Primary Vendor -- Product | Description | | CVSS Score | Source & Patch Info | 3Com -- TippingPoint IMS 50 3Com -- TippingPoint IMS 2400E 3Com -- TippingPoint IMS 5000E 3Com -- TippingPoint IMS X505 3Com -- TippingPoint IMS 600E 3Com -- TippingPoint IMS 200 3Com -- TippingPoint IMS 200E 3Com -- TippingPoint IMS X506
| The 3Com TippingPoint IPS do not properly handle certain full-width and half-width Unicode character encodings in an HTTP POST request, which might allow remote attackers to evade detection of HTTP traffic. | | 7.0 | CVE-2007-2734 BUGTRAQ OTHER-REF OTHER-REF CERT-VN FRSIRT SECUNIA
| Adobe -- Creative Suite
| The installer for Adobe Version Cue CS3 Server on Apple Mac OS X, as used in Adobe Creative Suite 3 (CS3), does not re-enable the personal firewall after completing the product installation, which allows remote attackers to bypass intended firewall rules. | | 7.0 | CVE-2007-2682 OTHER-REF BID SECTRACK SECUNIA
| Agner Fog -- aForum
| PHP remote file inclusion vulnerability in common/func.php in aForum 1.32 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the CommonAbsDir parameter. | | 7.0 | CVE-2007-2596 MILW0RM BID FRSIRT SECUNIA
| Apple -- Quicktime
| Heap-based buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted Sample Table Sample Descriptor (STSD) atom size in a QuickTime movie. | | 8.0 | CVE-2007-0754 BUGTRAQ OTHER-REF OTHER-REF BID XF
| b2evolution -- b2evolution
| Directory traversal vulnerability in blogs/index.php in b2evolution 1.6 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the core_subdir parameter. | | 7.0 | CVE-2007-2681 BUGTRAQ XF
| BEA Systems -- WebLogic Server
| The JMS Server in BEA WebLogic Server 6.1 through SP7, 7.0 through SP6, and 8.1 through SP5 enforces security access policies on the front end, which allows remote attackers to access protected queues via direct requests to the JMS back-end server. | | 7.0 | CVE-2007-2696 BEA FRSIRT SECTRACK SECUNIA
| BEA Systems -- WebLogic Server BEA Systems -- WebLogic Express
| The embedded LDAP server in BEA WebLogic Express and WebLogic Server 7.0 through SP6, 8.1 through SP5, 9.0, and 9.1, when in certain configurations, does not limit or audit failed authentication attempts, which allows remote attackers to more easily conduct brute-force attacks against the administrator password, or flood the server with login attempts and cause a denial of service. | | 7.0 | CVE-2007-2697 BEA FRSIRT SECTRACK SECUNIA
| Beacon -- Beacon
| PHP remote file inclusion vulnerability in language/1/splash.lang.php in Beacon 0.2.0 allows remote attackers to execute arbitrary PHP code via a URL in the languagePath parameter. | | 7.0 | CVE-2007-2663 MILW0RM
| Censura -- Censura
| SQL injection vulnerability in censura.php in Censura 1.15.04 allows remote attackers to execute arbitrary SQL commands via the vendorid parameter in a vendor_info cmd action. | | 7.0 | CVE-2007-2673 MILW0RM BID
| Centennial -- Discovery Symantec -- Discovery Numara -- Asset Manager
| Multiple buffer overflows in the CentennialIPTransferServer service (XFERWAN.EXE), as used by (1) Centennial Discovery 2006 Feature Pack 1, (2) Numara Asset Manager 8.0, and (3) Symantec Discovery 6.5, allow remote attackers to execute arbitrary code via long strings in a crafted TCP packet. | | 10.0 | CVE-2007-1173 OTHER-REF OTHER-REF OTHER-REF FRSIRT FRSIRT FRSIRT SECUNIA SECUNIA SECUNIA
| Clever Components -- Clever Database Comparer
| Stack-based buffer overflow in the Clever Database Comparer 2.2 ActiveX control (comparerax.ocx) allows remote attackers to execute arbitrary code via a long argument to the ConnectToDatabase function. | | 8.0 | CVE-2007-2648 OTHER-REF OTHER-REF FRSIRT SECUNIA
