CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In September 2007

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
151 CVE-2007-4959 79 XSS 2007-09-18 2017-07-29
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in catalog_products_with_images.php in osCMax 2.0.0-RC3-0-1 allows remote attackers to inject arbitrary web script or HTML via the URI. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
152 CVE-2007-4958 79 XSS 2007-09-18 2017-07-29
4.3
None Remote Medium Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in TinyWebGallery (TWG) 1.6.3.4 allow remote attackers to inject arbitrary web script or HTML via the URI for (1) index.php, (2) i_frames/i_login.php, and (3) i_frames/i_top_tags.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
153 CVE-2007-4957 22 Dir. Trav. 2007-09-18 2017-09-29
7.5
None Remote Low Not required Partial Partial Partial
Multiple directory traversal vulnerabilities in download.php in Chupix CMS 0.2.3 allow remote attackers to read or overwrite arbitrary files via a .. (dot dot) in the (1) fichier or (2) repertoire parameter, or create arbitrary directories via a .. (dot dot) in the (3) repertoire parameter.
154 CVE-2007-4956 89 Exec Code Sql 2007-09-18 2017-09-29
7.5
None Remote Low Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in KwsPHP 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the pseudo parameter to login.php, (2) the id parameter to index.php in a carnet editer action in the Member_Space (espace_membre) module, or (3) the typenav parameter to index.php in a browser aff action in the stats module.
155 CVE-2007-4955 94 Exec Code File Inclusion 2007-09-18 2017-09-29
6.8
None Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in admin.joomlaflashfun.php in the Flash Fun! (com_joomlaflashfun) 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter.
156 CVE-2007-4954 94 Exec Code File Inclusion 2007-09-18 2017-09-29
6.8
None Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in admin.joom12pic.php in the joom12Pic (com_joom12pic) 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter.
157 CVE-2007-4953 89 Exec Code Sql 2007-09-18 2017-09-29
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in index.php in SimpCMS allows remote attackers to execute arbitrary SQL commands via the keyword parameter in a search site action.
158 CVE-2007-4952 89 Exec Code Sql 2007-09-18 2017-09-29
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in article.php in OmniStar Article Manager allows remote attackers to execute arbitrary SQL commands via the page_id parameter in a favorite op action, a different vector than CVE-2006-5917.
159 CVE-2007-4951 94 Exec Code File Inclusion 2007-09-18 2008-11-15
6.8
None Remote Medium Not required Partial Partial Partial
** DISPUTED ** PHP remote file inclusion vulnerability in sample.php in YaPiG 0.95b allows remote attackers to execute arbitrary PHP code via a URL in the YAPIG_PATH parameter. NOTE: this issue has been disputed by CVE, since YAPIG_PATH is defined before use.
160 CVE-2007-4950 94 Exec Code File Inclusion 2007-09-18 2017-07-29
6.8
None Remote Medium Not required Partial Partial Partial
** DISPUTED ** PHP remote file inclusion vulnerability in form/db_form/employee.php in PHPortal 0.2.7 allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter. NOTE: this issue is disputed by CVE, since DOCUMENT_ROOT cannot be modified by an attacker.
161 CVE-2007-4949 94 Exec Code File Inclusion 2007-09-18 2008-11-15
6.8
None Remote Medium Not required Partial Partial Partial
** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in php(Reactor) 1.2.7pl1 allow remote attackers to execute arbitrary PHP code via a URL in the pathtohomedir parameter to (1) ekilat.com-int.tpl.php, (2) phpreactor.org-top.tpl.php, or (3) ekilat.com-top.tpl.php in examples/. NOTE: this issue has been disputed by CVE, since the vulnerability is present only when the product is incorrectly installed by placing examples/ under the web root.
162 CVE-2007-4948 94 Exec Code File Inclusion 2007-09-18 2008-11-15
5.1
None Remote High Not required Partial Partial Partial
Multiple PHP remote file inclusion vulnerabilities in Webmedia Explorer (webmex) 3.2.2 allow remote attackers to execute arbitrary PHP code via (1) a URL in the path_include parameter to includes/rss.class.php, (2) a URL in the path_template parameter to (a) templates/main.tpl.php or (b) templates/folder_messages_link_message_name.tpl.php, or (4) a URL in the path_templates parameter to templates/sidebar.tpl.php. NOTE: the vulnerability is present only when the administrator does not follow installation instructions about the requirement for .htaccess support. NOTE: the includes/core.lib.php vector is already covered by CVE-2006-5252.
