PHP remote file inclusion vulnerability in include/blocks/week_events.php in MyNews 4.2.2 allows remote attackers to execute arbitrary PHP code via a URL in the myNewsConf[path][sys][index] parameter, a different vector than CVE-2007-0633.
NVD-CWE-Other
CVE-2007-2015
PHP remote file inclusion vulnerability in index.php in Request It 1.0b allows remote attackers to execute arbitrary PHP code via a URL in the id parameter.
CVE-2007-2016
Cross-site scripting (XSS) vulnerability in mysql/phpinfo.php in phpMyAdmin 2.6.1 allows remote attackers to inject arbitrary web script or HTML via the lang[] parameter.
CVE-2007-2017
siteadmin/useredit.php in AlstraSoft Video Share Enterprise does not check authentication, which allows remote attackers to obtain or modify user information via a direct request.
CVE-2007-1943
Integer overflow in ACDSee Photo Manager 9.0 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via large width image sizes in a crafted BMP image, as demonstrated by w3intof.bmp and w4intof.bmp.
CVE-2007-1946
Integer overflow in Windows Explorer in Microsoft Windows XP SP1 might allow user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large width dimension in a crafted BMP image, as demonstrated by w4intof.bmp.