| OSVDB ID | Disclosure Date | Title |
|---|
|
23069
Description:
(Description Provided by CVE) : MyCO Guestbook 1.0 stores the admin directory under the web document root with insufficient access control, which allows remote attackers to perform unspecified privileged actions by directly accessing files via a URL.
|
2006-01-31
|
MyCO Guestbook /admin Directory Unauthenticated Access
|
|
23070
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in MyCO Guestbook 1.0 allows remote attackers to inject arbitrary web script or HTML via the Name field, when registering a user.
|
2006-01-31
|
MyCO Guestbook New User Registration Name Field XSS
|
|
23250
Description:
The MSAnalysis module for CPG Dragonfly CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.php script not properly sanitizing user-supplied input to the 'profile' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database. Additionally, if a failed SQL query is made, the program will disclose the full installation path. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.
|
2006-01-31
|
CPG Dragonfly CMS MSAnalysis Module index.php profile Variable SQL Injection
|
|
28628
Description:
Unknown / Incomplete
|
2006-01-30
|
IBM Director Blade/Server Processor Crafted IP Connection Flood DoS
|
|
28629
Description:
Unknown / Incomplete
|
2006-01-30
|
IBM Director Malformed Packet Pegasus Provider Adapter DoS
|
|
28630
Description:
Unknown / Incomplete
|
2006-01-30
|
IBM Director Malformed SNMP Trap DoS
|
|
24320
Description:
(Description Provided by CVE) : Directory traversal vulnerability in Files Xaraya module before 0.5.1, when the Archive Directory field on the Modify Config page is blank, allows remote attackers to access files outside of the web root via ".." (dot dot) sequences.
|
2006-01-30
|
Xaraya Files Module Modify Config Page Traversal Arbitrary File Access
|
|
22789
Description:
A remote overflow exists in WinAmp. WinAmp fails to perform correct boundary checks on playlists resulting in a buffer overflow. With a specially crafted playlist, an attacker can execute arbitrary code resulting in a loss of integrity.
|
2006-01-30
|
Winamp Playlist Processing File Tag Overflow
|
|
22934
Description:
ashNews contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'id' variable upon submission to the 'ashnews.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2006-01-30
|
ashNews ashnews.php id Variable XSS
|
|
22923
Description:
(Description Provided by CVE) : The cairo library (libcairo), as used in GNOME Evolution and possibly other products, allows remote attackers to cause a denial of service (persistent client crash) via an attached text file that contains "Content-Disposition: inline" in the header, and a very long line in the body, which causes the client to repeatedly crash until the e-mail message is manually removed, possibly due to a buffer overflow, as demonstrated using an XML attachment.
|
2006-01-30
|
GNOME Evolution Mail Client Inline Text File Content-Disposition DoS
|
|
22793
Description:
HTMLArea contains a flaw that may allow a malicious user to execute arbitrary commands. The '/admin/htmlarea/popups/file/files.php' script is accessible without authentication, allowing a remote attacker to use this script to upload malicious PHP files and execute arbitrary code on the system.
|
2006-01-30
|
HTMLArea files.php Unauthenticated Arbitrary File Upload
|
|
22843
Description:
Cerberus Helpdesk contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'contact_search' variable upon submission to the 'clients.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2006-01-30
|
Cerberus Helpdesk clients.php contact_search Variable XSS
|
|
22805
Description:
Nuked-klaN contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'letter' variable upon submission to the Members module (via index.php). This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2006-01-30
|
Nuked-KlaN Members Module letter Variable XSS
|
|
23876
Description:
Unknown / Incomplete
|
2006-01-30
|
Invision Power Board Unspecified XSS
|
|
22879
Description:
Daffodil CRM contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the userlogin.jsp script not properly sanitizing user-supplied input to the 'userLoginBox' and 'passwordBox' variables. This may allow an attacker to inject or manipulate SQL queries in the backend database.
|
2006-01-30
|
Daffodil CRM userlogin.jsp Multiple Field SQL Injection
|
|
24060
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in webcheck before 1.9.6 allows remote attackers to inject arbitrary web script or HTML via the (1) url, (2) title, or (3) author name in a crawled page, which is not properly sanitized in the tooltips of a report.
|
2006-01-30
|
webcheck Generated Report Tooltip XSS
|
|
23000
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in MG2 (formerly known as Minigal) 0.5.1 allows remote attackers to inject arbitrary web script or HTML via the Name field in a comment associated with a picture.
|
2006-01-30
|
MiniGal v2 (MG2) Picture Comment Name Field XSS
|
|
23004
Description:
Unknown / Incomplete
|
2006-01-30
|
MyBulletinBoard (MyBB) plugins.php Local File Inclusion
|
|
22809
Description:
SZUserMgnt contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the SZUserMgnt.class.php script not properly sanitizing user-supplied input to the 'username' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.
|
2006-01-30
|
SZUserMgnt SZUserMgnt.class.php username Variable SQL Injection
|
|
22841
Description:
BrowserCRM contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'query' variable upon submission to the 'results.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2006-01-30
|
BrowserCRM Search Module results.php query Variable XSS
|
|
27977
Description:
(Description Provided by CVE) : Easy CMS stores the images directory under the web document root with insufficient access control and browsing enabled, which allows remote attackers to list and possibly read images that are stored in that directory.
|
2006-01-29
|
Easy CMS Directory Permission Weakness Image Access
|
|
22806
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in the Articles module in sPaiz-Nuke allows remote attackers to inject arbitrary web script or HTML via the query parameter in the search file.