163 CVE-2007-4947 94 Exec Code File Inclusion 2007-09-18 2008-11-15
7.5
None Remote Low Not required Partial Partial Partial
Multiple PHP remote file inclusion vulnerabilities in myphpPagetool 0.4.3 allow remote attackers to execute arbitrary PHP code via a URL in the ptinclude parameter to (1) help1.php, (2) help2.php, (3) help3.php, (4) help4.php, (5) help5.php, (6) help6.php, (7) help7.php, (7) help8.php, (8) help9.php, or (10) index.php in doc/admin/.
164 CVE-2007-4946 +Info 2007-09-18 2017-07-29
5.0
None Remote Low Not required Partial None None
LetterGrade allows remote attackers to obtain sensitive information (installation path or account existence) via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
165 CVE-2007-4945 79 XSS 2007-09-18 2017-07-29
4.3
None Remote Medium Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in LetterGrade allow remote attackers to inject arbitrary web script or HTML via (1) a student's email address, (2) the year parameter to genbrws/Student/cal_month.php3, and other unspecified vectors related to the calendar. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
166 CVE-2007-4944 +Info 2007-09-18 2008-11-15
5.0
None Remote Low Not required Partial None None
The canvas.createPattern function in Opera 9.x before 9.22 for Linux, FreeBSD, and Solaris does not clear memory before using it to process a new pattern, which allows remote attackers to obtain sensitive information (memory contents) via JavaScript.
167 CVE-2007-4943 119 Exec Code Overflow 2007-09-18 2011-03-08
9.3
None Remote Medium Not required Complete Complete Complete
Multiple buffer overflows in a certain ActiveX control in sparser.dll in Baofeng Storm 2.8 and earlier allow remote attackers to execute arbitrary code via malformed input in an unknown set of arguments or property values, a different DLL than CVE-2007-4816. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
168 CVE-2007-4942 94 Exec Code File Inclusion 2007-09-18 2011-08-22
7.5
None Remote Low Not required Partial Partial Partial
PHP remote file inclusion vulnerability in modules/Discipline/StudentFieldBreakdown.php in Focus/SIS 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the FocusPath parameter, a different vector than CVE-2007-4806. NOTE: the provenance of this information is unknown.
169 CVE-2007-4941 399 DoS 2007-09-18 2018-10-15
7.1
None Remote Medium Not required None None Complete
KMPlayer 2.9.3.1210 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a .avi file with certain large "indx truck size" and nEntriesInuse values.
170 CVE-2007-4940 189 DoS Exec Code Overflow 2007-09-18 2018-10-15
9.3
None Remote Medium Not required Complete Complete Complete
Multiple integer overflows in Media Player Classic (MPC) 6.4.9.0 and earlier, as used standalone and in mympc (aka CD-Storm) 1.0.0.1, StormPlayer 1.0.4, and possibly other products, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values.
171 CVE-2007-4939 119 DoS Exec Code Overflow 2007-09-18 2018-10-15
9.3
None Remote Medium Not required Complete Complete Complete
Heap-based buffer overflow in mplayerc.exe in Media Player Classic (MPC) 6.4.9.0 and earlier, as used standalone and in mympc (aka CD-Storm) 1.0.0.1, StormPlayer 1.0.4, and possibly other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with an "indx truck size" of 0xffffffff, and certain wLongsPerEntry and nEntriesInuse values.
172 CVE-2007-4938 119 DoS Exec Code Overflow 2007-09-18 2018-10-15
7.6
None Remote High Not required Complete Complete Complete
Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry value.
173 CVE-2007-4937 264 +Info 2007-09-18 2018-10-15
5.0
None Remote Low Not required Partial None None
CS Guestbook stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain the admin name and MD5 password hash via a direct request for base/usr/0.php.
174 CVE-2007-4936 2007-09-18 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in Office Efficiencies SafeSquid 4.1.x has unknown impact and attack vectors, related to a "serious security flaw," possibly specific to Linux.
175 CVE-2007-4935 94 Exec Code File Inclusion 2007-09-18 2011-03-08
6.8
None Remote Medium Not required Partial Partial Partial
Multiple PHP remote file inclusion vulnerabilities in phpFFL 1.24 allow remote attackers to execute arbitrary PHP code via a URL in the PHPFFL_FILE_ROOT parameter to (1) admin.php, (2) custom_pages.php, (3) draft.php, (4) faq.php, (5) leagues.php, (6) livedraft.php, (7) login.php, (8) my_team.php, (9) profile.php, (10) signup.php, (11) statistics.php, (12) transactions.php, (13) program_files/admin/custom_pages.php, or (14) program_files/common.php. NOTE: the program_files/livedraft/admin.php and program_files/livedraft/livedraft.php vectors are covered by CVE-2007-4934.
