| OSVDB ID | Disclosure Date | Title |
|---|
|
47759
Description:
Unknown / Incomplete
|
2005-06-26
|
CRM-CTT Interleave Crafted Filename WebDAV Database Query DoS
|
|
17611
Description:
PHP-Fusion contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate news_body, article_description, and article_body variables upon submission to the submit.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2005-06-26
|
PHP-Fusion submit.php Multiple Parameter XSS
|
|
17700
Description:
ASP Nuke contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'email' variable upon submission to the forgot_password.asp script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2005-06-26
|
ASP Nuke forgot_password.asp email Parameter XSS
|
|
17701
Description:
ASP Nuke contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate several variables upon submission to the register.asp script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2005-06-26
|
ASP Nuke register.asp Multiple Parameter XSS
|
|
17702
Description:
ASP Nuke contains a flaw that allows a remote HTTP response splitting attack. This flaw exists because the application does not validate the 'LangCode' variable upon submission to the language_select.asp script. This could allow an attacker to create a specially crafted URL that would present a fake web page to a user, steal session cookies, or execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2005-06-26
|
ASP Nuke language_select.asp HTTP Response Splitting
|
|
17703
Description:
ASP Nuke contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the comment_post.asp script not properly sanitizing user-supplied input to the 'TaskID' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2005-06-26
|
ASP Nuke comment_post.asp TaskID Parameter SQL Injection
|
|
17729
Description:
Yahoo! 360° contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a Yahoo! Messenger or Yahoo! Profiles user has chosen to have their on-line status hidden. The Yahoo! 360° service does not honor these settings, and displays their on-line status to other Yahoo! 360° users which will disclose status information resulting in a loss of confidentiality.
|
2005-06-26
|
Yahoo! 360° User Status Disclosure
|
|
17705
Description:
Unknown / Incomplete
|
2005-06-25
|
ASPPlayground.NET uploadpro.asp Arbitrary File Upload
|
|
17697
Description:
Mensajeitor contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'ip' variable upon submission to the 'mensajeitor.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2005-06-25
|
Mensajeitor mensajeitor.php ip Parameter XSS
|
|
24314
Description:
Unknown / Incomplete
|
2005-06-25
|
BusyBox Symlink Chown Privilege Escalation
|
|
17698
Description:
Unknown / Incomplete
|
2005-06-24
|
JCDex Lite thispath Parameter Remote File Inclusion
|
|
17510
Description:
Legal Case Management (LCM) System contains a flaw that may lead to an unauthorized information disclosure. The issue is caused by missing access restrictions on the log files, which will disclose log information including SQL queries made by users resulting in a loss of confidentiality.
|
2005-06-24
|
Legal Case Management (LCM) System Log File Disclosure
|
|
17610
Description:
(Description Provided by CVE) : PHP-Fusion 5.0 and 6.0 stores the database file with a predictable filename under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to the filename in the administration/db_backups directory in PHP-Fusion 6.0 or the fusion_admin/db_backups directory in 5.0.
|
2005-06-24
|
PHP-Fusion Predictable Filename User Database Disclosure
|
|
25406
Description:
Unknown / Incomplete
|
2005-06-24
|
IBM WebSphere Application Server (WAS) META-INF / WEB-INF Directory Access
|
|
25407
Description:
Unknown / Incomplete
|
2005-06-24
|
IBM WebSphere Application Server (WAS) FFDC Log Cleartext Password Disclosure (PK02503)
|
|
17582
Description:
Unknown / Incomplete
|
2005-06-24
|
PHP-Nuke off-site Avatar Arbitrary Script Insertion
|
|
17541
Description:
A local overflow exists in Solaris x86 traceroute. The utility fails to properly handle multiple user-specified gateways resulting in a heap overflow. With a specially crafted request containing 10 -g parameters, an attacker may be able to execute arbitrary code resulting in a loss of integrity. The impact of exploitation is limited to raw socket access.
|
2005-06-24
|
Solaris x86 traceroute -g Parameter Local Overflow
|
|
17547
Description:
ActiveBuyandSell contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'default.asp' script not properly sanitizing user-supplied input to the 'catid' variable. This may allow a remote attacker to inject or manipulate SQL queries in the back-end database.
|
2005-06-24
|
ActiveBuyandSell default.asp catid Parameter SQL Injection
|
|
17548
Description:
ActiveBuyandSell contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'buyersend.asp' script not properly sanitizing user-supplied input to the 'catid' variable. This may allow a remote attacker to inject or manipulate SQL queries in the back-end database.
|
2005-06-24
|
ActiveBuyandSell buyersend.asp catid Parameter SQL Injection
|
|
17549
Description:
ActiveBuyandSell contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'admin.asp' script not properly sanitizing user-supplied input to the 'Administrator ID' field. This may allow a remote attacker to inject or manipulate SQL queries in the back-end database.
|
2005-06-24
|
ActiveBuyandSell admin.asp Administrator ID Field SQL Injection
|
|
17550
Description:
ActiveBuyandSell contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'advertiserstart.asp' script not properly sanitizing user-supplied input to the 'E-mail Address' field. This may allow a remote attacker to inject or manipulate SQL queries in the back-end database.
