| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The DownloadFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to force a download of an arbitrary file onto a client machine via a URL in the first argument and a destination filename in the second argument, a different vulnerability than CVE-2008-0952 and CVE-2008-0953. |
| CIM Server in IBM Director 5.20.1 and earlier allows remote attackers to cause a denial of service (CPU consumption, connection slot exhaustion, and daemon crash) via a large number of idle connections. |
| Multiple cross-site scripting (XSS) vulnerabilities in the Token module before 4.7.x-1.5, and 5.x before 5.x-1.9, for Drupal; as used by the ASIN Field, e-Commerce, Fullname field for CCK, Invite, Node Relativity, Pathauto, PayPal Node, and Ubercart modules; allow remote authenticated users with a post comments privilege to inject arbitrary web script or HTML via unspecified vectors related to (1) comments, (2) vocabulary names, (3) term names, and (4) usernames. |
| Cross-site scripting (XSS) vulnerability in filename.asp in ASP Site Search SearchSimon Lite 1.0 allows remote attackers to inject arbitrary web script or HTML via the QUERY parameter. |
| PHP remote file inclusion vulnerability in src/scripture.php in The Online Web Library Site (TOWels) 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the pageHeaderFile parameter. |
| Cross-site scripting (XSS) vulnerability in admin/logon.asp in ShoppingTree CandyPress Store 4.1 allows remote attackers to inject arbitrary web script or HTML via the msg parameter, a different vector than CVE-2007-2804. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
| SQL injection vulnerability in tnews.php in BBsProcesS BBPortalS 1.5.10 through 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a tnews action. |
| Speedfan.sys in Alfredo Milani Comparetti SpeedFan 4.33, when used on Microsoft Windows Vista x64, does not properly check a buffer during an IOCTL 0x9c402420 call, which allows local users to cause a denial of service (machine crash) and possibly gain privileges via unspecified vectors. |
| Buffer overflow in the Nortel UNIStim IP Softphone 2050 allows remote attackers to cause a denial of service (application abort) and possibly execute arbitrary code via a flood of invalid characters to the RTCP port (5678/udp) that triggers a Windows error message, aka "extraneous messaging." |
| Multiple PHP remote file inclusion vulnerabilities in PHP Project Management 0.8.10 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the full_path parameter to (1) certinfo/index.php, (2) emails/index.php, (3) events/index.php, (4) fax/index.php, (5) files/index.php, (6) files/list.php, (7) groupadm/index.php, (8) history/index.php, (9) info/index.php, (10) log/index.php, (11) mail/index.php, (12) messages/index.php, (13) organizations/index.php, (14) phones/index.php, (15) presence/index.php, (16) projects/index.php, (17) projects/summary.inc.php, (18) projects/list.php, (19) reports/index.php, (20) search/index.php, (21) snf/index.php, (22) syslog/index.php, (23) tasks/searchsimilar.php, (24) tasks/index.php, (25) tasks/summary.inc.php, and (26) useradm/index.php in modules; (27) /ajax/loadsplash.php; (28) /blocks/birthday.php; (29) /blocks/events.php; and (30) /blocks/help.php. |
| Multiple directory traversal vulnerabilities in PHP Project Management 0.8.10 and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the def_lang parameter to modules/files/list.php; the m_path parameter to (2) modules/projects/summary.inc.php or (3) modules/tasks/summary.inc.php; (4) the module parameter to modules/projects/list.php; or the module parameter to index.php in the (5) certinfo, (6) emails, (7) events, (8) fax, (9) files, (10) groupadm, (11) history, (12) info, (13) log, (14) mail, (15) messages, (16) organizations, (17) phones, (18) presence, (19) projects, (20) reports, (21) search, (22) snf, (23) syslog, (24) tasks, or (25) useradm subdirectory of modules/. |
| TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted requests that control loop operations related to memory. |
| Unspecified vulnerability in the Update Service ActiveX control in isusweb.dll before 6.0.100.65101 in MacroVision FLEXnet Connect and InstallShield 2008 allows remote attackers to execute arbitrary code via an unspecified "unsafe method," possibly involving a buffer overflow. |
| SQL injection vulnerability in index.php in DeeEmm.com DM CMS 0.7.0.Beta allows remote attackers to execute arbitrary SQL commands via the id parameter in the media page (build_media_content.php). NOTE: it was later reported that 0.7.4 is also affected. |
| The safe_path function in shttp before 0.0.5 allows remote attackers to conduct directory traversal attacks and read files via a combination of ".." and sub-directory specifiers that resolve to a pathname that is at or below the same level as the web document root, but in a different part of the directory tree. |
| Multiple cross-site scripting (XSS) vulnerabilities in SiteBar 3.3.8 allow remote attackers to inject arbitrary web script or HTML via (1) the lang parameter to integrator.php; (2) the token parameter in a New Password action, (3) the nid_acl parameter in a Folder Properties action, or (4) the uid parameter in a Modify User action to command.php; or (5) the target parameter to index.php, different vectors than CVE-2006-3320. |
| Eval injection vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to execute arbitrary PHP code via the edit parameter in an upd cmd action, a different vulnerability than CVE-2007-5492. |
| The Evaluate LotusScript method in IBM Lotus Domino before 7.0.3 uses an incorrect security context for @ formula commands in some circumstances, which might allow remote authenticated users to gain privileges and obtain sensitive information. |
| vobcopy 0.5.14 allows local users to append data to an arbitrary file, or create an arbitrary new file, via a symlink attack on the (1) /tmp/vobcopy.bla or (2) /tmp/vobcopy_0.5.14.log temporary file. |
| Heap-based buffer overflow in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to execute arbitrary code via crafted data in the "net socket listen" option, aka QEMU "net socket" heap overflow. NOTE: some sources have used CVE-2007-1321 to refer to this issue as part of "NE2000 network driver and the socket code," but this is the correct identifier for the individual net socket listen vulnerability. |
