Admin/users.php in Snaps! Gallery 1.4.4 allows remote attackers to change arbitrary usernames and passwords via the (1) username, or the (2) password and password2 parameters in an edit action. Date published : 2007-05-16 http://www.securityfocus.com/bid/23940...
Unspecified vulnerability in akismet.php in Matt Mullenweg Akismet before 2.0.2, a WordPress plugin, has unknown impact and attack vectors. Date published : 2007-05-16 http://www.securityfocus.com/bid/23965 http://lists.grok.org.uk/pipermail/full-disclosure/2007-May/062980.html
ifdate 2.x sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to obtain administrative access via a direct request for the admin/ URI....
Unspecified vulnerability in MH Software Connect Daily before 3.3.3 has unknown impact and attack vectors. Date published : 2007-05-16 http://www.securityfocus.com/bid/23968 http://www.mhsoftware.com/changelog.html
Stack-based buffer overflow in TinyIdentD 2.2 and earlier allows remote attackers to execute arbitrary code via a long string to TCP port 113. Date published : 2007-05-16 http://www.securityfocus.com/bid/23981 https://www.exploit-db.com/exploits/3925
PHP remote file inclusion vulnerability in functions/prepend_adm.php in NagiosQL 2.00-P00 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the SETS[path][IT] parameter. NOTE: the provenance of this information is...
PHP remote file inclusion vulnerability in functions/prepend_adm.php in NagiosQL 2005 2.00 allows remote attackers to execute arbitrary PHP code via a URL in the SETS[path][physical] parameter. Date published : 2007-05-16 http://www.securityfocus.com/bid/23966 https://www.exploit-db.com/exploits/3919
PHP remote file inclusion vulnerability in newsadmin.php in Feindt Computerservice News (News-Script) 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the action parameter. Date published : 2007-05-16 http://www.securityfocus.com/bid/23970 https://www.exploit-db.com/exploits/3920
PHP remote file inclusion vulnerability in linksnet_linkslog_rss.php in Linksnet Newsfeed 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the dirpath_linksnet_newsfeed parameter. Date published : 2007-05-16 http://www.securityfocus.com/bid/23982 https://www.exploit-db.com/exploits/3923
PHP remote file inclusion vulnerability in maint/ftpmedia.php in Media Gallery 1.4.8a and earlier for Geeklog allows remote attackers to execute arbitrary PHP code via a URL in the _MG_CONF[path_html] parameter. Date published : 2007-05-16...
Multiple stack-based buffer overflows in VCDGear 3.55 allow user-assisted remote attackers to execute arbitrary code via a long (1) tag or (2) track type in a CUE file. Date published : 2007-05-16 http://www.securityfocus.com/bid/24003 http://secunia.com/secunia_research/2007-51/advisory/
The png_handle_tRNS function in pngrutil.c in libpng before 1.0.25 and 1.2.x before 1.2.17 allows remote attackers to cause a denial of service (application crash) via a grayscale PNG image with a bad tRNS chunk...
Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and earlier for Windows allows remote attackers to obtain the system path via certain URLs associated with (1) deploying web applications or (2) displaying .xtp files....
Directory traversal vulnerability in Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and earlier for Windows allows remote attackers to read certain files via a .. (dot dot) in a URI containing a "web-inf"...