• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-255

CVE-2007-6096

February 26, 2023 by

Ingate Firewall before 4.6.0 and SIParator before 4.6.0 use cleartext storage for passwords of “administrators with less privileges,” which might allow attackers to read these passwords via unknown vectors.

CVE-2007-5988

February 26, 2023 by

blocks/shoutbox_block.php in BtiTracker 1.4.4 does not verify user accounts, which allows remote attackers to post shoutbox entries as arbitrary users via a modified nick field.

CVE-2007-5905

February 26, 2023 by

Adobe ColdFusion 8 and MX 7 allows remote attackers to hijack sessions via unspecified vectors that trigger establishment of a session to a ColdFusion application in which the (1) CFID or (2) CFTOKEN cookies have empty values, possibly due to a session fixation vulnerability.

CVE-2007-5579

February 26, 2023 by

login.php in Pligg CMS 9.5 uses a guessable confirmation code when resetting a forgotten password, which allows remote attackers with knowledge of a username to reset that user’s password by calculating the confirmationcode parameter.

CVE-2007-5063

February 26, 2023 by

Adam Scheinberg Flip 3.0 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a file containing login credentials via a direct request for var/users.txt.

CVE-2007-4960

February 26, 2023 by

Argument injection vulnerability in the Linden Lab Second Life secondlife:// protocol handler, as used in Internet Explorer and possibly Firefox, allows remote attackers to obtain sensitive information via a ‘” ‘ (double-quote space) sequence followed by the -autologin and -loginuri arguments, which cause the handler to post login credentials and software installation details to an arbitrary URL.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 12
  • Go to page 13
  • Go to page 14
  • Go to page 15
  • Go to page 16
  • Go to page 17
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE