[CLOSE] OSVDB ID : 22151 - Disclosed: 2005-12-31

Description:

eFileGo contains a flaw that allows a remote attacker to execute programs outside of the web path. The issue is due to the eFileGo server not properly sanitizing user input, specifically traversal style attacks (../../) supplied to the server.

[CLOSE] OSVDB ID : 22152 - Disclosed: 2005-12-31

Description:

eFileGo contains a flaw that may allow a remote denial of service. The issue is triggered when an attempt is made to upload a file to an invalid directory. This will result in the 'upload'exe' program consuming large amounts of CPU resources on the system, potentially leading to loss of availability for the platform.

[CLOSE] OSVDB ID : 22159 - Disclosed: 2005-12-31

Description:

MyBB contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the inc/function_upload.php script not properly sanitizing user-supplied input to the file extension of the uploaded file. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 22485 - Disclosed: 2005-12-31

Description:

(Description Provided by CVE) : The default configuration of Recruitment Software installs admin/site.xml under the web document root with insufficient access control, which might allow remote attackers to obtain sensitive information (MySQL database credentials) via a direct request.

[CLOSE] OSVDB ID : 22142 - Disclosed: 2005-12-31

Description:

Bugport contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.php script not properly sanitizing user-supplied input to the 'orderBy', 'where' and 'devWherePair[1][0]' variables. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 22143 - Disclosed: 2005-12-31

Description:

Bugport contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'ids', 'action', 'report_id', 'devWherePair' and 'binds' variables upon submission to the index.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 22144 - Disclosed: 2005-12-31

Description:

BugPort contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker passes invalid data to the 'action' variable in the index.php script, which will disclose the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.

[CLOSE] OSVDB ID : 22112 - Disclosed: 2005-12-30

Description:

OOApp Guestbook contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'page' variable upon submission to the 'home.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 22118 - Disclosed: 2005-12-30

Description:

iPei Guestbook contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the email field upon submission to the 'index.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 22119 - Disclosed: 2005-12-30

Description:

VMware ESX Server contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate variables upon submission to the Management Interface. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 22120 - Disclosed: 2005-12-30

Description:

A local overflow exists in TUGZip. TUGZip fails to handle long filenames of ARJ archives, resulting in a stack overflow. With an ARJ archive with a specially crafted name, an attacker can cause execution of arbitrary code, resulting in a loss of integrity.

[CLOSE] OSVDB ID : 22111 - Disclosed: 2005-12-30

Description:

AdesGuestbook contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'totalRows_rsRead' variable upon submission to the 'read.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 22148 - Disclosed: 2005-12-30

Description:

Web Wiz News, Web Wiz Journal, Web Wiz Polls and Web Wiz Database Login contain a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the check_user.asp script not properly sanitizing user-supplied input to the 'txtUserName' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 22161 - Disclosed: 2005-12-30

Description:

phpBB contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'bbcode' submitted to the 'url' variable upon submission to an unspecified script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity. Note that this vulnerability only affects Microsoft Internet Explorer (MSIE).

[CLOSE] OSVDB ID : 22162 - Disclosed: 2005-12-30

Description:

phpBB contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'url' variable upon submission to an unspecified script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity. Note that this vulnerability only affects Microsoft Internet Explorer (MSIE).

[CLOSE] OSVDB ID : 22145 - Disclosed: 2005-12-30

Description:

(Description Provided by CVE) : Buffer overflow in MTink in the printer-filters-utils package allows local users to execute arbitrary code via a long HOME environment variable.

[CLOSE] OSVDB ID : 22155 - Disclosed: 2005-12-30

Description:

(Description Provided by CVE) : Research in Motion (RIM) BlackBerry Router allows remote attackers to cause a denial of service (communication disruption) via crafted Server Routing Protocol (SRP) packets.

[CLOSE] OSVDB ID : 22292 - Disclosed: 2005-12-30

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 22224 - Disclosed: 2005-12-30

Description:

Kayako Supportsuite contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'nav' parameter upon submission to the 'index.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 22225 - Disclosed: 2005-12-30

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in index.php in Kayako SupportSuite 3.00.26 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) nav parameter in the downloads module, (2) Full Name and (3) Email fields in the core module, (4) Full Name, (5) Email, and (6) Subject fields in the tickets module, or (7) Registered Email field in the lostpassword feature in the core module.

[CLOSE] OSVDB ID : 22226 - Disclosed: 2005-12-30

Description:

Kayako SupportSuite contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker to take advantage of unsanitized input to the '_a' and 'newsid' parameters in the news module, the 'downloaditemid' parameter in the downloads module, and the 'kbarticleid' parameter in the 'knowledgebase' module, which discloses the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.

