CVE-2008-0043

Format string vulnerability in Apple iPhoto before 7.1.2 allows remote attackers to execute arbitrary code via photocast subscriptions...

CVE-2008-0043

Format string vulnerability in Apple iPhoto before 7.1.2 allows remote attackers to execute arbitrary code via photocast subscriptions...

CVE-2008-0043

CVE-2008-0043 concerns Apple iPhoto prior to 7.1.2. The issue is a format string vulnerability in photocast subscriptions that could allow a remote attacker to execute arbitrary code on the affected host. The vulnerability affects iPhoto’s handling of photocast subscriptions, with the NVD listing...

Authentication flaw

The hookcomments API in Drupal 4.7.x before 4.7.8 and 5.x before 5.3 does not pass publication status, which might allow attackers to bypass access restrictions and trigger e-mail with unpublished comments from some modules, as demonstrated by 1 Organic groups and 2 Subscriptions...

CVE-2007-5597

The hookcomments API in Drupal 4.7.x before 4.7.8 and 5.x before 5.3 does not pass publication status, which might allow attackers to bypass access restrictions and trigger e-mail with unpublished comments from some modules, as demonstrated by 1 Organic groups and 2 Subscriptions...

CVE-2007-5597

The hookcomments API in Drupal 4.7.x before 4.7.8 and 5.x before 5.3 does not pass publication status, which might allow attackers to bypass access restrictions and trigger e-mail with unpublished comments from some modules, as demonstrated by 1 Organic groups and 2 Subscriptions...

SA-2007-030 - Drupal Core - API handling of unpublished comment.

The publication status of comments is not passed during the hookcomments API operation, causing various modules that rely on the publication status such as Organic groups, or Subscriptions to mail out unpublished comments. Versions affected Drupal 4.7.x before version 4.7.8 Drupal 5.x before...

CVE-2007-4914

Unspecified vulnerability in the subscriptions manager in Invision Power Board IPB or IP.Board 2.3.1 before 20070912 allows remote authenticated users to change the member ID and reduce the privilege level of arbitrary users via a crafted payment form, related to 1 classgw2checkout.php, 2...

adv83-K-159-2007.txt

ECHOADV83$2007 ----------------------------------------------------------------------------------------- ECHOADV83$2007 PhpHostBot = 1.06 svrrootscript Remote File Inclusion Vulnerability ----------------------------------------------------------------------------------------- Author : M.Hasran...

[ECHO_ADV_83$2007] PhpHostBot <= 1.06 (svr_rootscript) Remote File Inclusion Vulnerability

ECHOADV83$2007 ----------------------------------------------------------------------------------------- ECHOADV83$2007 PhpHostBot = 1.06 svrrootscript Remote File Inclusion Vulnerability ----------------------------------------------------------------------------------------- Author : M.Hasran...

PhpHostBot 1.06 - svr_rootscript Remote File Inclusion

PhpHostBot 1.06 - svrrootscript Remote File Inclusion \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV83$2007 ----------------------------------------------------------------------------------------- ECHOADV83$2007 PhpHostBot = 1.06 svrrootscript Remote...

PhpHostBot 1.06 - 'svr_rootscript' Remote File Inclusion

\ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV83$2007 ----------------------------------------------------------------------------------------- ECHOADV83$2007 PhpHostBot = 1.06 svrrootscript Remote File Inclusion Vulnerability...