| Comodo -- Comodo Personal Firewall Comodo -- Comodo Firewall Pro
| Comodo Firewall Pro 2.4.18.184 and Comodo Personal Firewall 2.3.6.81, and probably older Comodo Firewall versions, do not properly test for equivalence of process identifiers for certain Microsoft Windows API functions in the NT kernel 5.0 and greater, which allows local users to call these functions, and bypass firewall rules or gain privileges, via a modified identifier that is one, two, or three greater than the canonical identifier. | | 7.0 | CVE-2007-2729 BUGTRAQ OTHER-REF
| Comodo -- Comodo Personal Firewall Comodo -- Comodo Firewall Pro Check Point Software -- ZoneAlarm
| Check Point ZoneAlarm Pro before 6.5.737.000 does not properly test for equivalence of process identifiers for certain Microsoft Windows API functions in the NT kernel 5.0 and greater, which allows local users to call these functions, and bypass firewall rules or gain privileges, via a modified identifier that is one, two, or three greater than the canonical identifier. | | 7.0 | CVE-2007-2730 BUGTRAQ OTHER-REF
| Computer Associates -- eTrust Integrated Threat Management Computer Associates -- eTrust PestPatrol Computer Associates -- eTrust EZ Antivirus
| Stack-based buffer overflow in the inoweb Console Server in CA Anti-Virus for the Enterprise r8, Threat Manager r8, Anti-Spyware for the Enterprise r8, and Protection Suites r3 allows remote attackers to execute arbitrary code via a long (1) username or (2) password. | | 10.0 | CVE-2007-2522 OTHER-REF BID FRSIRT BUGTRAQ OTHER-REF CERT-VN SECTRACK SECUNIA
| Computer Associates -- Integrated Threat Management Computer Associates -- Anti-Virus
| CA Anti-Virus for the Enterprise r8 and Threat Manager r8 before 20070510 use weak permissions (NULL security descriptor) for the Task Service shared file mapping, which allows local users to modify this mapping and gain privileges by triggering a stack-based buffer overflow in InoCore.dll before 8.0.448.0. | | 7.0 | CVE-2007-2523 IDEFENSE OTHER-REF BID FRSIRT BUGTRAQ OTHER-REF CERT-VN SECTRACK SECUNIA
| DB Soft Lab -- VImp X
| Buffer overflow in the DB Software Laboratory VImpX ActiveX control in VImpX.ocx 4.7.3 allows remote attackers to execute arbitrary code via a long LogFile parameter. | | 10.0 | CVE-2007-2667 MILW0RM
| DB Soft Lab -- DeWizardX
| The DB Software Laboratory DeWizardX (DEWizardAX.ocx) ActiveX control allows remote attackers to overwrite arbitrary files via the SaveToFile function. | | 10.0 | CVE-2007-2725 OTHER-REF OTHER-REF BID
| DivX City -- GDivX Zenith Player
| Buffer overflow in a certain ActiveX control in the GDivX Zenith Player AviFixer class in fix.dll 1.0.0.1 allows remote attackers to execute arbitrary code via a long SetInputFile property value. | | 8.0 | CVE-2007-2601 MILW0RM BID
| Drumster -- BlogMe
| SQL injection vulnerability in archshow.asp in BlogMe 3.0 allows remote attackers to execute arbitrary SQL commands via the var parameter, a different vector than CVE-2006-5976. | | 7.0 | CVE-2007-2661 MILW0RM BID XF
| EfesTECH Haber -- EfesTECH Haber
| SQL injection vulnerability in EfesTECH Haber 5.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to the top-level URI. | | 7.0 | CVE-2007-2662 MILW0RM
| EQdkp -- EQdkp
| Multiple cross-site scripting (XSS) vulnerabilities in EQdkp 1.3.2c and earlier allow remote attackers to inject arbitrary web script or HTML via the show parameter to (1) listmembers.php and (2) stats.php. NOTE: some of these details are obtained from third party information. | | 7.0 | CVE-2007-2716 FULLDISC FULLDISC BID SECUNIA
| Feindt Computerservice -- News-Script
| PHP remote file inclusion vulnerability in newsadmin.php in Feindt Computerservice News (News-Script) 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the action parameter. | | 7.0 | CVE-2007-2708 MILW0RM BID FRSIRT
