Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-06-06 | CVE-2007-3078 | HTML-injection vulnerability in Aigaion Multiple cross-site scripting (XSS) vulnerabilities in Aigaion before 1.3.3 allow remote attackers to inject arbitrary web script or HTML via the title parameter (Authors and Publication titles) to (1) authoractions.php or (2) publicationactions.php. network aigaion | 4.3 |
2007-06-06 | CVE-2007-3077 | SQL Injection vulnerability in EQDKP Listmembers.PHP SQL injection vulnerability in listmembers.php in EQdkp 1.3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the rank parameter. | 7.5 |
2007-06-06 | CVE-2007-3076 | Unspecified vulnerability in Zenturi Programchecker A certain ActiveX control in sasatl.dll in Zenturi ProgramChecker allows remote attackers to download arbitrary files to the client system via the DownloadFile function. | 7.8 |
2007-06-06 | CVE-2007-3075 | Unspecified vulnerability in Microsoft Internet Explorer Directory traversal vulnerability in Microsoft Internet Explorer allows remote attackers to read arbitrary files via directory traversal sequences in a URI with a certain scheme, possibly related to "..%5C" (encoded backslash) sequences. | 7.8 |
2007-06-06 | CVE-2007-3074 | Information Exposure vulnerability in Mozilla Firefox Mozilla Firefox 2.0.0.4 and earlier allows remote attackers to read files in the local Firefox installation directory via a resource:// URI. | 4.3 |
2007-06-06 | CVE-2007-3073 | Directory Traversal vulnerability in Firefox Directory traversal vulnerability in Mozilla Firefox 2.0.0.4 and earlier on Mac OS X and Unix allows remote attackers to read arbitrary files via ..%2F (dot dot encoded slash) sequences in a resource:// URI. | 7.8 |
2007-06-06 | CVE-2007-3072 | Path Traversal vulnerability in Mozilla Firefox Directory traversal vulnerability in Mozilla Firefox before 2.0.0.4 on Windows allows remote attackers to read arbitrary files via ..%5C (dot dot encoded backslash) sequences in a resource:// URI. | 7.1 |
2007-06-06 | CVE-2007-3071 | Buffer Overflow vulnerability in Digital River Esellerate SDK 3.6.5.0 Buffer overflow in the GetWebStoreURL function in a certain ActiveX control in eSellerateControl365.dll 3.6.5.0 in eSellerate SDK allows user-assisted remote attackers to execute arbitrary code via a long first argument. | 9.3 |
2007-06-06 | CVE-2007-3070 | Cross-Site Scripting vulnerability in WebStudio CMS Cross-site scripting (XSS) vulnerability in index.php in BDigital Web Solutions WebStudio allows remote attackers to inject arbitrary web script or HTML via the pageid parameter. network bdigital-web-solutions | 4.3 |
2007-06-06 | CVE-2007-3069 | Local Arbitrary Command Execution vulnerability in SUN Solaris 10.0 xscreensaver in Sun Solaris 10 before 20070604, when a GNOME session with Assistive Technology support is running, allows attackers with physical access to take control of the session after entering an Alt-Tab sequence. | 4.6 |