| OSVDB ID | Disclosure Date | Title |
|---|
|
37551
Description:
(Description Provided by CVE) : Voodoo chat 1.0RC1b stores sensitive information under the web root with insufficient access control, which allows remote attackers to download passwords via a direct request for data/users.dat.
|
2006-12-30
|
Voodoo Chat data/users.dat Direct Request User Database Disclosure
|
|
37552
Description:
(Description Provided by CVE) : FreeStyle Wiki (fswiki) 3.6.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request for config/user.dat.
|
2006-12-30
|
FreeStyle Wiki config/user.dat Direct Request User Database Disclosure
|
|
37556
Description:
(Description Provided by CVE) : users_adm/start1.php in IMGallery 2.5 and earlier does not properly handle files with multiple extensions, which allows remote authenticated users to upload and execute arbitrary PHP scripts.
|
2006-12-30
|
IMGallery users_adm/start1.php Arbitrary PHP File UPload
|
|
32549
Description:
(Description Provided by CVE) : Buffer overflow in the sendToMythTV function in MythControlServer.c in MythControl 1.0 and earlier allows remote attackers to execute arbitrary code via a crafted sendStr string to the Bluetooth interface. NOTE: some of these details are obtained from third party information.
|
2006-12-30
|
MythControlServer MythControlServer.c sendToMythTV Function Overflow
|
|
32548
Description:
(Description Provided by CVE) : Multiple stack-based buffer overflows in the (1) LoadTree, (2) ReadHeader, and (3) LoadXBOXTree functions in the ISO (iso_wincmd) plugin 1.7.3.3 and earlier for Total Commander allow user-assisted remote attackers to execute arbitrary code via a long pathname in an ISO image.
|
2006-12-30
|
ISO (iso_wincmd) Plugin for Total Commander ISO Image Pathname Overflow
|
|
31024
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in Zen Cart Web Shopping Cart before 1.3.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
2006-12-30
|
Zen Cart Multiple Unspecified XSS
|
|
33017
Description:
(Description Provided by CVE) : download.php in the MuddyDogPaws FileDownload snippet before 2.5 for MODx allows remote attackers to download arbitrary files, as demonstrated by downloading config.inc.php to obtain database credentials.
|
2006-12-30
|
FileDownload Snippet for MODx download.php Arbitrary File Download
|
|
33349
Description:
(Description Provided by CVE) : ** DISPUTED ** PHP remote file inclusion vulnerability in the Enigma2 plugin (Enigma2.php) in Enigma WordPress Bridge allows remote attackers to execute arbitrary PHP code via a URL in the boarddir parameter. NOTE: CVE disputes this issue, since $boarddir is set to a fixed value.
|
2006-12-30
|
Enigma WordPress Bridge Enigma2.php boarddir Variable Remote File Inclusion
|
|
33350
Description:
(Description Provided by CVE) : PHP remote file inclusion vulnerability in E2_header.inc.php in Enigma2 Coppermine Bridge 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the boarddir parameter.
|
2006-12-30
|
Enigma2 Coppermine Bridge E2_header.inc.php boarddir Variable Remote File Inclusion
|
|
33347
Description:
(Description Provided by CVE) : Directory traversal vulnerability in SAFileUpSamples/util/viewsrc.asp in SoftArtisans FileUp (SAFileUp) 5.0.14 allows remote attackers to read arbitrary files via a %c0%ae. (Unicode dot dot) in the path parameter, which bypasses the checks for ".." sequences.
|
2006-12-30
|
FileUp viewsrc.asp path Variable Encoded Traversal Arbitrary File Access
|
|
33442
Description:
(Description Provided by CVE) : Buffer overflow in Durian Web Application Server 3.02 freeware on Windows allows remote attackers to execute arbitrary code via a long string in a crafted packet to TCP port 4002.
|
2006-12-29
|
Durian Web Application Server Crafted Packet Remote Overflow
|
|
33382
Description:
Unknown / Incomplete
|
2006-12-29
|
Oracle Portal page Variable XSS
|
|
37510
Description:
(Description Provided by CVE) : An ActiveX control in SwDir.dll in Macromedia Shockwave 10 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long string in the swURL attribute.