| Fotolog -- Fotolog
| Cross-site scripting (XSS) vulnerability in all_photos.html in fotolog allows remote attackers to inject arbitrary web script or HTML via the user parameter. | | 7.0 | CVE-2007-2724 BUGTRAQ
| Free-SA -- Free-SA
| Multiple unspecified vulnerabilities in Free-SA before 1.2.2 allow remote attackers to execute arbitrary code via unspecified vectors involving certain (1) sprintf and (2) vsprintf calls in (a) r_index.c, (b) r_reports.c, (c) r_topsites.c, (d) r_topuser.c, (e) r_typical.c, (f) r_userdatetime.c, and (g) r_users.c in reports/; and (h) w_fs.c, (i) w_internal.c, and (j) w_log_operations.c in work/, probably related to buffer overflows. NOTE: some of these details are obtained from third party information. | | 7.0 | CVE-2007-2652 OTHER-REF BID FRSIRT
| FreeType -- FreeType
| Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative n_points value, which leads to an integer overflow and heap-based buffer overflow. | | 10.0 | CVE-2007-2754 MLIST OTHER-REF OTHER-REF
| Geeklog -- Media Gallery
| PHP remote file inclusion vulnerability in maint/ftpmedia.php in Media Gallery 1.4.8a and earlier for Geeklog allows remote attackers to execute arbitrary PHP code via a URL in the _MG_CONF[path_html] parameter. | | 7.0 | CVE-2007-2706 MILW0RM
| Glossword -- Glossword
| PHP remote file inclusion vulnerability in custom_vars.php in GlossWord 1.8.1 allows remote attackers to execute arbitrary PHP code via a URL in the sys[path_addon] parameter. | | 7.0 | CVE-2007-2743 MILW0RM BID
| GNU Edu -- GNU Edu
| Multiple PHP remote file inclusion vulnerabilities in gnuedu 1.3b2 allow remote attackers to execute arbitrary PHP code via a URL in the (a) ETCDIR parameter to (1) libs/lom.php; (2) lom_update.php, (3) check-lom.php, and (4) weigh_keywords.php in scripts/; the (b) LIBSDIR parameter to (5) logout.php, (6) help.php, (7) index.php, (8) login.php; and the ETCDIR parameter to (9) web/lom.php. | | 7.0 | CVE-2007-2609 MILW0RM BID FRSIRT XF
| HP -- Systems Insight Manager
| Session fixation vulnerability in HP Systems Insight Manager (SIM) 4.2 and 5.0 SP4 and SP5 allows remote attackers to hijack web sessions by setting the JSESSIONID cookie. | | 10.0 | CVE-2007-2719 OTHER-REF HP FRSIRT SECUNIA
| iFusionServices -- iFdate
| ifdate 2.x sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to obtain administrative access via a direct request for the admin/ URI. | | 7.0 | CVE-2007-2713 BUGTRAQ OTHER-REF BID
| iGeneric -- iG Shop
| SQL injection vulnerability in shop/page.php in iGeneric (iG) Shop 1.4 allows remote attackers to execute arbitrary SQL commands via the type_id[] parameter, a different vector than CVE-2005-0537. | | 7.0 | CVE-2007-2717 MILW0RM BID
| Jetbox -- Jetbox CMS
| Multiple cross-site scripting (XSS) vulnerabilities in Jetbox CMS allow remote attackers to inject arbitrary web script or HTML via the (1) path parameter to view/search/; or the (2) companyname, (3) country, (4) email, (5) firstname, (6) middlename, (7) required, (8) surname, or (9) title parameter to view/supplynews/. | | 7.0 | CVE-2007-2732 BUGTRAQ FRSIRT
| labs.beffa.org -- w2box
| Unrestricted file upload vulnerability in labs.beffa.org w2box 4.0.0 Beta4 allows remote attackers to upload arbitrary PHP code via a filename with a double extension such as .php.jpg. | | 7.0 | CVE-2007-2742 BUGTRAQ BID XF
| LaVague -- LaVague
| PHP remote file inclusion vulnerability in views/print/printbar.php in LaVague 0.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the views_path parameter. | | 7.0 | CVE-2007-2607 MILW0RM BID FRSIRT XF
| libexif -- libexif
