Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    6 vulnerabilities by scottmanktelow

    CVE-2007-5432 (GCVE-0-2007-5432)

    Vulnerability from nvd – Published: 2007-10-12 23:00 – Updated: 2024-08-07 15:31
    VLAI
    Summary
    Stride 1.0 has a default administrator username of "scott" with the password "running", which allows remote attackers to obtain administrative access through login.php.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/482006/100… mailing-listx_refsource_BUGTRAQ
    http://securityreason.com/securityalert/3216 third-party-advisoryx_refsource_SREASON
    http://securityvulns.ru/Sdocument4.html x_refsource_MISC
    http://osvdb.org/43485 vdb-entryx_refsource_OSVDB
    Date Public
    2007-10-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:31:58.619Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20071010 Vulnerabilities digest",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/482006/100/0/threaded"
              },
              {
                "name": "3216",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/3216"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://securityvulns.ru/Sdocument4.html"
              },
              {
                "name": "43485",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/43485"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-10-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stride 1.0 has a default administrator username of \"scott\" with the password \"running\", which allows remote attackers to obtain administrative access through login.php."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20071010 Vulnerabilities digest",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/482006/100/0/threaded"
            },
            {
              "name": "3216",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/3216"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://securityvulns.ru/Sdocument4.html"
            },
            {
              "name": "43485",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/43485"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-5432",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stride 1.0 has a default administrator username of \"scott\" with the password \"running\", which allows remote attackers to obtain administrative access through login.php."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20071010 Vulnerabilities digest",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/482006/100/0/threaded"
                },
                {
                  "name": "3216",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/3216"
                },
                {
                  "name": "http://securityvulns.ru/Sdocument4.html",
                  "refsource": "MISC",
                  "url": "http://securityvulns.ru/Sdocument4.html"
                },
                {
                  "name": "43485",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/43485"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-5432",
        "datePublished": "2007-10-12T23:00:00.000Z",
        "dateReserved": "2007-10-12T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:31:58.619Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-5430 (GCVE-0-2007-5430)

    Vulnerability from nvd – Published: 2007-10-12 23:00 – Updated: 2024-08-07 15:31
    VLAI
    Summary
    Multiple SQL injection vulnerabilities in Stride 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the p parameter to main.php in the Content Management System, (2) the id parameter in a sto cmd action to shop.php in the Merchant subsystem, or the (3) course or (4) provider parameter to detail.php in the Courses subsystem.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/26036 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/482006/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/26046 vdb-entryx_refsource_BID
    http://securityreason.com/securityalert/3216 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/bid/26041 vdb-entryx_refsource_BID
    http://osvdb.org/43494 vdb-entryx_refsource_OSVDB
    http://securityvulns.ru/Sdocument4.html x_refsource_MISC
    http://osvdb.org/43491 vdb-entryx_refsource_OSVDB
    http://osvdb.org/43492 vdb-entryx_refsource_OSVDB
    Date Public
    2007-10-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:31:58.488Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "26036",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/26036"
              },
              {
                "name": "20071010 Vulnerabilities digest",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/482006/100/0/threaded"
              },
              {
                "name": "26046",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/26046"
              },
              {
                "name": "3216",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/3216"
              },
              {
                "name": "26041",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/26041"
              },
              {
                "name": "43494",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/43494"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://securityvulns.ru/Sdocument4.html"
              },
              {
                "name": "43491",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/43491"
              },
              {
                "name": "43492",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/43492"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-10-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple SQL injection vulnerabilities in Stride 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the p parameter to main.php in the Content Management System, (2) the id parameter in a sto cmd action to shop.php in the Merchant subsystem, or the (3) course or (4) provider parameter to detail.php in the Courses subsystem."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "26036",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/26036"
            },
            {
              "name": "20071010 Vulnerabilities digest",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/482006/100/0/threaded"
            },
            {
              "name": "26046",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/26046"
            },
            {
              "name": "3216",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/3216"
            },
            {
              "name": "26041",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/26041"
            },
            {
              "name": "43494",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/43494"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://securityvulns.ru/Sdocument4.html"
            },
            {
              "name": "43491",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/43491"
            },
            {
              "name": "43492",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/43492"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-5430",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple SQL injection vulnerabilities in Stride 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the p parameter to main.php in the Content Management System, (2) the id parameter in a sto cmd action to shop.php in the Merchant subsystem, or the (3) course or (4) provider parameter to detail.php in the Courses subsystem."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "26036",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/26036"
                },
                {
                  "name": "20071010 Vulnerabilities digest",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/482006/100/0/threaded"
                },
                {
                  "name": "26046",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/26046"
                },
                {
                  "name": "3216",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/3216"
                },
                {
                  "name": "26041",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/26041"
                },
                {
                  "name": "43494",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/43494"
                },
                {
                  "name": "http://securityvulns.ru/Sdocument4.html",
                  "refsource": "MISC",
                  "url": "http://securityvulns.ru/Sdocument4.html"
                },
                {
                  "name": "43491",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/43491"
                },
                {
                  "name": "43492",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/43492"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-5430",
        "datePublished": "2007-10-12T23:00:00.000Z",
        "dateReserved": "2007-10-12T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:31:58.488Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-5431 (GCVE-0-2007-5431)

