[CLOSE] OSVDB ID : 42745 - Disclosed: 2008-01-08

Description:

(Description Provided by CVE) : Unrestricted file upload vulnerability in uploadrequest.asp in Layton HelpBox 3.7.1 allows remote authenticated users to upload and execute arbitrary ASP files, related to not properly checking file extensions.

[CLOSE] OSVDB ID : 42751 - Disclosed: 2008-01-08

Description:

(Description Provided by CVE) : Multiple SQL injection vulnerabilities in Layton HelpBox 3.7.1 allow (1) remote attackers to execute arbitrary SQL commands via the sys_request_id parameter to editrequestenduser.asp; and allow remote authenticated users to execute arbitrary SQL commands via (2) the oldpassword parameter to writepwdenduser.asp, and the sys_request_id parameter to (3) changerequeststatus.asp, (4) editrequestuser.asp, (5) requestcommentsuser.asp, and (6) useractions.asp, different vectors than CVE-2004-2551.

[CLOSE] OSVDB ID : 42757 - Disclosed: 2008-01-08

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in Layton HelpBox 3.7.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) Forename, (2) Surname, (3) Telephone, and (4) Fax fields to writeenduserenduser.asp; the (5) Filter field to statsrequestypereport.asp; and the (6) sys_request_id parameter to requestattach.asp; and allow remote authenticated users to inject arbitrary web script or HTML via the (7) Asset, (8) Location, and (9) Problem fields to editrequestenduser.asp; the (10) Asset, (11) Asset Location, (12) Problem Desc, and (13) Solution Desc fields to editrequestuser.asp; and the (14) End User and (15) Description fields to usersearchrequests.asp. NOTE: vectors 5 and 6 do not require authentication to exploit.

[CLOSE] OSVDB ID : 86740 - Disclosed: 2012-10-26

Description:

Layton HelpBox contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the validateenduserlogin.asp script not properly sanitizing user-supplied input to the 'sys_userpwd' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 86736 - Disclosed: 2012-10-26

Description:

Layton HelpBox contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the validateuserlogin.asp script not properly sanitizing user-supplied input to the 'sys_userpwd' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 42752 - Disclosed: 2008-01-08

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in Layton HelpBox 3.7.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) Forename, (2) Surname, (3) Telephone, and (4) Fax fields to writeenduserenduser.asp; the (5) Filter field to statsrequestypereport.asp; and the (6) sys_request_id parameter to requestattach.asp; and allow remote authenticated users to inject arbitrary web script or HTML via the (7) Asset, (8) Location, and (9) Problem fields to editrequestenduser.asp; the (10) Asset, (11) Asset Location, (12) Problem Desc, and (13) Solution Desc fields to editrequestuser.asp; and the (14) End User and (15) Description fields to usersearchrequests.asp. NOTE: vectors 5 and 6 do not require authentication to exploit.

[CLOSE] OSVDB ID : 42747 - Disclosed: 2008-01-08

Description:

(Description Provided by CVE) : Multiple SQL injection vulnerabilities in Layton HelpBox 3.7.1 allow (1) remote attackers to execute arbitrary SQL commands via the sys_request_id parameter to editrequestenduser.asp; and allow remote authenticated users to execute arbitrary SQL commands via (2) the oldpassword parameter to writepwdenduser.asp, and the sys_request_id parameter to (3) changerequeststatus.asp, (4) editrequestuser.asp, (5) requestcommentsuser.asp, and (6) useractions.asp, different vectors than CVE-2004-2551.

[CLOSE] OSVDB ID : 86750 - Disclosed: 2012-10-26

Description:

Layton HelpBox contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'sys_solution_id', 'sys_requesttype_id', 'sys_problem_desc', 'sys_solution_desc', 'sys_problemsummary', 'usr_Action_testing', 'usr_Escalation', and 'usr_Additional_Resources' parameters upon submission to the writesolutionuser.asp script. This may allow a user to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 49681 - Disclosed: 2008-08-24

Description:

(Description Provided by CVE) : create_lazarus_export_tgz.sh in lazarus 0.9.24 allows local users to overwrite or delete arbitrary files via a symlink attack on a (1) /tmp/lazarus.tgz temporary file or a (2) /tmp/lazarus temporary directory.

[CLOSE] OSVDB ID : 27089 - Disclosed: 2006-07-12

Description:

Lazarus Guestbook contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'show' variable upon submission to the codes-english.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 27090 - Disclosed: 2006-07-12

Description:

Lazarus Guestbook contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'img' variable upon submission to the picture.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 34474 - Disclosed: 2007-03-07

Description:

(Description Provided by CVE) : PHP remote file inclusion vulnerability in template.class.php in Carbonize Lazarus Guestbook before 1.7.3 allows remote attackers to execute arbitrary PHP code via a URL in the include_path parameter to admin.php, probably due to a dynamic variable evaluation vulnerability.