| Integer overflow in the exif_data_load_data_entry function in exif-data.c in libexif before 0.6.14 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted EXIF data, involving the (1) doff or (2) s variable. | | 8.0 | CVE-2007-2645 OTHER-REF OTHER-REF BID FRSIRT SECUNIA
| Little CMS -- Little CMS
| Stack-based buffer overflow in Little CMS (lmcs) before 1.15 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ICC profile in a JPG file. | | 7.0 | CVE-2007-2741 OTHER-REF BID FRSIRT SECUNIA
| MH Software -- Connect Daily
| Unspecified vulnerability in MH Software Connect Daily before 3.3.3 has unknown impact and attack vectors. | | 7.0 | CVE-2007-2712 OTHER-REF BID FRSIRT SECUNIA
| Microsoft -- Internet Explorer Stalker -- Communigate Pro
| Cross-site scripting (XSS) vulnerability in the WebMail system in Stalker CommuniGate Pro 5.1.8 and earlier, when using Microsoft Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via crafted STYLE tags. | | 7.0 | CVE-2007-2718 FULLDISC OTHER-REF OTHER-REF BID FRSIRT SECTRACK SECUNIA
| NagiosQL -- NagiosQL 2005
| PHP remote file inclusion vulnerability in functions/prepend_adm.php in NagiosQL 2005 2.00 allows remote attackers to execute arbitrary PHP code via a URL in the SETS[path][physical] parameter. | | 7.0 | CVE-2007-2709 MILW0RM BID FRSIRT
| NagiosQL -- NagiosQL
| PHP remote file inclusion vulnerability in functions/prepend_adm.php in NagiosQL 2.00-P00 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the SETS[path][IT] parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | | 7.0 | CVE-2007-2710 FRSIRT
| Netsprint -- Netsprint Toolbar
| Buffer overflow in the isChecked function in toolbar.dll in Netsprint Toolbar 1.1 might allow remote attackers to execute arbitrary code via unspecified vectors. | | 7.0 | CVE-2007-2678 BUGTRAQ BUGTRAQ
| Notepad++ -- Notepad++
| Stack-based buffer overflow in SciLexer.dll in notepad++ 4.1.1 and earlier allows user-assisted remote attackers to execute arbitrary code via certain Ruby (.rb) files with long lines. NOTE: some of these details are obtained from third party information. | | 10.0 | CVE-2007-2666 MILW0RM SECUNIA
| Open Translation Engine -- Open Translation Engine
| PHP remote file inclusion vulnerability in skins/header.php in Open Translation Engine (OTE) 0.7.8 allows remote attackers to execute arbitrary PHP code via a URL in the ote_home parameter. | | 7.0 | CVE-2007-2676 MILW0RM VIM BID
| OpenLD -- OpenLD
| Cross-site scripting (XSS) vulnerability in OpenLD before 1.1.9, and 1.1-modified before 1.1-modified3, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in the Search feature, possibly the term parameter. | | 7.0 | CVE-2007-2610 OTHER-REF OTHER-REF OTHER-REF SECUNIA BID FRSIRT
| PHP -- PHP
| The mcrypt_create_iv function in ext/mcrypt/mcrypt.c in PHP before 4.4.7, 5.2.1, and possibly 5.0.x and other PHP 5 versions, calls php_rand_r with an uninitialized seed variable and therefore always generates the same initialization vector (IV), which might allow context-dependent attackers to decrypt certain data more easily because of the guessable encryption keys. | | 10.0 | CVE-2007-2727 OTHER-REF OTHER-REF OTHER-REF OTHER-REF OTHER-REF BID
| PHP FirstPost -- PHP FirstPost
| PHP remote file inclusion vulnerability in block.php in PhpFirstPost 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the Include parameter. | | 7.0 | CVE-2007-2665 MILW0RM BID
| phpChess -- phpChess
| Multiple PHP remote file inclusion vulnerabilities in phpChess Community Edition 2.0 allow remote attackers to execute arbitrary PHP code via a URL in (1) the config parameter to includes/language.php, or the Root_Path parameter to (2) layout_admin_cfg.php, (3) layout_cfg.php, or (4) layout_t_top.php in skins/phpchess/. NOTE: vector 1 has been disputed by CVE, since the code is defined within a function that is not called from within includes/language.php. | | 7.0 | CVE-2007-2677 MILW0RM VIM BID
