Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-04-11 | CVE-2007-1961 | Remote File Include vulnerability in PHPbb Mutant 0.9.2 PHP remote file inclusion vulnerability in mutant_functions.php in the Mutant 0.9.2 portal for phpBB 2.2 allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | 7.5 |
2007-04-11 | CVE-2007-1960 | SQL Injection vulnerability in Xoops Rha7 Downloads Module 1.0/1.10 SQL injection vulnerability in visit.php in the Rha7 Downloads (rha7downloads) 1.0 module for XOOPS, and possibly other versions up to 1.10, allows remote attackers to execute arbitrary SQL commands via the lid parameter. | 7.5 |
2007-04-11 | CVE-2007-1959 | Remote Security vulnerability in TinyMUX Unspecified vulnerability in the process_cmdent function in command.cpp in TinyMUX before 2.4 has unknown impact and attack vectors, related to lack of the "'other half' of buffer overflow protection." | 10.0 |
2007-04-11 | CVE-2007-1958 | Denial-Of-Service vulnerability in TinyMUX Buffer overflow in TinyMUX before 2.4 allows attackers to cause a denial of service via unspecified vectors related to "too many substring matches in a regexp $-command." NOTE: some of these details are obtained from third party information. | 5.0 |
2007-04-11 | CVE-2007-1957 | Remote Security vulnerability in Web Php Multiple PHP remote file inclusion vulnerabilities in Guernion Sylvain Portail Web Php (aka Gsylvain35 Portail Web, PwP) allow remote attackers to execute arbitrary PHP code via a URL in the pageAll parameter to index.php in (1) template/Vert/, or (2) template/Noir/. network guernion-sylvain-portail | 6.8 |
2007-04-11 | CVE-2007-1956 | SQL Injection vulnerability in UBB.Threads UBBThreads.PHP SQL injection vulnerability in ubbthreads.php in Groupee UBB.threads 6.1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the C parameter. | 7.5 |
2007-04-11 | CVE-2007-1955 | Buffer Overflow vulnerability in Signkorea Skcommax Activex Control 5.4.1.2 Multiple stack-based buffer overflows in the SignKorea SKCrypAX ActiveX control module 5.4.1.2 allow remote attackers to execute arbitrary code via a long string in unspecified arguments to the (1) DownloadCert, (2) DecryptFileByKey, and (3) EncryptFileByKey functions, a different module and vectors than CVE-2007-1722. | 10.0 |
2007-04-11 | CVE-2007-1954 | Directory Traversal vulnerability in Archivexpert 2.02Build80 Multiple directory traversal vulnerabilities in ArchiveXpert 2.02 build 80 allow remote attackers to create files in arbitrary directories via a .. | 7.5 |
2007-04-11 | CVE-2007-1953 | Improper Authentication vulnerability in Onelook Courts Online Session fixation vulnerability in onelook courts on-line allows remote attackers to hijack web sessions by setting a PHPSESSID cookie. | 7.5 |
2007-04-11 | CVE-2007-1952 | Improper Authentication vulnerability in Onelook Onebyone CMS Session fixation vulnerability in onelook onebyone CMS allows remote attackers to hijack web sessions by setting a PHPSESSID cookie. | 7.5 |