85 matches found
CVE-2009-2907
creationtimestamp| type| source ---|---|--- 2010-03-23 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/33794...
CVE-2008-2907
CVE-2008-2907 describes a SQL injection in WebChamado 1.1 (admin/index.php) where, if magic_quotes_gpc is disabled, an attacker can inject arbitrary SQL via the eml parameter. The CVSS v2 base score is 6.8 (MEDIUM). Connected sources confirm the vulnerable component and input vector; explicit rem...
CVE-2008-2907
creationtimestamp| type| source ---|---|--- 2008-06-13 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/5798...
Design/Logic Flaw
Unspecified vulnerability in selectLanguage.do in SSL-Explorer before 0.2.15 allows remote attackers to inject 1 headers or 2 body data in an HTTP transaction, a different vulnerability than CVE-2007-2907. NOTE: some of these details are obtained from third party information...
CVE-2007-2907
SSL-Explorer before 0.2.13 contains an unspecified vulnerability allowing remote authenticated users to supply redirect URLs with embedded JavaScript or HTTP headers via an unspecified vector, likely the forwardTo parameter to redirect.do. The note indicates the impact may be cross-site scripting...