Blog

CVE-2007-2817

SQL injection vulnerability in read/index.php in ol’bookmarks 0.7.4 allows remote attackers to execute arbitrary SQL commands via the id parameter. (CVSS:7.5) (Last Update:2012-10-30)


May 22, 2007 0

CVE-2007-2774

Multiple PHP remote file inclusion vulnerabilities in SunLight CMS 5.3 allow remote attackers to execute arbitrary PHP code via a URL in the root parameter to (1) _connect.php or (2) modules/startup.php. (CVSS:7.5) (Last Update:2012-11-05)


May 21, 2007 0

CVE-2007-2773

SQL injection vulnerability in plugins/mp3playlist/mp3playlist.php in Zomplog 3.8 and earlier allows remote attackers to execute arbitrary SQL commands via the speler parameter. (CVSS:7.5) (Last Update:2012-11-05)


May 21, 2007 0

CVE-2007-2787

Stack-based buffer overflow in the BrowseDir function in the (1) lttmb14E.ocx or (2) LTRTM14e.DLL ActiveX control in LeadTools Raster Thumbnail Object Library 14.5.0.44 allows remote attackers to execute arbitrary code via a long argument. (CVSS:7.5) (…


May 21, 2007 0

CVE-2007-2792

SQL injection vulnerability in the Yet another Newsletter Component (aka YaNC or com_yanc) component before 1.5 beta 3 for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter to index.php. NOTE: some of …


May 21, 2007 0

CVE-2007-2735

SQL injection vulnerability in edit_day.php in the ResManager 1.2.1 and earlier module for Xoops allows remote attackers to execute arbitrary SQL commands via the id_reserv parameter. (CVSS:7.5) (Last Update:2012-11-05)


May 17, 2007 0

CVE-2007-2743

PHP remote file inclusion vulnerability in custom_vars.php in GlossWord 1.8.1 allows remote attackers to execute arbitrary PHP code via a URL in the sys[path_addon] parameter. (CVSS:7.5) (Last Update:2012-11-05)


May 17, 2007 0

CVE-2007-2738

SQL injection vulnerability in glossaire-p-f.php in the Glossaire 1.7 and earlier module for Xoops allows remote attackers to execute arbitrary SQL commands via the sid parameter in an ImprDef action. (CVSS:7.5) (Last Update:2012-10-30)


May 17, 2007 0

CVE-2007-2709

PHP remote file inclusion vulnerability in functions/prepend_adm.php in NagiosQL 2005 2.00 allows remote attackers to execute arbitrary PHP code via a URL in the SETS[path][physical] parameter. (CVSS:7.5) (Last Update:2012-11-05)


May 16, 2007 0

CVE-2007-2666

Stack-based buffer overflow in LexRuby.cxx (SciLexer.dll) in Scintilla 1.73, as used by notepad++ 4.1.1 and earlier, allows user-assisted remote attackers to execute arbitrary code via certain Ruby (.rb) files with long lines. NOTE: this was originall…


May 14, 2007 0