| PHPGlossar -- PHPGlossar
| Multiple PHP remote file inclusion vulnerabilities in PHPGlossar 0.8 allow remote attackers to execute arbitrary PHP code via a URL in the format_menue parameter to (1) admin/inc/change_action.php or (2) admin/inc/add.php. | | 7.0 | CVE-2007-2751 MILW0RM
| Pre Projects -- Pre Shopping Mall
| SQL injection vulnerability in detail.php in Pre Shopping Mall 1.0 allows remote attackers to execute arbitrary SQL commands via the prodid parameter. | | 7.0 | CVE-2007-2674 MILW0RM BID
| Pre Projects -- Pre Classifieds Listings
| SQL injection vulnerability in search.php in Pre Classifieds Listings 1.0 allows remote attackers to execute arbitrary SQL commands via the category parameter. | | 7.0 | CVE-2007-2675 MILW0RM BID XF
| PrecisionID Barcode -- PrecisionID Barcode
| Stack-based buffer overflow in the PrecisionID Barcode 1.9 ActiveX control in PrecisionID_Barcode.dll allows remote attackers to cause a denial of service (Internet Explorer 6 crash), and possibly execute arbitrary code, via a long argument to the SaveBarCode method. NOTE: this issue might overlap CVE-2007-2657. | | 7.0 | CVE-2007-2744 OTHER-REF OTHER-REF SECUNIA
| PrecisionID Barcode -- PrecisionID Barcode
| The PrecisionID Barcode 1.9 ActiveX control in PrecisionID_Barcode.dll, when Internet Explorer 6 is used, allows remote attackers to overwrite arbitrary files via a full pathname to the SaveToFile function, a different vulnerability than CVE-2007-2744. | | 10.0 | CVE-2007-2755 MILW0RM OTHER-REF OTHER-REF
| Samba -- Samba
| Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2 allows local users to gain temporary privileges and execute SMB/CIFS protocol operations via unspecified vectors that cause the daemon to transition to the root user. | | 7.0 | CVE-2007-2444 BUGTRAQ OTHER-REF OTHER-REF MANDRIVA SLACKWARE FRSIRT SECUNIA SECUNIA SECUNIA
| Samba -- Samba
| Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests. | | 10.0 | CVE-2007-2446 BUGTRAQ OTHER-REF OTHER-REF MANDRIVA REDHAT SLACKWARE CERT-VN BID FRSIRT SECUNIA SECUNIA SECUNIA SECUNIA
| SimpleNews -- SimpleNews
| SQL injection vulnerability in print.php in SimpleNews 1.0.0 FINAL allows remote attackers to execute arbitrary SQL commands via the news_id parameter. | | 10.0 | CVE-2007-2598 MILW0RM FRSIRT OTHER-REF BID SECUNIA
| SimpNews -- SimpNews
| SQL injection vulnerability in print.php in SimpNews 2.40.01 and earlier allows remote attackers to execute arbitrary SQL commands via the newsnr parameter. | | 7.0 | CVE-2007-2750 MILW0RM
| Snaps Gallery -- Snaps Gallery
| Admin/users.php in Snaps! Gallery 1.4.4 allows remote attackers to change arbitrary usernames and passwords via the (1) username, or the (2) password and password2 parameters in an edit action. | | 10.0 | CVE-2007-2715 MILW0RM OTHER-REF BID FRSIRT
| Symantec -- Norton Personal Firewall Symantec -- Norton Internet Security
| Buffer overflow in the ISAlertDataCOM ActiveX control in ISLALERT.DLL for Norton Personal Firewall 2004 and Internet Security 2004 allows remote attackers to execute arbitrary code via long arguments to the (1) Get and (2) Set functions. | | 10.0 | CVE-2007-1689 OTHER-REF
| TellTargetCMS -- TellTarget CMS
| Multiple PHP remote file inclusion vulnerabilities in telltarget CMS 1.3.3 allow remote attackers to execute arbitrary PHP code via a URL in the (1) ordnertiefe parameter to site_conf.php; or the (2) tt_docroot parameter to (a) class.csv.php, (b) produkte_nach_serie.php, or (c) ref_kd_rubrik.php in functionen/; (d) hg_referenz_jobgalerie.php, (e) surfer_anmeldung_NWL.php, (f) produkte_nach_serie_alle.php, (g) surfer_aendern.php, (h) ref_kd_rubrik.php, or (i) referenz.php in module/; or (j) 1/lay.php or (k) 3/lay.php in standard/. | | 7.0 | CVE-2007-2597 MILW0RM BID FRSIRT
