Bsdos

DATE	CVE	VULNERABILITY TITLE	RISK
2007-12-04	CVE-2007-6232	Cross-Site Scripting vulnerability in FTP Admin 0.1.0 Cross-site scripting (XSS) vulnerability in index.php in FTP Admin 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the error parameter in an error page action. network hp ibm linux santa-cruz-operation sgi sun windriver ftp CWE-79	4.3
2007-09-18	CVE-2007-4938	Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry value. network high complexity apple hp ibm linux mandrakesoft microsoft santa-cruz-operation sun windriver mplayer sgi CWE-119	7.6
2007-05-17	CVE-2007-2736	Remote File Include vulnerability in Achievo 1.1.0 PHP remote file inclusion vulnerability in index.php in Achievo 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the config_atkroot parameter. network low complexity apple hp ibm linux microsoft santa-cruz-operation sun windriver achievo critical	10.0
2007-05-16	CVE-2007-1898	Unspecified vulnerability in Jetbox CMS 2.1 formmail.php in Jetbox CMS 2.1 allows remote attackers to send arbitrary e-mails (spam) via modified recipient, _SETTINGS[allowed_email_hosts][], and subject parameters. network apple hp linux microsoft santa-cruz-operation sun windriver jetbox	5.8
2007-02-23	CVE-2006-7034	SQL-Injection vulnerability in Super Link Exchange Script Super Link Exchange Script 1.0 SQL injection vulnerability in directory.php in Super Link Exchange Script 1.0 might allow remote attackers to execute arbitrary SQL queries via the cat parameter. network low complexity apple hp ibm linux microsoft santa-cruz-operation sun windriver super-link-exchange-script	7.5
2007-02-21	CVE-2007-1043	Authentication Bypass vulnerability in Ezboo Webstats 3.0.3 Ezboo webstats, possibly 3.0.3, allows remote attackers to bypass authentication and gain access via a direct request to (1) update.php and (2) config.php. network low complexity apple hp ibm linux microsoft santa-cruz-operation sun windriver ezboo	7.5