Buffer overflow in Photofiltre Studio 8.1.1 allows user-assisted remote attackers to execute arbitrary code via a crafted .tif file. Date published : 2007-04-24 http://www.securityfocus.com/bid/23582 https://www.exploit-db.com/exploits/3772
Multiple cross-site scripting (XSS) vulnerabilities in freePBX 2.2.x allow remote attackers to inject arbitrary web script or HTML via the (1) From, (2) To, (3) Call-ID, (4) User-Agent, and unspecified other SIP protocol fields,...
PHP remote file inclusion vulnerability in admin/public/webpages.php in Eba News 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the filename parameter. Date published : 2007-04-24 http://www.securityfocus.com/archive/1/466406/100/0/threaded http://ebascripts.com/
PHP remote file inclusion vulnerability in admin/admin_album_otf.php in the MX Smartor Full Album Pack (FAP) 2.0 RC1 module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path...
eXtremail 2.1.1 and earlier does not verify the ID field (aka transaction id) in DNS responses, which makes it easier for remote attackers to conduct DNS spoofing. Date published : 2007-04-24 http://www.securityfocus.com/bid/23577 http://archives.neohapsis.com/archives/fulldisclosure/2007-04/0569.html
Stack-based buffer overflow in eXtremail 2.1.1 and earlier allows remote attackers to execute arbitrary code via a long DNS response. NOTE: this might be related to CVE-2006-6926. Date published : 2007-04-24 http://www.securityfocus.com/bid/23577 https://www.exploit-db.com/exploits/3769
Foxit Reader 2.0 allows remote attackers to cause a denial of service (application crash) via a crafted PDF document. Date published : 2007-04-24 http://www.securityfocus.com/bid/23576 https://www.exploit-db.com/exploits/3770
Multiple PHP remote file inclusion vulnerabilities in Supasite 1.23b allow remote attackers to execute arbitrary PHP code via a URL in the supa[db_path] parameter to (1) common_functions.php, (2) admin_auth_cookies.php, (3) admin_mods.php, (4) admin_news.php, (5)...
Directory traversal vulnerability in imgsrv.php in jchit counter 1.0.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the acc parameter. Date published : 2007-04-24 http://www.securityfocus.com/bid/23585 https://www.exploit-db.com/exploits/3773
SQL injection vulnerability in index.php in PHP-Ring Webring System (aka uPHP_ring_website) 0.9 allows remote attackers to execute arbitrary SQL commands via the ring parameter. Date published : 2007-04-24 http://www.securityfocus.com/bid/23586 https://www.exploit-db.com/exploits/3774
Unrestricted file upload vulnerability in forum_write.php in Maran PHP Forum allows remote attackers to upload and execute arbitrary PHP files via a trailing %00 in a filename in the page parameter. Date published :...
PHP remote file inclusion vulnerability in admin/login.php in Webinsta FM Manager 0.1.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the absolute_path parameter, a different product and vector...
Buffer overflow in Nullsoft Winamp 5.3 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted WMV file. Date published : 2007-04-24 http://www.securityfocus.com/bid/23568 http://www.securityfocus.com/archive/1/466291/100/0/threaded
Multiple unspecified vulnerabilities in IXceedCompression in XceddZipLib (RaidenFTPD.dll) in RaidenFTPD 2.4 allow remote attackers to cause a denial of service (crash) via unspecified vectors involving the (1) CalculateCrc, (2) Compress, and (3) Uncompress functions,...