|
2006-01-29
|
sPaiz-Nuke Articles Module query Variable XSS
|
|
22804
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in Easy CMS allow remote attackers to inject arbitrary web script or HTML via (1) unknown attack vectors in the administrative interface and (2) input fields of the contact form.
|
2006-01-29
|
Easy CMS Admin Section Multiple XSS
|
|
23003
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in the Add Thread to Favorites feature in usercp2.php in MyBB (aka MyBulletinBoard) 1.02 allows remote attackers to inject arbitrary web script or HTML via an HTTP Referer header ($url variable).
|
2006-01-29
|
MyBulletinBoard (MyBB) usercp2.php url Variable XSS
|
|
22808
Description:
UBB.threads contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the showflat.php script not properly sanitizing user-supplied input to the 'Number' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.
|
2006-01-29
|
UBB.threads showflat.php Number Variable SQL Injection
|
|
22900
Description:
Ad Zapper for squid contains a flaw that may allow a remote denial of service. The issue is triggered when sending a URL to the squid_redirect script with a large number of forward slashes. This can cause the remote host to consume CPU resources, potentially causing a denial of service.
|
2006-01-29
|
Ad Zapping With Squid squid_redirect Crafted URL DoS
|
|
23074
Description:
Unknown / Incomplete
|
2006-01-28
|
PmWiki pmwiki.php GLOBALS Unset Path Disclosure
|
|
23075
Description:
Unknown / Incomplete
|
2006-01-28
|
PmWiki pmwiki.php FarmD Variable Remote File Inclusion
|
|
23076
Description:
Unknown / Incomplete
|
2006-01-28
|
PmWiki Multiple Script GLOBALS Unset FarmD Variable XSS
|
|
22791
Description:
(Description Provided by CVE) : Unspecified vulnerability in Pioneers (formerly gnocatan) before 0.9.49 allows remote attackers to cause a denial of service (application crash) via long chat messages.
|
2006-01-28
|
Pioneers Client Chat Message Overflow DoS
|
|
22792
Description:
(Description Provided by CVE) : pmwiki.php in PmWiki 2.1 beta 20, with register_globals enabled, allows remote attackers to bypass protection mechanisms that deregister global variables by setting both a GPC variable and a GLOBALS[] variable with the same name, which causes PmWiki to unset the GLOBALS[] variable but not the GPC variable, which creates resultant vulnerabilities such as remote file inclusion and cross-site scripting (XSS).
|
2006-01-28
|
PmWiki register_globals Variable Overwrite Security Bypass
|
|
22935
Description:
(Description Provided by CVE) : zbattle.net Zbattle client 1.09 SR-1 beta allows remote attackers to cause an unspecified denial of service by rapidly creating and closing a game.
|
2006-01-28
|
Zbattle Client Game Creation Saturation DoS
|
|
22924
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in Mozilla 1.7.12 and possibly earlier, Mozilla Firefox 1.0.7 and possibly earlier, and Netscape 8.1 and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the -moz-binding CSS (Cascading Style Sheets) property, which does not require that the style sheet have the same origin as the web page, as demonstrated by the compromise of a large number of LiveJournal accounts.
|
2006-01-28
|
Multiple Browser -moz-binding CSS Same Origin Policy Bypass
|
|
22807
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in UebiMiau 2.7.9, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via a javascript: URI in the SRC attribute of an IMG tag.
|
2006-01-28
|
UebiMiau Webmail HTML Email Body XSS
|
|
23351
Description:
(Description Provided by CVE) : Multiple memory leaks in the LDAP component in Fedora Directory Server 1.0 allow remote attackers to cause a denial of service (memory consumption) via invalid BER packets that trigger an error, which might prevent memory from being freed if it was allocated during the ber_scanf call, as demonstrated using the ProtoVer LDAP test suite.
|
2006-01-27
|
Fedora Directory Server LDAP Invalid BER Packet Memory Leak DoS
|
|
23352
Description:
(Description Provided by CVE) : dn2ancestor in the LDAP component in Fedora Directory Server 1.0 allows remote attackers to cause a denial of service (CPU and memory consumption) via a ModDN operation with a DN that contains a large number of "," (comma) characters, which results in a large amount of recursion, as demonstrated using the ProtoVer LDAP test suite.
|
2006-01-27
|
Fedora Directory Server LDAP dn2ancestor Crafted ModDN Operation Remote DoS
|
|
23353
Description:
(Description Provided by CVE) : The LDAP component in Fedora Directory Server 1.0 allow remote attackers to cause a denial of service (crash) via a certain "bad BER sequence" that results in a free of uninitialized memory, as demonstrated using the ProtoVer LDAP test suite.
|
2006-01-27
|
Fedora Directory Server LDAP Malformed BER Sequence Remote DoS
|
|
22790
Description:
ASPThai Forums contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the login.asp script not properly sanitizing user-supplied input to the 'password' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.
|
2006-01-27
|
ASPThai Forums login.asp password Variable SQL Injection
|
|
22794
Description:
(Description Provided by CVE) : Buffer overflow in git-checkout-index in GIT before 1.1.5 allows remote attackers to execute arbitrary code via an index file with a long symbolic link.
|
2006-01-27
|
GIT git-checkout-index Symbolic Link Handling Overflow
|
|
22787
Description:
(Description Provided by CVE) : CommuniGate Pro Core Server before 5.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via LDAP messages with negative BER lengths, and possibly other vectors, as demonstrated by the ProtoVer LDAP test suite.
|
2006-01-27
|
CommuniGate Pro Server LDAP BER Decoding Unspecified Code Execution
|
