NVD-CWE-Other

The InternalUnpackBits function in Apple QuickDraw, as used by Quicktime 7.1.3 and other applications on Mac OS X 10.4.8 and earlier, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PICT file that triggers memory corruption in the _GetSrcBits32ARGB function. NOTE: this issue might overlap CVE-2007-0462.

SQL injection vulnerability in Forum Livre 1.0 allows remote attackers to execute arbitrary SQL commands via the user parameter to info_user.asp.

Cross-site scripting (XSS) vulnerability in busca2.asp in Forum Livre 1.0 remote attackers to inject arbitrary web script or HTML via the palavra parameter.

PHP remote file inclusion vulnerability in configure.php in Vu Le An Virtual Path (VirtualPath) 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.

Cross-site scripting (XSS) vulnerability in EzDatabase 2.1.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to admin/login.php and the Admin Panel Database.

Siteman 1.1.11 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing password hashes via a direct request for data/members.txt.