Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-05-15 | CVE-2007-2678 | Remote Security vulnerability in Netsprint Toolbar 1.1 Buffer overflow in the isChecked function in toolbar.dll in Netsprint Toolbar 1.1 might allow remote attackers to execute arbitrary code via unspecified vectors. | 7.5 |
| 2007-05-14 | CVE-2007-2677 | Remote File Include vulnerability in PHPchess 2.0 Multiple PHP remote file inclusion vulnerabilities in phpChess Community Edition 2.0 allow remote attackers to execute arbitrary PHP code via a URL in (1) the config parameter to includes/language.php, or the Root_Path parameter to (2) layout_admin_cfg.php, (3) layout_cfg.php, or (4) layout_t_top.php in skins/phpchess/. | 7.5 |
| 2007-05-14 | CVE-2007-2676 | Remote File Include vulnerability in Open Translation Engine Open Translation Engine 0.7.8 PHP remote file inclusion vulnerability in skins/header.php in Open Translation Engine (OTE) 0.7.8 allows remote attackers to execute arbitrary PHP code via a URL in the ote_home parameter. | 7.5 |
| 2007-05-14 | CVE-2007-2675 | SQL Injection vulnerability in PRE Projects PRE Classifieds Listings 1.0 SQL injection vulnerability in search.php in Pre Classifieds Listings 1.0 allows remote attackers to execute arbitrary SQL commands via the category parameter. | 7.5 |
| 2007-05-14 | CVE-2007-2674 | SQL Injection vulnerability in PRE Projects PRE Shopping Mall 1.0 SQL injection vulnerability in detail.php in Pre Shopping Mall 1.0 allows remote attackers to execute arbitrary SQL commands via the prodid parameter. | 7.5 |
| 2007-05-14 | CVE-2007-2673 | SQL Injection vulnerability in Censura 1.15.04 SQL injection vulnerability in includes/funcs_vendors.php in Censura 1.15.04, and other versions before 1.16.04, allows remote attackers to execute arbitrary SQL commands via the vendorid parameter in a vendor_info cmd action to censura.php. | 7.5 |
| 2007-05-14 | CVE-2007-2672 | SQL Injection vulnerability in Thinc4Orce Marketing Group PHP Coupon Script 3.0 SQL injection vulnerability in index.php in PHP Coupon Script 3.0 allows remote attackers to execute arbitrary SQL commands via the bus parameter in a viewbus page. | 7.5 |
| 2007-05-14 | CVE-2007-2671 | Denial of Service vulnerability in Mozilla Firefox 2.0.0.3 Mozilla Firefox 2.0.0.3 allows remote attackers to cause a denial of service (application crash) via a long hostname in an HREF attribute in an A element, which triggers an out-of-bounds memory access. network mozilla | 7.1 |
| 2007-05-14 | CVE-2007-2670 | Cross-Site Scripting vulnerability in PHPChain PHPChain 1.0 and earlier allows remote attackers to obtain the installation path via invalid values of the catid parameter to (1) settings.php or (2) cat.php, as demonstrated by XSS manipulations. network globalmegacorp | 4.3 |
| 2007-05-14 | CVE-2007-2669 | Cross-Site Scripting vulnerability in PHPChain Multiple cross-site scripting (XSS) vulnerabilities in PHPChain 1.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the catid parameter to (1) settings.php or (2) cat.php. network globalmegacorp | 4.3 |