Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-01-30 | CVE-2007-0602 | Local Security vulnerability in Trend Micro Viruswall 3.81 Buffer overflow in libvsapi.so in the VSAPI library in Trend Micro VirusWall 3.81 for Linux, as used by IScan.BASE/vscan, allows local users to gain privileges via a long command line argument, a different vulnerability than CVE-2005-0533. local trend-micro | 6.9 |
| 2007-01-30 | CVE-2007-0597 | Information Disclosure vulnerability in Aztek Forum Aztek Forum 4.0 Aztek Forum 4.00 allows remote attackers to obtain sensitive information via a direct request to forum.php with the fid=XD query string, which reveals the path in an error message. | 5.0 |
| 2007-01-30 | CVE-2007-0596 | Remote Security vulnerability in Aztek Forum Aztek Forum 4.0 PHP remote file inclusion vulnerability in index/main.php in Aztek Forum 4.00 allows remote authenticated administrators to execute arbitrary PHP code via a URL in the PF[top_url] parameter. network aztek-forum | 6.0 |
| 2007-01-30 | CVE-2007-0595 | Cross-Site Scripting vulnerability in High5 Review Script Cross-site scripting (XSS) vulnerability in search in High 5 Review Site allows remote attackers to inject arbitrary web script or HTML via the q parameter (aka the search box). network designmind | 4.3 |
| 2007-01-30 | CVE-2007-0594 | Information Disclosure vulnerability in Siteman 2.0.X2 Siteman 2.0.x2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing password hashes via a direct request for db/siteman/users.MYD. | 5.0 |
| 2007-01-30 | CVE-2007-0593 | Information Disclosure vulnerability in Siteman 1.1.11 Siteman 1.1.11 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing password hashes via a direct request for data/members.txt. | 5.0 |
| 2007-01-30 | CVE-2007-0592 | Cross-Site Scripting vulnerability in Indexcor Ezdatabase 2.1.3 Cross-site scripting (XSS) vulnerability in EzDatabase 2.1.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to admin/login.php and the Admin Panel Database. network indexcor | 6.8 |
| 2007-01-30 | CVE-2007-0590 | Cross-Site Scripting vulnerability in Forum Livre Forum Livre 1.0 Cross-site scripting (XSS) vulnerability in busca2.asp in Forum Livre 1.0 remote attackers to inject arbitrary web script or HTML via the palavra parameter. network forum-livre | 5.8 |
| 2007-01-30 | CVE-2007-0583 | Cross-Site Scripting vulnerability in Http Commander Http Commander 6.0 Multiple cross-site scripting (XSS) vulnerabilities in HTTP Commander 6.0, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) LogoffMessage parameter to logofflast.aspx or the (2) txtUsername parameter to Default.aspx. network http-commander | 4.3 |
| 2007-01-30 | CVE-2007-0580 | Remote File Include vulnerability in Javier Suarez Sanz Foro Domus 2.10 PHP remote file inclusion vulnerability in menu.php in Foro Domus 2.10 allows remote attackers to execute arbitrary PHP code via a URL in the sesion_idioma parameter. network javier-suarez-sanz | 6.8 |