    Vulnerability from nvd – Published: 2007-10-12 23:00 – Updated: 2024-08-07 15:31
    VLAI
    Summary
    include/imageupload.js in the MyFTPUploader module in Stride 1.0 contains sensitive information including FTP login credentials, which might allow remote attackers to gain unauthorized access to the FTP server being used by the module by viewing the source code.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/482006/100… mailing-listx_refsource_BUGTRAQ
    http://securityreason.com/securityalert/3216 third-party-advisoryx_refsource_SREASON
    http://osvdb.org/45487 vdb-entryx_refsource_OSVDB
    http://securityvulns.ru/Sdocument4.html x_refsource_MISC
    Date Public
    2007-10-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:31:58.820Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20071010 Vulnerabilities digest",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/482006/100/0/threaded"
              },
              {
                "name": "3216",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/3216"
              },
              {
                "name": "45487",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/45487"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://securityvulns.ru/Sdocument4.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-10-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "include/imageupload.js in the MyFTPUploader module in Stride 1.0 contains sensitive information including FTP login credentials, which might allow remote attackers to gain unauthorized access to the FTP server being used by the module by viewing the source code."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20071010 Vulnerabilities digest",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/482006/100/0/threaded"
            },
            {
              "name": "3216",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/3216"
            },
            {
              "name": "45487",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/45487"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://securityvulns.ru/Sdocument4.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-5431",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "include/imageupload.js in the MyFTPUploader module in Stride 1.0 contains sensitive information including FTP login credentials, which might allow remote attackers to gain unauthorized access to the FTP server being used by the module by viewing the source code."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20071010 Vulnerabilities digest",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/482006/100/0/threaded"
                },
                {
                  "name": "3216",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/3216"
                },
                {
                  "name": "45487",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/45487"
                },
                {
                  "name": "http://securityvulns.ru/Sdocument4.html",
                  "refsource": "MISC",
                  "url": "http://securityvulns.ru/Sdocument4.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-5431",
        "datePublished": "2007-10-12T23:00:00.000Z",
        "dateReserved": "2007-10-12T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:31:58.820Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-5432 (GCVE-0-2007-5432)

    Vulnerability from cvelistv5 – Published: 2007-10-12 23:00 – Updated: 2024-08-07 15:31
    VLAI
    Summary
    Stride 1.0 has a default administrator username of "scott" with the password "running", which allows remote attackers to obtain administrative access through login.php.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/482006/100… mailing-listx_refsource_BUGTRAQ
    http://securityreason.com/securityalert/3216 third-party-advisoryx_refsource_SREASON
    http://securityvulns.ru/Sdocument4.html x_refsource_MISC
    http://osvdb.org/43485 vdb-entryx_refsource_OSVDB
    Date Public
    2007-10-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:31:58.619Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20071010 Vulnerabilities digest",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/482006/100/0/threaded"
              },
              {
                "name": "3216",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/3216"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://securityvulns.ru/Sdocument4.html"
              },
              {
                "name": "43485",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/43485"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-10-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stride 1.0 has a default administrator username of \"scott\" with the password \"running\", which allows remote attackers to obtain administrative access through login.php."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20071010 Vulnerabilities digest",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/482006/100/0/threaded"
            },
            {
              "name": "3216",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/3216"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://securityvulns.ru/Sdocument4.html"
            },
            {
              "name": "43485",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/43485"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-5432",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stride 1.0 has a default administrator username of \"scott\" with the password \"running\", which allows remote attackers to obtain administrative access through login.php."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20071010 Vulnerabilities digest",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/482006/100/0/threaded"
                },
                {
                  "name": "3216",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/3216"
                },
                {
                  "name": "http://securityvulns.ru/Sdocument4.html",
                  "refsource": "MISC",
                  "url": "http://securityvulns.ru/Sdocument4.html"
                },
                {
                  "name": "43485",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/43485"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-5432",
        "datePublished": "2007-10-12T23:00:00.000Z",
        "dateReserved": "2007-10-12T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:31:58.619Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-5430 (GCVE-0-2007-5430)