176 CVE-2007-4934 94 Exec Code File Inclusion 2007-09-18 2017-09-29
4.6
None Local Low Not required Partial Partial Partial
Multiple PHP remote file inclusion vulnerabilities in phpFFL 1.24 allow remote attackers to execute arbitrary PHP code via a URL in the PHPFFL_FILE_ROOT parameter to (1) program_files/livedraft/livedraft.php or (2) program_files/livedraft/admin.php.
177 CVE-2007-4933 94 2007-09-18 2017-09-29
7.5
None Remote Low Not required Partial Partial Partial
Direct static code injection vulnerability in includes/admin/sub/conf_appearence.php in Shop-Script FREE 2.0 and earlier allows remote attackers to inject arbitrary PHP code into cfg/appearence.inc.php via a save_appearence action in admin.php, as demonstrated with the (1) productscount, (2) colscount, and (3) darkcolor parameters.
178 CVE-2007-4932 20 2007-09-18 2017-09-29
7.5
None Remote Low Not required Partial Partial Partial
admin.php in Shop-Script FREE 2.0 and earlier sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to access the admin panel.
179 CVE-2007-4931 2007-09-18 2011-03-08
2.1
None Local Low Not required None Partial None
HP System Management Homepage (SMH) for Windows, when used in conjunction with HP Version Control Agent or Version Control Repository Manager, leaves old OpenSSL software active after an OpenSSL update, which has unknown impact and attack vectors, probably related to previous vulnerabilities for OpenSSL.
180 CVE-2007-4930 352 CSRF 2007-09-18 2018-10-15
4.3
None Remote Medium Not required None Partial None
Multiple cross-site request forgery (CSRF) vulnerabilities in the AXIS 207W camera allow remote attackers to perform certain actions as administrators via (1) axis-cgi/admin/restart.cgi, (2) the user and sgrp parameters to axis-cgi/admin/pwdgrp.cgi in an add action, or (3) the server parameter to admin/restartMessage.shtml.
181 CVE-2007-4929 79 XSS 2007-09-18 2018-10-15
4.3
None Remote Medium Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in the AXIS 207W camera allow remote attackers to inject arbitrary web script or HTML via the camNo parameter to incl/image_incl.shtml, and other unspecified vectors.
182 CVE-2007-4928 310 +Info 2007-09-18 2018-10-15
4.9
None Local Low Not required Complete None None
The AXIS 207W camera stores a WEP or WPA key in cleartext in the configuration file, which might allow local users to obtain sensitive information.
183 CVE-2007-4927 20 DoS 2007-09-18 2018-10-15
3.5
None Remote Medium ??? None None Partial
axis-cgi/buffer/command.cgi on the AXIS 207W camera allows remote authenticated users to cause a denial of service (reboot) via many requests with unique buffer names in the buffername parameter in a start action.
184 CVE-2007-4926 310 +Info 2007-09-18 2018-10-15
9.3
None Remote Medium Not required Complete Complete Complete
The AXIS 207W camera uses a base64-encoded cleartext username and password for authentication, which allows remote attackers to obtain sensitive information by sniffing the wireless network or by leveraging unspecified other vectors.
185 CVE-2007-4925 20 Exec Code 2007-09-18 2013-09-13
7.5
None Remote Low Not required Partial Partial Partial
The ewirePC_Decrypt function in ewirepcfunctions.php in eWire Payment Client (ePC) 1.60 and 1.70 allows remote attackers to execute arbitrary commands via shell metacharacters in the paymentinfo parameter to simplePHPLinux/3payment_receive.php.
186 CVE-2007-4923 94 Exec Code File Inclusion 2007-09-17 2017-09-29
6.8
None Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in admin.joomlaradiov5.php in the Joomla Radio 5 (com_joomlaradiov5) component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter.
187 CVE-2007-4922 89 Exec Code Sql 2007-09-17 2017-09-29
6.5
None Remote Low ??? Partial Partial Partial
SQL injection vulnerability in play.php in the jeuxflash 1.0 module for KwsPHP allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a play ac action to index.php. NOTE: some details are obtained from third party information.
188 CVE-2007-4921 94 Exec Code File Inclusion 2007-09-17 2017-09-29
7.5
None Remote Low Not required Partial Partial Partial
PHP remote file inclusion vulnerability in _includes/settings.inc.php in Ajax File Browser 3 Beta allows remote attackers to execute arbitrary PHP code via a URL in the approot parameter.
