TOSMO/Mambo 4.0.12 and probably other products, allow remote attackers to execute arbitrary PHP code via a URL in the absolute_path parameter to bb_plugins.php in (1) components/minibb/ or (2) components/com_minibb, or (3) configuration.php. NOTE: the com_minibb.php vector is already covered by CVE-2006-3690. | | 7.0 | CVE-2007-2317 MILW0RM VIM BID FRSIRT XF
| Mozilla -- Firefox
| Unspecified vulnerability in Mozilla Firefox allows remote attackers to execute arbitrary code via unspecified vectors involving Javascript errors. NOTE: this might be the same issue as CVE-2007-2175. | | 10.0 | CVE-2007-2176 OTHER-REF
| mxBB -- MX Shotcast
| PHP remote file inclusion vulnerability in getinfo1.php in the Shotcast 1.0 RC2 module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the mx_root_path parameter. | | 7.0 | CVE-2007-2313 MILW0RM BID FRSIRT XF
| MyBB -- MyBB
| Multiple SQL injection vulnerabilities in calendar.php in MyBB (aka MyBulletinBoard) 1.2.5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) year or (2) month parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | | 7.0 | CVE-2007-2212 XF
| MyBulletinBoard -- MyBulletinBoard
| SQL injection vulnerability in calendar.php in MyBB (aka MyBulletinBoard) 1.2.5 and earlier allows remote attackers to execute arbitrary SQL commands via the day parameter in a dayview action. | | 7.0 | CVE-2007-2211 MILW0RM BID XF FRSIRT SECUNIA
| MyNewsGroup -- MyNewsGroup
| PHP remote file inclusion vulnerability in include.php in MyNewsGroups :) allows remote attackers to execute arbitrary PHP code via a URL in the myng_root parameter. | | 10.0 | CVE-2007-2325 BUGTRAQ
| Novell -- Groupwise
| Stack-based buffer overflow in the base64_decode function in GWINTER.exe in Novell GroupWise (GW) WebAccess before 7.0 SP2 allows remote attackers to execute arbitrary code via long base64 content in an HTTP Basic Authentication request. | | 10.0 | CVE-2007-2171 BUGTRAQ OTHER-REF OTHER-REF OTHER-REF BID FRSIRT SECTRACK SECUNIA
| Pagode -- Pagode
| Directory traversal vulnerability in navigator/navigator_ok.php in Pagode 0.5.8 allows remote attackers to read and possibly delete arbitrary files via a .. (dot dot) in the asolute parameter. | | 10.0 | CVE-2007-2200 MILW0RM BID FRSIRT SECUNIA XF
| Papoo -- Papoo
| SQL injection vulnerability in kontakt.php in Papoo 3.02 and earlier allows remote attackers to execute arbitrary SQL commands via the menuid parameter, a different vector than CVE-2005-4478. | | 7.0 | CVE-2007-2320 MILW0RM BID
| PHP-Ring -- Webring System
| SQL injection vulnerability in index.php in PHP-Ring Webring System (aka uPHP_ring_website) 0.9 allows remote attackers to execute arbitrary SQL commands via the ring parameter. | | 7.0 | CVE-2007-2183 MILW0RM BID XF
| PHPee -- YA Book
| Cross-site scripting (XSS) vulnerability in YA Book 0.98-alpha allows remote attackers to inject arbitrary web script or HTML via the City field in a sign action in index.php. | | 7.0 | CVE-2007-2265 BUGTRAQ BID
| phpMyAdmin -- phpMyAdmin
| Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.10.1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the fieldkey parameter to browse_foreigners.php or (2) certain input to the PMA_sanitize function. | | 7.0 | CVE-2007-2245 OTHER-REF OTHER-REF FRSIRT SECUNIA
| PHPmybibli -- PHPmybibli
| PHP remote file inclusion vulnerability in includes/init.inc.php in PHPMyBibli allows remote attackers to execute arbitrary PHP code via a URL in the base_path parameter. | | 7.0 | CVE-2007-2258 BUGTRAQ BID XF
| PHPMySpace -- PHPMySpace
| SQL injection vulnerability in modules/news/article.php in phpMySpace Gold 8.10 allows remote attackers to execute arbitrary SQL commands via the item_id parameter. | | 7.0 | CVE-2007-2247 BUGTRAQ BID FRSIRT XF
| phpMYTGP -- phpMYTGP
| PHP remote file inclusion vulnerability in addvip.php in phpMYTGP 1.4b allows remote attackers to execute arbitrary PHP code via a URL in the msetstr[PROGSDIR] parameter. | | 7.0 | CVE-2007-2328 BUGTRAQ
| Plogger -- Plogger
| Session fixation vulnerability in Plogger allows remote attackers to hijack web sessions by setting the PHPSESSID parameter. | | 7.0 | CVE-2007-2277 BUGTRAQ OTHER-REF
| Post Revolution -- Post Revolution
| Multiple PHP remote file inclusion vulnerabilities in Post Revolution 6.6 and 7.0 RC2 allow remote attackers to execute arbitrary PHP code via a URL in the dir parameter to (1) common.php or (2) themes/default/preview_post_completo.php. | | 7.0 | CVE-2007-2201 BUGTRAQ MILW0RM BID FRSIRT SECUNIA XF
| ProFTPD Project -- ProFTPD
