Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-05-21 | CVE-2007-2786 | Denial Of Service vulnerability in IRCD RatBox Pending Connections Ratbox IRC Daemon (aka ircd-ratbox) 2.2.5 and earlier allows remote attackers to cause a denial of service (resource exhaustion) by making many requests from a single client. | 5.0 |
2007-05-21 | CVE-2007-2785 | Remote Security vulnerability in Esyndicat PRO 1.X manage-admins.php in eSyndiCat Pro 1.x allows remote attackers to create additional administrative accounts, and have other unspecified impact, via modified username, new_pass, new_pass2, status, super, and certain other parameters in an add action. network esyndicat | 6.8 |
2007-05-21 | CVE-2007-2784 | Denial of Service vulnerability in Globus Toolkit Nexus Globus-Job-Manager Unspecified vulnerability in globus-job-manager in Globus Toolkit 4.1.1 and earlier (globus_nexus-6.6 and earlier) allows remote attackers to cause a denial of service (resource exhaustion and system crash) via certain requests to temporary TCP ports for a GRAM2 job or its MPICH-G2 applications. | 7.8 |
2007-05-21 | CVE-2007-2783 | Authentication Bypass vulnerability in Rational Software Hidden Administrator Unspecified vulnerability in Rational Soft Hidden Administrator 1.7 and earlier allows remote attackers to bypass authentication and execute arbitrary code via unspecified vectors. | 10.0 |
2007-05-21 | CVE-2007-2782 | Unspecified vulnerability in Packeteer Packetshaper 7.3.0G2/7.5.0G1 Packeteer PacketShaper uses fixed increments in TCP initial sequence number (ISN) values, which allows remote attackers to predict the ISN value, and perform session hijacking or disruption. | 7.5 |
2007-05-21 | CVE-2007-2781 | Cross-Site Scripting vulnerability in WikyBlog Cross-site scripting (XSS) vulnerability in include/sessionRegister.php in WikyBlog before 1.4.13 allows remote attackers to inject arbitrary web script or HTML, probably via vectors related to a certain data2 array element. network wikyblog | 6.8 |
2007-05-21 | CVE-2007-2780 | Information Exposure vulnerability in Psychostats PsychoStats 3.0.6b and earlier allows remote attackers to obtain sensitive information via a request for server.php with a missing or invalid newtheme parameter, which reveals a path in an error message. | 5.0 |
2007-05-21 | CVE-2007-2779 | Remote File Include vulnerability in Libstats Template_CSV.PHP PHP remote file inclusion vulnerability in template_csv.php in Libstats 1.0.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rInfo[content] parameter. | 7.5 |
2007-05-21 | CVE-2007-2778 | Local File Include vulnerability in Molyx Board 2.5.0 Multiple directory traversal vulnerabilities in MolyX BOARD 2.5.0 allow remote attackers to read arbitrary files via a .. | 7.8 |
2007-05-21 | CVE-2007-2777 | Multiple vulnerability in AlstraSoft Template Seller Pro Unrestricted file upload vulnerability in admin/addsptemplate.php in AlstraSoft Template Seller Pro 3.25 and earlier allows remote attackers to execute arbitrary PHP code via an arbitrary .php filename in the zip parameter, which is created under sptemplates/. | 7.5 |