189 CVE-2007-4920 89 Exec Code Sql 2007-09-17 2017-09-29
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in soporte_derecha_w.php in PHP Webquest 2.5 and earlier allows remote attackers to execute arbitrary SQL commands via the id_actividad parameter.
190 CVE-2007-4919 89 Exec Code Sql 2007-09-17 2017-09-29
7.5
None Remote Low Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in JBlog 1.0 allow (1) remote attackers to execute arbitrary SQL commands via the id parameter to index.php, and allow (2) remote authenticated administrators to execute arbitrary SQL commands via the id parameter to admin/modifpost.php.
191 CVE-2007-4918 89 Exec Code Sql 2007-09-17 2018-10-15
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in classes/gelato.class.php in Gelato allows remote attackers to execute arbitrary SQL commands via the post parameter to index.php.
192 CVE-2007-4917 79 XSS 2007-09-17 2018-10-15
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in tracking.php in PHP-Stats 0.1.9.2 allows remote attackers to inject arbitrary web script or HTML via the ip parameter in an online action, a different vector than CVE-2007-4334.
193 CVE-2007-4916 119 DoS Exec Code Overflow 2007-09-17 2018-10-15
10.0
None Remote Low Not required Complete Complete Complete
Heap-based buffer overflow in the FileFind::FindFile method in (1) MFC42.dll, (2) MFC42u.dll, (3) MFC71.dll, and (4) MFC71u.dll in Microsoft Foundation Class (MFC) Library 8.0, as used by the ListFiles method in hpqutil.dll 2.0.0.138 in Hewlett-Packard (HP) All-in-One and Photo & Imaging Gallery 1.1 and probably other products, allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long first argument.
194 CVE-2007-4915 20 2007-09-17 2018-10-15
10.0
None Remote Low Not required Complete Complete Complete
The Intersil isl3893 extensions for Boa 0.93.15, as used on the FreeLan RO80211G-AP and other devices, do not prevent stack writes from entering memory locations used for string constants, which allows remote attackers to change the admin password stored in memory via a long username in an HTTP Basic Authentication request.
195 CVE-2007-4914 20 2007-09-17 2017-07-29
6.0
None Remote Medium ??? Partial Partial Partial
Unspecified vulnerability in the subscriptions manager in Invision Power Board (IPB or IP.Board) 2.3.1 before 20070912 allows remote authenticated users to change the member ID and reduce the privilege level of arbitrary users via a crafted payment form, related to (1) class_gw_2checkout.php, (2) class_gw_authorizenet.php, (3) class_gw_nochex.php, (4) class_gw_paypal.php, and (5) class_gw_safshop.php in sources/classes/paymentgateways/.
196 CVE-2007-4913 94 2007-09-17 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
ips_kernel/class_upload.php in Invision Power Board (IPB or IP.Board) 2.3.1 up to 20070912 allows remote attackers to upload arbitrary script files with crafted image filenames to uploads/, where they are saved with a .txt extension and are not executable. NOTE: there are limited usage scenarios under which this would be a vulnerability, but it is being tracked by CVE since the vendor has stated it is security-relevant.
197 CVE-2007-4912 79 XSS 2007-09-17 2017-07-29
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in ips_kernel/class_ajax.php in Invision Power Board (IPB or IP.Board) 2.3.1 up to 20070912 allows remote attackers to inject arbitrary web script or HTML into user profile fields via unspecified vectors related to character sets other than iso-8859-1 or utf-8.
198 CVE-2007-4911 20 DoS 2007-09-17 2017-09-29
5.0
None Remote Low Not required None None Partial
JSMP3OGGWt.dll in JetCast Server 2.0.0.4308 allows remote attackers to cause a denial of service (daemon crash) via a long .mp3 URI to TCP port 8000. NOTE: some of these details are obtained from third party information.
199 CVE-2007-4910 2007-09-17 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in netInvoicing before 2.7.3 has unknown impact and attack vectors, related to "security check soap".
200 CVE-2007-4909 264 2007-09-17 2018-10-15
9.3
None Remote Medium Not required Complete Complete Complete
Interpretation conflict in WinSCP before 4.0.4 allows remote attackers to perform arbitrary file transfers with a remote server via file-transfer commands in the final portion of a (1) scp, and possibly a (2) sftp or (3) ftp, URL, as demonstrated by a URL specifying login to the remote server with a username of scp, which is interpreted as an HTTP scheme name by the protocol handler in a web browser, but is interpreted as a username by WinSCP. NOTE: this is related to an incomplete fix for CVE-2006-3015.
Total number of vulnerabilities : 434   Page : 1 2 3 4 (This Page)5 6 7 8 9
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.