| The Auth API in ProFTPD before 20070417, when multiple simultaneous authentication modules are configured, does not require that the module that checks authentication is the same as the module that retrieves authentication data, which might allow remote attackers to bypass authentication, as demonstrated by use of SQLAuthTypes Plaintext in mod_sql, with data retrieved from /etc/passwd. | | 7.0 | CVE-2007-2165 OTHER-REF OTHER-REF BID FRSIRT SECTRACK SECUNIA XF
| Progress -- WebSpeed
| Progress Webspeed Messenger allows remote attackers to read, create, modify, and execute arbitrary files by invoking webutil/_cpyfile.p in the WService parameter to (1) cgiip.exe or (2) wsisa.dll in scripts/, as demonstrated by using the save,editor options to create a new file using the fileName parameter. | | 10.0 | CVE-2007-2266 BUGTRAQ BID
| PunBB -- PunBB
| include/common.php in PunBB 1.2.14 and earlier does not properly handle a disabled ini_get function when checking the register_globals setting, which allows remote attackers to register global parameters, as demonstrated by an SQL injection attack on the search_id parameter to search.php. | | 7.0 | CVE-2007-2234 BUGTRAQ BUGTRAQ OTHER-REF OTHER-REF
| PunBB -- PunBB
| footer.php in PunBB 1.2.14 and earlier allows remote attackers to include local files in include/user/ via a cross-site scripting (XSS) attack, or via the pun_include tag, as demonstrated by use of admin_options.php to execute PHP code from an uploaded avatar file. | | 7.0 | CVE-2007-2236 BUGTRAQ BUGTRAQ OTHER-REF OTHER-REF FRSIRT SECUNIA
| QDBlog -- QDBlog
| Multiple directory traversal vulnerabilities in Quick and Dirty Blog (QDBlog) 0.4, and possibly earlier, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the theme parameter to categories.php and other unspecified files. | | 7.0 | CVE-2007-2304 MILW0RM BID FRSIRT XF
| QDBlog -- QDBlog
| Multiple SQL injection vulnerabilities in authenticate.php in Quick and Dirty Blog (QDBlog) 0.4, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. | | 7.0 | CVE-2007-2305 MILW0RM BID FRSIRT XF
| Realink -- C-Arbre
| PHP remote file inclusion vulnerability in espaces/communiques/annotations.php in C-Arbre 0.6PR7 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root_path parameter, a different vector than CVE-2007-1721. | | 7.0 | CVE-2007-2261 BUGTRAQ XF
| Ripe Website Manager -- Ripe Website Manager
| Cross-site scripting (XSS) vulnerability in contact/index.php in Ripe Website Manager 0.8.4 and earlier allows remote attackers to inject arbitrary web script or HTML via a leading "<"<" in the ripeformpost parameter. | | 7.0 | CVE-2007-2206 BUGTRAQ BID BUGTRAQ OTHER-REF FRSIRT SECUNIA XF
| Ripe Website Manager -- Ripe Website Manager
| SQL injection vulnerability in contact/index.php in Ripe Website Manager 0.8.4 and earlier allows remote attackers to execute arbitrary SQL commands via the ripeformpost parameter. | | 7.0 | CVE-2007-2207 BUGTRAQ BID OTHER-REF FRSIRT SECUNIA XF
| Searchactivity -- Searchactivity
| PHP remote file inclusion vulnerability in searchbot.php in Searchactivity allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. | | 7.0 | CVE-2007-2329 BUGTRAQ
| Shop-Script -- Shop-Script
| PHP remote file inclusion vulnerability in cart.php in Shop-Script 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the lang_list parameter. | | 7.0 | CVE-2007-2331 BUGTRAQ
| SilverStripe -- SilverStripe
| Unspecified vulnerability in the search functionality in SilverStripe 2.0.0 has unknown impact and attack vectors. | | 7.0 | CVE-2007-2321 OTHER-REF SECUNIA
| Sinato -- File117
| Multiple PHP remote file inclusion vulnerabilities in html/php/detail.php in Sinato jmuffin allow remote attackers to execute arbitrary PHP code via a URL in the (1) relPath and (2) folder parameters. NOTE: this product was originally reported as "File117". | | 7.0 | CVE-2007-2262 BUGTRAQ BID BID FRSIRT XF
| VWar -- Virtual War
| Multiple SQL injection vulnerabilities in the Virtual War (VWar) 1.5.0 R15 module for PHP-Nuke allow remote attackers to execute arbitrary SQL commands via the n parameter to extra/online.php and other unspecified scripts in extra/. NOTE: this might be same vulnerability as CVE-2006-4142; however, there is an intervening vendor fix announcement. | | 7.0 | CVE-2007-2312 BUGTRAQ OTHER-REF VIM BID XF
| WebKalk2 -- WebKalk2
| PHP remote file inclusion vulnerability in engine/engine.inc.php in WebKalk2 1.9.0 allows remote attackers to execute arbitrary PHP code via a URL in the absolute_path parameter. | | 7.0 | CVE-2007-2307 MILW0RM BID FRSIRT XF
| Xaraya -- Xaraya
| Unspecified vulnerability in the Roles module in Xaraya 1.1.2 and earlier allows attackers to gain privileges via unspecified vectors, probably related to incorrect permission checking in xartemplates/user-view.xd. | | 7.0 | CVE-2007-2251 OTHER-REF OTHER-REF FRSIRT SECUNIA BID XF
|