| Thinc4orce Marketing Group -- PHP Coupon Script
| SQL injection vulnerability in index.php in PHP Coupon Script 3.0 allows remote attackers to execute arbitrary SQL commands via the bus parameter in a viewbus page. | | 7.0 | CVE-2007-2672 MILW0RM BID XF
| TinyIRC -- TinyIdentD
| Stack-based buffer overflow in TinyIdentD 2.2 and earlier allows remote attackers to execute arbitrary code via a long string to TCP port 113. | | 10.0 | CVE-2007-2711 MILW0RM SECUNIA
| Tomasz Rekawek -- Yet Another Asterisk Panel
| PHP remote file inclusion vulnerability in includes/common.php in Yaap 1.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root_path parameter, possibly related to the __autoload function. | | 7.0 | CVE-2007-2664 MILW0RM
| Touteresa -- ResManager
| SQL injection vulnerability in edit_day.php in the ResManager 1.2.1 and earlier module for Xoops allows remote attackers to execute arbitrary SQL commands via the id_reserv parameter. | | 7.0 | CVE-2007-2735 MILW0RM BID FRSIRT
| VCDGear -- VCDGear
| Multiple stack-based buffer overflows in VCDGear 3.55 allow user-assisted remote attackers to execute arbitrary code via a long (1) tag or (2) track type in a CUE file. | | 8.0 | CVE-2007-2568 OTHER-REF FRSIRT SECUNIA
| VooDoo cIRCle -- VooDoo cIRCle
| Multiple off-by-one errors in VooDoo cIRCle before 1.1.beta27 allow remote attackers to cause a denial of service (connection loss) or possibly execute arbitrary code via a (1) DNS name response of the exact length as a buffer; or a long (2) channel name, (3) partyline channel name, or unspecified vectors in crafted BOTNET packets. | | 7.0 | CVE-2007-2651 OTHER-REF BID FRSIRT
| Wavelink Media -- TutorialCMS
| Multiple SQL injection vulnerabilities in TutorialCMS (aka Photoshop Tutorials) 1.00 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) catFile parameter to (a) browseCat.php or (b) browseSubCat.php; the (2) id parameter to (c) openTutorial.php, (d) topFrame.php, or (e) admin/editListing.php; or (3) the search parameter to search.php. | | 7.0 | CVE-2007-2599 MILW0RM BID FRSIRT SECUNIA
| Wavelink Media -- TutorialCMS
| Multiple cross-site scripting (XSS) vulnerabilities in TutorialCMS (aka Photoshop Tutorials) 1.00 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) catFile parameter to (a) browseCat.php or (b) browseSubCat.php; the (2) id parameter to (c) openTutorial.php, (d) topFrame.php, or (e) admin/editListing.php; or the (3) search parameter to search.php. | | 7.0 | CVE-2007-2600 MILW0RM BID FRSIRT
| webdesproxy -- webdesproxy
| Buffer overflow in webdesproxy 0.0.1 allows remote attackers to execute arbitrary code via a long URL. | | 7.0 | CVE-2007-2668 MILW0RM
| Xoops -- MyConference Module
| SQL injection vulnerability in index.php in the MyConference 1.0 module for Xoops allows remote attackers to execute arbitrary SQL commands via the cid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | | 7.0 | CVE-2007-2737 FRSIRT
| Xoops -- Xoops Glossaire Module
| SQL injection vulnerability in glossaire-p-f.php in the Glossaire 1.7 and earlier module for Xoops allows remote attackers to execute arbitrary SQL commands via the sid parameter in an ImprDef action. | | 7.0 | CVE-2007-2738 MILW0RM BID
| yEnc32 -- yEnc32
| Heap-based buffer overflow in yEnc32 1.0.7.207 allows user-assisted remote attackers to execute arbitrary code via a long filename in an NTX file. | | 8.0 | CVE-2007-2646 BUGTRAQ OTHER-REF BID FRSIRT SECUNIA
|