Show filters
234 Total Results
Displaying 211-220 of 234
Sort by:
Attacker Value
Unknown

CVE-2007-6487

Disclosure Date: December 20, 2007 (last updated October 04, 2023)
Unspecified vulnerability in Plain Black WebGUI 7.4.0 through 7.4.17 allows remote authenticated users with Secondary Admin privileges to create Admin accounts, a different vulnerability than CVE-2006-0680.
0
0
Attacker Value
Unknown

CVE-2007-5207

Disclosure Date: October 04, 2007 (last updated October 04, 2023)
guilt 0.27 allows local users to overwrite arbitrary files via a symlink attack on a guilt.log.[PID] temporary file.
0
0
Attacker Value
Unknown

CVE-2007-2956

Disclosure Date: August 13, 2007 (last updated October 04, 2023)
Stack-based buffer overflow in the readRadianceHeader function in (1) src/fileformat/rgbeio.cpp in pfstools 1.6.2 and (2) src/Fileformat/rgbeio.cpp in Qtpfsgui 1.8.11 allows remote attackers to execute arbitrary code via a crafted Radiance RGBE (.hdr) file.
0
0
Attacker Value
Unknown

CVE-2007-2746

Disclosure Date: May 17, 2007 (last updated October 04, 2023)
The viewList function in lib/WebGUI/Asset/Wobject/DataForm.pm in Plain Black WebGUI before 7.3.14 does not properly use data structures containing privilege information, which allows remote authenticated users to obtain sensitive information or possibly have other unspecified impact.
0
0
Attacker Value
Unknown

CVE-2007-2542

Disclosure Date: May 09, 2007 (last updated October 04, 2023)
PHP remote file inclusion vulnerability in header.php in workbench survival guide 0.11 allows remote attackers to execute arbitrary PHP code via a URL in the path parameter.
0
0
Attacker Value
Unknown

CVE-2007-0629

Disclosure Date: January 31, 2007 (last updated October 04, 2023)
The www_purgeList method in Plain Black WebGUI before 7.3.8 does not properly check user permissions, which allows attackers to delete unauthorized assets. NOTE: some of these details are obtained from third party information.
0
0
Attacker Value
Unknown

CVE-2007-0407

Disclosure Date: January 23, 2007 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in Operation/User.pm in Plain Black WebGUI before 7.3.5 (beta) allows remote attackers to inject arbitrary web script or HTML via the username parameter during anonymous registration, a different vector than CVE-2007-0308. NOTE: it is possible that a separate "WikiPage titles" issue was also fixed.
0
0
Attacker Value
Unknown

CVE-2007-0308

Disclosure Date: January 18, 2007 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in Plain Black WebGUI before 7.3.4 (beta) allows remote attackers to inject arbitrary web script or HTML via Wiki Page titles.
0
0
Attacker Value
Unknown

CVE-2006-5133

Disclosure Date: October 03, 2006 (last updated October 04, 2023)
Buffer overflow in GuildFTPd 0.999.13 allows remote attackers to have an unknown impact, possibly code execution related to input containing "globbing chars."
0
0
Attacker Value
Unknown

CVE-2006-0680

Disclosure Date: February 15, 2006 (last updated February 22, 2025)
Unspecified vulnerability in WebGUI before 6.8.6-gamma allows remote attackers to create an account, when anonymous registration is disabled, via a certain URL.
0
0
View More Topics  < Previous  Next >