Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-04-19 | CVE-2007-2143 | Remote File Include vulnerability in Joomla Template Module PHP remote file inclusion vulnerability in index.php in the Be2004-2 template for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | 7.5 |
| 2007-04-19 | CVE-2007-2142 | Remote File Include vulnerability in AJPortal2PHP Multiple PHP remote file inclusion vulnerabilities in AjPortal2Php allow remote attackers to execute arbitrary PHP code via a URL in the PagePrefix parameter to (1) begin.inc.php, (2) connection.inc.php, (3) events.inc.php, (4) footer.inc.php, (5) header.inc.php, (6) menuleft.inc.php, or (7) pages.inc.php in includes/. | 7.5 |
| 2007-04-19 | CVE-2007-2141 | Remote PHP Code Execution vulnerability in ShoutPro Shoutbox.PHP Direct static code injection vulnerability in shoutbox.php in ShoutPro 1.5.2 allows remote attackers to inject arbitrary PHP code into shouts.php via the shout parameter. | 7.5 |
| 2007-04-19 | CVE-2007-2140 | Remote Security vulnerability in Franklin Huang Flip-Search-Add-On 2.0 PHP remote file inclusion vulnerability in everything.php in Franklin Huang Flip (aka Flip-search-add-on) 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the incpath parameter. | 7.5 |
| 2007-04-19 | CVE-2007-1691 | ActiveX Controls Multiple Buffer Overflow vulnerability in Second Sight Software Stack-based buffer overflow in Second Sight Software ActiveMod ActiveX control (ActiveMod.ocx) allows remote attackers to execute arbitrary code via unspecified vectors. network second-sight-software | 6.8 |
| 2007-04-19 | CVE-2007-1690 | ActiveX Controls Multiple Buffer Overflow vulnerability in Second Sight Software Multiple stack-based buffer overflows in Second Sight Software ActiveGS ActiveX control (ActiveGS.ocx) allow remote attackers to execute arbitrary code via unspecified vectors. network second-sight-software | 6.8 |
| 2007-04-19 | CVE-2007-1681 | Unspecified vulnerability in SUN Java web Console and Solaris Format string vulnerability in libwebconsole_services.so in Sun Java Web Console 2.2.2 through 2.2.5 allows remote attackers to cause a denial of service (application crash), obtain sensitive information, and possibly execute arbitrary code via unspecified vectors during a failed login attempt, related to syslog. | 7.5 |
| 2007-04-19 | CVE-2007-1009 | Authentication Bypass vulnerability in Macrovision Installanywhere 8 Macrovision InstallAnywhere Enterprise before 8.0.1 uses the InstallScript.iap_xml configuration file without integrity protection to verify authorization for installing an application, which allows local users to perform unauthorized installations by removing the (1) password or (2) serial number verification sections from this file. | 4.6 |
| 2007-04-18 | CVE-2007-2134 | Multiple vulnerability in Oracle April 2007 Security Update Unspecified vulnerability in the HTML Server in Oracle JD Edwards EnterpriseOne SP23_Q1 and 8.96.I1 has unknown impact and local attack vectors, aka JDE01. | 7.2 |
| 2007-04-18 | CVE-2007-2133 | Multiple vulnerability in Oracle Peoplesoft Enterprise 8.9 Unspecified vulnerability in the PeopleSoft Enterprise Human Capital Management component in Oracle PeopleSoft Enterprise 8.9 has unknown impact and attack vectors, aka PSEHCM01. | 10.0 |