    Vulnerability from cvelistv5 – Published: 2007-10-12 23:00 – Updated: 2024-08-07 15:31
    VLAI
    Summary
    Multiple SQL injection vulnerabilities in Stride 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the p parameter to main.php in the Content Management System, (2) the id parameter in a sto cmd action to shop.php in the Merchant subsystem, or the (3) course or (4) provider parameter to detail.php in the Courses subsystem.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/26036 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/482006/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/26046 vdb-entryx_refsource_BID
    http://securityreason.com/securityalert/3216 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/bid/26041 vdb-entryx_refsource_BID
    http://osvdb.org/43494 vdb-entryx_refsource_OSVDB
    http://securityvulns.ru/Sdocument4.html x_refsource_MISC
    http://osvdb.org/43491 vdb-entryx_refsource_OSVDB
    http://osvdb.org/43492 vdb-entryx_refsource_OSVDB
    Date Public
    2007-10-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:31:58.488Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "26036",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/26036"
              },
              {
                "name": "20071010 Vulnerabilities digest",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/482006/100/0/threaded"
              },
              {
                "name": "26046",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/26046"
              },
              {
                "name": "3216",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/3216"
              },
              {
                "name": "26041",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/26041"
              },
              {
                "name": "43494",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/43494"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://securityvulns.ru/Sdocument4.html"
              },
              {
                "name": "43491",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/43491"
              },
              {
                "name": "43492",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/43492"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-10-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple SQL injection vulnerabilities in Stride 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the p parameter to main.php in the Content Management System, (2) the id parameter in a sto cmd action to shop.php in the Merchant subsystem, or the (3) course or (4) provider parameter to detail.php in the Courses subsystem."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "26036",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/26036"
            },
            {
              "name": "20071010 Vulnerabilities digest",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/482006/100/0/threaded"
            },
            {
              "name": "26046",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/26046"
            },
            {
              "name": "3216",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/3216"
            },
            {
              "name": "26041",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/26041"
            },
            {
              "name": "43494",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/43494"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://securityvulns.ru/Sdocument4.html"
            },
            {
              "name": "43491",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/43491"
            },
            {
              "name": "43492",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/43492"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-5430",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple SQL injection vulnerabilities in Stride 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the p parameter to main.php in the Content Management System, (2) the id parameter in a sto cmd action to shop.php in the Merchant subsystem, or the (3) course or (4) provider parameter to detail.php in the Courses subsystem."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "26036",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/26036"
                },
                {
                  "name": "20071010 Vulnerabilities digest",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/482006/100/0/threaded"
                },
                {
                  "name": "26046",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/26046"
                },
                {
                  "name": "3216",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/3216"
                },
                {
                  "name": "26041",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/26041"
                },
                {
                  "name": "43494",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/43494"
                },
                {
                  "name": "http://securityvulns.ru/Sdocument4.html",
                  "refsource": "MISC",
                  "url": "http://securityvulns.ru/Sdocument4.html"
                },
                {
                  "name": "43491",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/43491"
                },
                {
                  "name": "43492",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/43492"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-5430",
        "datePublished": "2007-10-12T23:00:00.000Z",
        "dateReserved": "2007-10-12T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:31:58.488Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-5431 (GCVE-0-2007-5431)

    Vulnerability from cvelistv5 – Published: 2007-10-12 23:00 – Updated: 2024-08-07 15:31
    VLAI
    Summary
    include/imageupload.js in the MyFTPUploader module in Stride 1.0 contains sensitive information including FTP login credentials, which might allow remote attackers to gain unauthorized access to the FTP server being used by the module by viewing the source code.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/482006/100… mailing-listx_refsource_BUGTRAQ
    http://securityreason.com/securityalert/3216 third-party-advisoryx_refsource_SREASON
    http://osvdb.org/45487 vdb-entryx_refsource_OSVDB
    http://securityvulns.ru/Sdocument4.html x_refsource_MISC
    Date Public
    2007-10-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:31:58.820Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20071010 Vulnerabilities digest",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/482006/100/0/threaded"
              },
              {
                "name": "3216",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/3216"
              },
              {
                "name": "45487",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/45487"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://securityvulns.ru/Sdocument4.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-10-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "include/imageupload.js in the MyFTPUploader module in Stride 1.0 contains sensitive information including FTP login credentials, which might allow remote attackers to gain unauthorized access to the FTP server being used by the module by viewing the source code."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20071010 Vulnerabilities digest",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/482006/100/0/threaded"
            },
            {
              "name": "3216",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/3216"
            },
            {
              "name": "45487",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/45487"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://securityvulns.ru/Sdocument4.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-5431",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "include/imageupload.js in the MyFTPUploader module in Stride 1.0 contains sensitive information including FTP login credentials, which might allow remote attackers to gain unauthorized access to the FTP server being used by the module by viewing the source code."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20071010 Vulnerabilities digest",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/482006/100/0/threaded"
                },
                {
                  "name": "3216",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/3216"
                },
                {
                  "name": "45487",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/45487"
                },
                {
                  "name": "http://securityvulns.ru/Sdocument4.html",
                  "refsource": "MISC",
                  "url": "http://securityvulns.ru/Sdocument4.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-5431",
        "datePublished": "2007-10-12T23:00:00.000Z",
        "dateReserved": "2007-10-12T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:31:58.820Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }