[CLOSE] OSVDB ID : 78597 - Disclosed: 2011-12-29

Description:

Tencent QQPhoto Application for Android contains a flaw related that may allow a remote attacker to access and manipulate data relating to a user's password’s MD5 value, contacts and cached data.

Comments: 0, Blogs: 0, References: 20

Vulnerability Classification

[CLOSE] OSVDB ID : 78595 - Disclosed: 2011-12-29

Description:

Tencent WBlog Application for Android contains a flaw related that may allow a remote attacker to access and manipulate data relating to a user's account, message drafts or search keywords.

Comments: 0, Blogs: 0, References: 20

Vulnerability Classification

[CLOSE] OSVDB ID : 78593 - Disclosed: 2011-12-29

Description:

Tencent QQPimSecure Application for Android contains a flaw related that may allow a remote attacker to access and manipulate data relating to a user's contact list, SMS, call log or MMS.

Comments: 0, Blogs: 0, References: 20

Vulnerability Classification

[CLOSE] OSVDB ID : 78591 - Disclosed: 2011-12-14

Description:

360 KouXin Application for Android contains a flaw related that may allow a remote attacker to access and manipulate data relating to a user's SMS or contact list.

Comments: 0, Blogs: 0, References: 20

Vulnerability Classification

[CLOSE] OSVDB ID : 78588 - Disclosed: 2011-12-14

Description:

QIWI Wallet Application for Android contains a flaw related that may allow a remote attacker to access and manipulate a user's financial data.

Comments: 0, Blogs: 0, References: 20

Vulnerability Classification

[CLOSE] OSVDB ID : 65465 - Disclosed: 2010-06-06

Description:

WMS-CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'printpage.asp' script not properly sanitizing user-supplied input to the 'psPrice', 'pr' and 'sbr' parameters. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

Comments: 0, Blogs: 0, References: 9

Vulnerability Classification

[CLOSE] OSVDB ID : 76733 - Disclosed: 2011-09-28

Description:

Digital College contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the includes/tiny_mce/plugins/filemanager/classes/FileManager/FileManagerPlugin.php script not properly sanitizing user input supplied to the 'basepath' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

Comments: 0, Blogs: 0, References: 6

Vulnerability Classification

[CLOSE] OSVDB ID : 18293 - Disclosed: 2005-07-15

Description:

By default, many Belkin 54G wireless routers using a default ssid of "belkin54g" are preconfigured with a default password. The "admin" account has a null password which is publicly known and documented. This allows attackers to trivially access the program or system as the routers come preconfigured with remote telnet access enabled.

Comments: 1, Blogs: 0, References: 5

Vulnerability Classification

[CLOSE] OSVDB ID : 66441 - Disclosed: 2008-04-11

Description:

By default, Siemens SIMATIC installs with a default password. The 'WinCCConnect' and 'WinCCAdmin' accounts have a password of '2WSXcder' which is publicly known and documented. This allows attackers to trivially access the program or system.

Comments: 0, Blogs: 0, References: 26

Vulnerability Classification

[CLOSE] OSVDB ID : 62923 - Disclosed: 2010-03-14

Description:

Domain Verkaus & Auktions Portal contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script (when 'a' is set to 'd') not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

Comments: 0, Blogs: 0, References: 6

Vulnerability Classification

[CLOSE] OSVDB ID : 78057 - Disclosed: 2011-12-28

Description:

(Description Provided by CVE) : The CaseInsensitiveHashProvider.getHashCode function in the HashTable implementation in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, aka "Collisions in HashTable May Cause DoS Vulnerability."

Comments: 0, Blogs: 8, References: 16

Vulnerability Classification

[CLOSE] OSVDB ID : 78509 - Disclosed: 2012-01-17

Description:

(Description Provided by CVE) : ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Comments: 0, Blogs: 6, References: 8

Vulnerability Classification

[CLOSE] OSVDB ID : 78210 - Disclosed: 2012-01-10

Description:

Microsoft Windows contains a flaw related to the Multimedia Library. The issue is triggered when a context-dependent attacker supplies a specially crafted MIDI file. This may allow an attacker to execute arbitrary code.

Comments: 0, Blogs: 2, References: 12

Vulnerability Classification

[CLOSE] OSVDB ID : 77529 - Disclosed: 2011-12-06

Description:

A memory corruption flaw exists in Adobe Reader and Acrobat . The program fails to sanitize user-supplied input when handling U3D data, resulting in memory corruption. With a specially crafted PDF file, a context-dependent attacker can execute arbitrary code.

Comments: 0, Blogs: 14, References: 12

Vulnerability Classification