|
2005-06-24
|
ActiveBuyandSell advertiserstart.asp E-Mail Address Field SQL Injection
|
|
17551
Description:
ActiveBuyandSell contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'buyer.asp' script not properly sanitizing user-supplied input to the 'E-mail' field. This may allow a remote attacker to inject or manipulate SQL queries in the back-end database.
|
2005-06-24
|
ActiveBuyandSell buyer.asp E-Mail Field SQL Injection
|
|
17552
Description:
ActiveBuyandSell contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'search.asp' script not properly sanitizing user-supplied input to the 'Keyword' field. This may allow a remote attacker to inject or manipulate SQL queries in the back-end database.
|
2005-06-24
|
ActiveBuyandSell search.asp Keyword Field SQL Injection
|
|
17553
Description:
ActiveBuyandSell contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'Title' variable upon submission to the 'sendpassword.asp' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2005-06-24
|
ActiveBuyandSell sendpassword.asp Title Parameter XSS
|
|
17554
Description:
ActiveBuyandSell contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'Keyword' variable upon submission to the 'search.asp' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2005-06-24
|
ActiveBuyandSell search.asp Keyword Parameter XSS
|
|
17695
Description:
Unknown / Incomplete
|
2005-06-23
|
Affinity support_page.cgi file_name Parameter Arbitrary Command Execution
|
|
17544
Description:
ClamAV contains a flaw that may allow a remote denial of service. The issue is triggered when ClamAV is scanning a Quantum compressed archive with a window size less than 32KB, and will result in loss of availability for the service.
|
2005-06-23
|
Clam AntiVirus Unspecified Quantum Decompressor DoS
|
|
17643
Description:
Unknown / Incomplete
|
2005-06-23
|
Multiple LAN IDS Vendor WLAN Session Containment DoS
|
|
17575
Description:
(Description Provided by CVE) : Heap-based buffer overflow in rtffplin.cpp in RealPlayer 10.5 6.0.12.1056 on Windows, and 10, 10.0.1.436, and other versions before 10.0.5 on Linux, allows remote attackers to execute arbitrary code via a RealMedia file with a long RealText string, such as an SMIL file.
|
2005-06-23
|
RealPlayer rtffplin.cpp RealText File Parser Overflow
|
|
17562
Description:
(Description Provided by CVE) : The ClamAV Mail fILTER (clamav-milter) 0.84 through 0.85d, when used in Sendmail using long timeouts, allows remote attackers to cause a denial of service by keeping an open connection, which prevents ClamAV from reloading.
|
2005-06-23
|
ClamAV clamav-milter Remote Connection Hold DoS
|
|
17540
Description:
JAF CMS contains a flaw that may lead to an unauthorized disclosure. The issue is triggered when the index.php script is passed certain invalid input to the "id" parameter, which will disclose the product's installation path, resulting in a loss of confidentiality.
|
2005-06-23
|
JAF CMS index.php id Variable Path Disclosure
|
|
17512
Description:
UBB.threads contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to language preferences extracted from the cookie not properly sanitizing the 'language' parameter. This may allow an attacker to include an arbitrary file location, appended with a null byte (%00), that contains arbitrary commands which will be executed by the vulnerable script.
|
2005-06-23
|
UBB.threads Cookie Data language Parameter Local File Inclusion
|
|
17513
Description:
UBB.threads contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'Number', 'what', & 'page' variables upon submission to the 'newreply.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2005-06-23
|
UBB.threads newreply.php Multiple Parameter XSS
|
|
17514
Description:
UBB.threads contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the the 'Number', 'Board', and 'what' variables upon submission to the 'showprofile.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2005-06-23
|
UBB.threads showprofile.php Multiple Parameter XSS
|
|
17515
Description:
UBB.threads contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'fpart' & 'page' variables upon submission to the 'showflat.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2005-06-23
|
UBB.threads showflat.php Multiple Parameter XSS
|
|
17516
Description:
UBB.threads contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'like' variable upon submission to the 'showmembers.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2005-06-23
|
UBB.threads showmembers.php like Parameter XSS
|
|
17517
Description:
UBB.thread contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'Searchpage' variable upon submission to the 'dosearch.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2005-06-23
|
UBB.threads dosearch.php Searchpage Parameter XSS
|
|
17518
Description:
UBB.threads contains a flaw that allows a remote HTTP response splitting attack. This flaw exists because the application does not validate the 'Cat' variable upon submission to the 'toggleshow.php' script. This could allow an attacker to create a specially crafted URL that would present a fake web page to a user, steal session cookies, or execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2005-06-23
|
UBB.threads toggleshow.php Cat Variable HTTP Response Splitting
|
|
17519
Description:
UBB.threads contains a flaw that allows a remote HTTP response splitting attack. This flaw exists because the application does not validate the 'Cat' variable upon submission to the 'togglecats.php' script. This could allow an attacker to create a specially crafted URL that would present a fake web page to a user, steal session cookies, or execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2005-06-23
|
UBB.threads togglecats.php Cat Variable HTTP Response Splitting
|
|
17520
Description:
UBB.threads contains a flaw that allows a remote HTTP response splitting attack. This flaw exists because the application does not validate the 'Cat' variable upon submission to the 'showprofile.php' script. This could allow an attacker to create a specially crafted URL that would present a fake web page to a user, steal session cookies, or execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2005-06-23
|
UBB.threads showprofile.php Cat Variable HTTP Response Splitting
|
