• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-200

CVE-2007-5431

February 26, 2023 by

include/imageupload.js in the MyFTPUploader module in Stride 1.0 contains sensitive information including FTP login credentials, which might allow remote attackers to gain unauthorized access to the FTP server being used by the module by viewing the source code.

CVE-2007-5432

February 26, 2023 by

Stride 1.0 has a default administrator username of “scott” with the password “running”, which allows remote attackers to obtain administrative access through login.php.

CVE-2007-5379

February 26, 2023 by

Rails before 1.2.4, as used for Ruby on Rails, allows remote attackers and ActiveResource servers to determine the existence of arbitrary files and read arbitrary XML files via the Hash.from_xml (Hash#from_xml) method, which uses XmlSimple (XML::Simple) unsafely, as demonstrated by reading passwords from the Pidgin (Gaim) .purple/accounts.xml file.

CVE-2007-5404

February 26, 2023 by

Layton HelpBox 3.7.1 generates different responses depending on whether or not a username is valid in a failed login attempt, which allows remote attackers to enumerate valid usernames.

CVE-2007-5333

February 26, 2023 by

Apache Tomcat 6.0.0 through 6.0.14, 5.5.0 through 5.5.25, and 4.1.0 through 4.1.36 does not properly handle (1) double quote (“) characters or (2) %5C (encoded backslash) sequences in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks. NOTE: this issue exists because of an incomplete fix for CVE-2007-3385.

CVE-2007-5335

February 26, 2023 by

Mozilla Firefox 2.0 before 2.0.0.8 allows remote attackers to obtain sensitive system information by using the addMicrosummaryGenerator sidebar method to access file: URIs.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 42
  • Go to page 43
  • Go to page 44
  • Go to page 45
  • Go to page 46
  • Interim pages omitted …
  • Go to page 348
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE