Vulnerabilities

DATE	CVE	VULNERABILITY TITLE	RISK
2007-05-31	CVE-2007-2964	Remote Denial of Service vulnerability in F-Secure Policy Manager FSMSH.DLL The fsmsh.dll host module in F-Secure Policy Manager Server 7.00 and earlier allows remote attackers to cause a denial of service (application crash) via NTFS reserved words in filenames in URLs. network low complexity f-secure	5.0
2007-05-31	CVE-2007-2963	Cross-Site Scripting vulnerability in Invision Power Board Multiple cross-site scripting (XSS) vulnerabilities in Invision Power Board (IPB or IP.Board) 2.2.2, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via (1) module_bbcodeloader.php, (2) module_div.php, (3) module_email.php, (4) module_image.php, (5) module_link.php, or (6) the editorid parameter to module_table.php in jscripts/folder_rte_files/. network invision-power-services	4.3
2007-05-31	CVE-2007-2962	Cross-Site Scripting vulnerability in Particle Soft Particle Gallery 1.0.0/1.0.1 Cross-site scripting (XSS) vulnerability in search.php in Particle Gallery 1.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the order parameter. network particle-soft	4.3
2007-05-31	CVE-2007-2961	Arbitrary File Upload vulnerability in Filecloset 1.1.5 Unrestricted file upload vulnerability in FileCloset before 1.1.5 allows remote attackers to upload arbitrary PHP files via unspecified vectors. network low complexity filecloset	7.5
2007-05-31	CVE-2007-2960	File-Upload vulnerability in Scallywag.Org Scallywag 20050425 Multiple directory traversal vulnerabilities in Scallywag 2005-04-25 allow remote attackers to include and execute arbitrary local files via a .. network low complexity scallywag-org	7.5
2007-05-31	CVE-2007-2959	SQL Injection vulnerability in CPCommerce Manufacturer.PHP SQL injection vulnerability in manufacturer.php in cpCommerce before 1.1.0 allows remote attackers to execute arbitrary SQL commands via the id_manufacturer parameter. network low complexity cpcommerce	7.5
2007-05-31	CVE-2007-2947	Remote File Include vulnerability in David Branco Openbase 0.6Alpha Multiple PHP remote file inclusion vulnerabilities in OpenBASE Alpha 0.6 allow remote attackers to execute arbitrary PHP code via a URL in the root_prefix parameter to (1) index.php, (2) email_subscribe.php, (3) download.php, or (4) development.php. network low complexity david-branco	7.5
2007-05-31	CVE-2007-2946	Buffer Overflow vulnerability in Lead Technologies Leadtools Raster Dialog File Object 14.5.0.44 Buffer overflow in a certain ActiveX control in LeadTools Raster Dialog File_D Object (LTRDFD14e.DLL) 14.5.0.44 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) or execute arbitrary code via a long DestinationPath property value. network low complexity lead-technologies critical	10.0
2007-05-31	CVE-2007-2945	Information Disclosure vulnerability in Rmforum RMForum stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for rmforum.mdb. network low complexity rmforum	5.0
2007-05-31	CVE-2007-2944	Permissions, Privileges, and Access Controls vulnerability in Wabcms 1.0 WabCMS 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/wabcmsn.mdb. network low complexity wabcms CWE-264	5.0

Vulnerabilities {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities"}]}

Vulnerabilities