Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-03-30 | CVE-2007-1782 | Denial-Of-Service vulnerability in Cruiseworks CruiseWorks 1.09e and earlier does not properly restrict user access to certain privileged actions, which allows local users to change the configuration or have other unspecified impact. | 4.6 |
2007-03-30 | CVE-2007-1781 | Unspecified vulnerability in Minna DE Office Minna DE Office Minna De Office 1.x and 2.x does not properly restrict user access to certain privileged actions, which allows local users to change the configuration or have other unspecified impact. | 4.6 |
2007-03-30 | CVE-2007-1780 | Cross-Site Scripting vulnerability in Overlay Weaver Overlay Weaver 0.5.10/0.5.11/0.5.9 Cross-site scripting (XSS) vulnerability in the DHT shell (owdhtshell) in Overlay Weaver 0.5.9 to 0.5.11, when invoked with the -x option, allows remote attackers to inject arbitrary web script or HTML via fields in certain input forms. network overlay-weaver | 4.3 |
2007-03-30 | CVE-2007-1776 | SQL Injection vulnerability in Design FOR Joomla D4J Ezine SQL injection vulnerability in index.php in the DesignForJoomla.com D4J eZine (com_ezine) 2.8 and earlier component for Joomla! allows remote attackers to execute arbitrary SQL commands via the article parameter in a read action. | 6.8 |
2007-03-30 | CVE-2007-1775 | Unspecified vulnerability in Jbrowser Unrestricted file upload vulnerability in upload.php3 in JBrowser 2.4 and earlier allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors. network jbrowser | 6.8 |
2007-03-30 | CVE-2007-1774 | Cross-Site Scripting vulnerability in Unverse.Net Abitwhizzy Multiple cross-site scripting (XSS) vulnerabilities in aBitWhizzy allow remote attackers to inject arbitrary web script or HTML via the d parameter to (1) whizzery/whizzypic.php or (2) whizzery/whizzylink.php. | 4.3 |
2007-03-30 | CVE-2007-1768 | HTML Injection vulnerability in Mephisto Blog Author Comment Cross-site scripting (XSS) vulnerability in app/helpers/application_helper.rb in Mephisto 0.7.3 and Mephisto Edge 20070325 allows remote attackers to inject arbitrary web script or HTML via the author name field in a comment. network mephisto | 4.3 |
2007-03-30 | CVE-2006-7180 | Multiple vulnerability in MADWiFi IEEE80211_Output.C Unencrypted Data Packet ieee80211_output.c in MadWifi before 0.9.3 sends unencrypted packets before WPA authentication succeeds, which allows remote attackers to obtain sensitive information (related to network structure), and possibly cause a denial of service (disrupted authentication) and conduct spoofing attacks. network madwifi | 6.8 |
2007-03-30 | CVE-2007-1764 | Buffer Overflow vulnerability in Faststone Image Viewer 2.8 Stack-based buffer overflow in FastStone Image Viewer 2.8 allows user-assisted remote attackers to execute arbitrary code via a crafted JPG image. network faststone | 6.0 |
2007-03-30 | CVE-2007-1762 | Security Bypass vulnerability in Mozilla Firefox 2.0.0.1/2.0.0.2/2.0.0.3 Mozilla Firefox 2.0.0.1 through 2.0.0.3 does not canonicalize URLs before checking them against the phishing site blacklist, which allows remote attackers to bypass phishing protection via multiple / (slash) characters in the URL. | 5.0 |