| OSVDB ID | Disclosure Date | Title |
|---|
|
25693
Description:
BitZipper contains a flaw that allows a remote attacker to have files extracted to arbitrary locations outside the specified directory. The issue is due to the BitZipper not properly sanitizing input, specifically directory traversal style attacks (../../) when extracting files compressed with RAR (.rar), TAR (.tar), ZIP (.zip), GZ (.gz), or JAR(.jar).
|
2006-05-22
|
BitZipper Multiple Archive Traversal Arbitrary File Write
|
|
25492
Description:
AliPAGER contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the inc/elementz.php script not properly sanitizing user-supplied input to the 'ubild' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2006-05-11
|
AliPAGER inc/elementz.php ubild Parameter SQL Injection
|
|
25493
Description:
AliPAGER contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'ubild' variable upon submission to the inc/elementz.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2006-05-11
|
AliPAGER inc/elementz.php ubild Parameter XSS
|
|
25440
Description:
evoTopsites contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.php script not properly sanitizing user-supplied input to the "cat_id" and "id" variables. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2006-05-08
|
evoTopsites index.php Multiple Parameter SQL Injection
|
|
23774
Description:
Nodez contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the index.php script not properly sanitizing user input supplied to the 'op' variable. This may allow an attacker to include a file from the local system via traversal type calls (../../) that contains arbitrary commands which will be executed by the vulnerable script. A remote attacker can inject custom PHP commands by including them in the Email field during new account registration.
|
2006-03-09
|
Nodez index.php op Parameter Traversal Local File Inclusion
|
|
23775
Description:
Nodez contains a flaw that may lead to an unauthorized information exposure. It is possible to retrieve the user names and hashed passwords by directly requesting the 'list.gtdat' file, which may lead to a loss of confidentiality.
|
2006-03-09
|
Nodez list.gtdat User Database Remote Disclosure
|
|
23776
Description:
Nodez contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'op' variable upon submission to the 'index.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2006-03-09
|
Nodez index.php op Parameter XSS
|
|
23463
Description:
StuffIt Standard, StuddIt Deluxe, ZipMagic Deluxe, and StuffIt Expandercontain a flaw that allows a remote attacker to overwrite files outside of the target path. The issue is due to the programs not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via a manipulated ZIP or TAR archive
|
2006-02-24
|
StuffIt / ZipMagic Archive Traversal Arbitrary File Overwrite
|
|
23481
Description:
PEAR Archive_Tar contains a flaw that may allow a malicious user to overwrite arbitrary files. The issue is triggered when a PHP script unarchives a crafted tar file. It is possible that the flaw may allow the overwriting of any file for which the web process has write permission, resulting in a loss of integrity.
|
2006-02-24
|
PEAR Archive_Tar Traversal Arbitrary File Overwrite
|
|
23020
Description:
FarsiNews contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker sets the 'archive' variable to an invalid value, which will disclose the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.
|
2006-02-10
|
FarsiNews index.php Malformed archive Variable Path Disclosure
|
|
23021
Description:
FarsiNews contains a flaw that allows a remote attacker to view files outside of the web path. The issue is due to the index.php not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the 'archive' variable. This may lead to an unauthorized password exposure. It is possible to gain access to plain text passwords, which may lead to a loss of confidentiality.
|
2006-02-10
|
FarsiNews index.php archive Parameter Traversal Arbitrary File Access
|
|
23022
Description:
FarsiNews contains a flaw that allows a remote attacker to view files outside of the web path. The issue is due to the show_archives.php not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the 'template' variable. This may lead to an unauthorized password exposure. It is possible to gain access to plain text passwords, which may lead to a loss of confidentiality.
|
2006-02-10
|
FarsiNews show_archives.php template Parameter Traversal Arbitrary File Access
|
|
22926
Description:
PluggedOut Blog contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the exec.php script not properly sanitizing user-supplied input to the 'entryid' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2006-02-04
|
PluggedOut Blog exec.php entryid Parameter SQL Injection
|
|
22927
Description:
PluggedOut Blog contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'data' variable upon submission to the problem.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2006-02-04
|
PluggedOut Blog problem.php data Parameter XSS
|
|
22491
Description:
Acidcat CMS contains a flaw that may lead to an unauthorized information disclosure. The 'acidcat.mdb' database is installed in a web accessible folder by default. An attacker could download the database without authorization resulting in a loss of confidentiality.
|
2005-12-20
|
Acidcat CMS acidcat.mdb Remote Information Disclosure
|
|
21845
Description:
Acidcat ASP CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'default.asp' script not properly sanitizing user-supplied input to the 'ID' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2005-12-20
|
Acidcat CMS default.asp ID Parameter SQL Injection
|