[CLOSE] OSVDB ID : 23196 - Disclosed: 2005-12-30

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 22125 - Disclosed: 2005-12-30

Description:

A remote overflow exists in dopewars. The dopewars server fails to handle user data safely resulting in a format string overflow. With a specially crafted request, an attacker can cause the server to treat user-supplied data as a format string resulting in a loss of integrity.

[CLOSE] OSVDB ID : 22195 - Disclosed: 2005-12-30

Description:

(Description Provided by CVE) : The m_join function in channel.c for PTnet ircd 1.5 and 1.6 allows remote attackers to cause a denial of service (memory exhaustion that triggers a daemon restart) via a large number of requests to join a "charmed channel" such as PTnet, #PTnoticias and #*.log, which causes ircd to open the channel even though it does not have any valid users.

[CLOSE] OSVDB ID : 22180 - Disclosed: 2005-12-30

Description:

(Description Provided by CVE) : Research in Motion (RIM) BlackBerry Handheld web browser for BlackBerry Handheld before 4.0.2 allows remote attackers to cause a denial of service (hang) via a Java Application Description (JAD) file with a long application name and vendor string, which prevents a browser dialog from being properly dismissed.

[CLOSE] OSVDB ID : 22181 - Disclosed: 2005-12-30

Description:

(Description Provided by CVE) : Heap-based buffer overflow in Research in Motion (RIM) BlackBerry Attachment Service allows remote attackers to cause a denial of service (hang) via an e-mail attachment with a crafted TIFF file.

[CLOSE] OSVDB ID : 41717 - Disclosed: 2005-12-30

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 41718 - Disclosed: 2005-12-30

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 22093 - Disclosed: 2005-12-29

Description:

NView contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue caused by an insecure RPATH and is triggered when the application is launched within a shared directory containing a malicious library. This flaw may lead to a loss of confidentiality or integrity through arbitrary code execution.

[CLOSE] OSVDB ID : 22094 - Disclosed: 2005-12-29

Description:

XnView contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue caused by an insecure RPATH and is triggered when the application is launched within a shared directory containing a malicious library. This flaw may lead to a loss of confidentiality or integrity through arbitrary code execution.

[CLOSE] OSVDB ID : 22083 - Disclosed: 2005-12-29

Description:

GmailSite/GFHost contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'lng' variable upon submission to the 'index.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 22095 - Disclosed: 2005-12-29

Description:

Gmailsite/GFHost contains a flaw that may allow a remote attacker to display the contents of arbitrary files. The issue is due to the 'index.php' script not properly sanitizing user input supplied to the 'lng'variable. This may allow an attacker to include a file from a remote host, resulting in a loss of confidentiality.

[CLOSE] OSVDB ID : 22116 - Disclosed: 2005-12-29

Description:

TinyMCE Compressor contains a flaw that allows a remote attacker to view fieles outside of the web path. The issue is due to the tiny_mce_gzip.php script not sanitizing input to the 'theme', 'language', 'plugins', or 'lang parameter'. By requesting a file and appending a null byte (%00), an attacker can access any file on the system that the web server has privileges to read.

[CLOSE] OSVDB ID : 22117 - Disclosed: 2005-12-29

Description:

TinyMCE Compressor contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'index' variable and others upon submission. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 22121 - Disclosed: 2005-12-29

Description:

Various ImageMagick utilities fail to correctly validate image file names. The issue is triggered when specially crafted shell commands are part of the file name provided. It is possible that the flaw may allow execution of arbitrary shell commands, resulting in a loss of integrity.

[CLOSE] OSVDB ID : 22114 - Disclosed: 2005-12-29

Description:

phpdocumentor contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to "Documentation/tests/bug-559668.php" not properly sanitizing user input supplied to the "FORUM[LIB]" variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script. However successful exploitation requires that "register_globals" is enabled.

[CLOSE] OSVDB ID : 22115 - Disclosed: 2005-12-29

Description:

phpDocumentor contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to "docbuilder/file_dialog.php" not properly sanitizing user input supplied to the "root_dir" variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script. However successful exploitation requires that "register_globals" is enabled.

[CLOSE] OSVDB ID : 22154 - Disclosed: 2005-12-29

Description:

(Description Provided by CVE) : Direct static code injection vulnerability in phpBook 1.3.2 and earlier allows remote attackers to execute arbitrary PHP code via the e-mail field (mail variable) in a new message, which is written to a PHP file.

[CLOSE] OSVDB ID : 22150 - Disclosed: 2005-12-29

Description:

PHPenpals contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the profile.php script not properly sanitizing user-supplied input to the 'personalID' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 22141 - Disclosed: 2005-12-29

Description:

(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in addentry.php in Chipmunk Guestbook 1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the homepage parameter.