[CLOSE] OSVDB ID : 77493 - Disclosed: 2011-12-04

Description:

Lazyest Backup Plugin for WordPress contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'xml_or_all' parameter upon submission to the lazyest-backup.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 71058 - Disclosed: 2011-03-10

Description:

Lazyest Gallery Plugin for WordPress contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker generates an error in the /wp-content/plugins/lazyest-gallery/lazyest-img.php script, which discloses the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.

[CLOSE] OSVDB ID : 71057 - Disclosed: 2011-03-10

Description:

Lazyest Gallery Plugin for WordPress contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'image' parameter upon submission to the wp-content/plugins/lazyest-gallery/lazyest-popup.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 83017 - Disclosed: 2012-06-17

Description:

LB Mixed Slideshow Plugin for WordPress contains a flaw that allows a remote user to execute arbitrary PHP code. This flaw exists because the wp-content/plugins/lb-mixed-slideshow/libs/uploadify/upload.php script does not properly verify or sanitize user-uploaded files. By uploading a .php file, the remote system will place the file in a user-accessible path. Making a direct request to the uploaded file will allow the user to execute the script.

[CLOSE] OSVDB ID : 7753 - Disclosed: 2001-10-30

Description:

(Description Provided by CVE) : Directory traversal vulnerability in Search.cgi in Leoboard LB5000 LB5000II 1029 and earlier allows remote attackers to overwrite files and gain privileges via .. (dot dot) sequences in the amembernamecookie cookie.

[CLOSE] OSVDB ID : 8181 - Disclosed: 2004-07-22

Description:

LBE Web HelpDesk contains a flaw that will allow an attacker to inject arbitrary SQL code. The problem is that the 'id' parameter within jobedit.asp is not verified properly and will allow an attacker to inject or manipulate SQL queries.

[CLOSE] OSVDB ID : 33367 - Disclosed: 2007-01-02

Description:

(Description Provided by CVE) : lblog stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for a certain file in admin/db/newFolder/.

[CLOSE] OSVDB ID : 28036 - Disclosed: 2006-08-20

Description:

LBlog contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'comments.asp' script not properly sanitizing user-supplied input to the 'id' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 1584 - Disclosed: 2000-09-28

Description:

(Description Provided by CVE) : Heap overflow in savestr function in LBNL traceroute 1.4a5 and earlier allows a local user to execute arbitrary commands via the -g option.

[CLOSE] OSVDB ID : 4025 - Disclosed: 2004-02-23

Description:

LBreakout contains a flaw that may allow a malicious user to escalate their privileges on a vulnerable system. The issue is triggered by a boundary error in the handling of the HOME environment variables. It is possible that the flaw may allow a buffer overflow and potentially execute code with group "games" privileges resulting in a loss of confidentiality, integrity, and/or availability.

[CLOSE] OSVDB ID : 16569 - Disclosed: 2002-11-24

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 16570 - Disclosed: 2004-02-22

Description:

A local overflow exists in LBreakout2. This issue exist because of a boundary error in the handling of certain environment variables resulting in a buffer overflow. With a specially crafted request, a malicious user can cause cause a buffer overflow and potentially execute code with group "games" privileges resulting in a loss of integrity or availability.

[CLOSE] OSVDB ID : 91547 - Disclosed: 2011-01-05

Description:

LBreakout2 has been reported to contain a buffer overflow in the lbreakout2 binary. The original report states that when processing the HOME environment variable, the software may crash. Since the game is distributed with SGID privileges on Debian, this is a concern. However, subsequent examination indicates that in main.c, the GID is immediately dropped after opening the high-score file, making privilege escalation not possible.

[CLOSE] OSVDB ID : 91540 - Disclosed: 2004-02-22

Description:

LBreakout2 contains an overflow condition in the lbreakout2 binary that is triggered as user-supplied input is not properly validated when handling -D and -a command line arguments. This may allow a local attacker to cause an overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.

[CLOSE] OSVDB ID : 91541 - Disclosed: 2005-02-14

Description:

LBreakout2 contains multiple unspecified overflow conditions in the lbreakout2 binary that are triggered during the handling of user-supplied input. This may allow an attacker to cause an overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.

[CLOSE] OSVDB ID : 91538 - Disclosed: 2002-11-24

Description:

LBreakout2 contains an unspecified overflow condition in the lbreakout2 binary that is triggered as user-supplied input is not properly validated. This may allow an attacker to cause an overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.

[CLOSE] OSVDB ID : 2217 - Disclosed: 2003-06-24

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 83811 - Disclosed: 2012-07-12

Description:

Lc Flickr Carousel contains a flaw that allows a remote attacker to traverse outside of a restricted path. The issue is due to the scripts/getImage.php script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied via the 'file' parameter. This directory traversal attack would allow the attacker to gain access to arbitrary files.