|
2006-12-29
|
Macromedia Shockwave ActiveX (SwDir.dll) swURL Attribute Remote DoS
|
|
36648
Description:
(Description Provided by CVE) : Flash8b.ocx in Macromedia Flash 8 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long string in the Flash8b.AllowScriptAccess method.
|
2006-12-29
|
Macromedia Flash Flash8b.ocx Flash8b.AllowScriptAccess Method DoS
|
|
32507
Description:
(Description Provided by CVE) : Eval injection vulnerability in tDiary 2.0.3 and 2.1.4.200 61127 allows remote authenticated users to execute arbitrary Ruby code via unspecified vectors, possibly related to incorrect input validation by (1) conf.rhtml and (2) i.conf.rhtml. NOTE: some of these details are obtained from third party information.
|
2006-12-29
|
tDiary Unspecified Arbitrary Ruby Code Execution
|
|
32540
Description:
(Description Provided by CVE) : STphp EasyNews PRO 4.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain usernames, email addresses, and password hashes via a direct request for data/users.txt.
|
2006-12-29
|
STphp EasyNews PRO data/users.txt Direct Request User Credential Disclosure
|
|
32596
Description:
Unknown / Incomplete
|
2006-12-29
|
Plash pola-run -t Option File Permission Weakness
|
|
32597
Description:
Unknown / Incomplete
|
2006-12-29
|
Plash Unspecified setuid/setgid Privilege Escalation
|
|
33352
Description:
(Description Provided by CVE) : Multiple SQL injection vulnerabilities in Outfront Spooky Login 2.7 allow remote attackers to execute arbitrary SQL commands via (1) the UserUpdate parameter to login/register.asp or (2) unspecified parameters to includes/a_register.asp.
|
2006-12-29
|
Spooky login/register.asp SQL Injection
|
|
33353
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in Outfront Spooky Login 2.7 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) login/login.asp or (2) login/register.asp.
|
2006-12-29
|
Spooky login/login.asp XSS
|
|
33354
Description:
(Description Provided by CVE) : Multiple SQL injection vulnerabilities in Outfront Spooky Login 2.7 allow remote attackers to execute arbitrary SQL commands via (1) the UserUpdate parameter to login/register.asp or (2) unspecified parameters to includes/a_register.asp.
|
2006-12-29
|
Spooky includes/a_register.asp SQL Injection
|
|
33355
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in Outfront Spooky Login 2.7 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) login/login.asp or (2) login/register.asp.
|
2006-12-29
|
Spooky login/register.asp XSS
|
|
33345
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in modules/credits/credits.php in Docebo LMS allows remote attackers to inject arbitrary web script or HTML via the lang parameter.
|
2006-12-29
|
DoceboLMS modules/credits/credits.php lang Variable XSS
|
|
33344
Description:
(Description Provided by CVE) : SQL injection vulnerability in Journal.inc.php in Neocrome Land Down Under (LDU) 8.x and earlier allows remote attackers to execute arbitrary SQL commands via the w parameter to journal.php.
|
2006-12-29
|
Land Down Under (LDU) journal.inc.php w Variable SQL Injection
|
|
33343
Description:
(Description Provided by CVE) : The qcamvc_video_init function in qcamvc.c in De Marchi Daniele QuickCam VC Linux device driver (aka quickcam-vc) 1.0.9 and earlier does not properly check a boundary, triggering memory corruption, which might allow attackers to execute arbitrary code via a crafted QuickCam object.
|
2006-12-29
|
QuickCam VC Linux Device Driver (aka quickcam-vc) qcamvc_video_init Function Memory Corruption
|
|
34805
Description:
Mobilelib contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'email' and 'errr' variables upon submission to the contact_us.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2006-12-28
|
ac4p Mobilelib contact_us.php Multiple Variable XSS
|
|
34757
Description:
(Description Provided by CVE) : An ActiveX control in ierpplug.dll for RealNetworks RealPlayer 10.5 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) by invoking the RealPlayer.OpenURLInPlayerBrowser method with a long second argument.
|
2006-12-28
|
RealPlayer ierpplug.dll ActiveX RealPlayer.OpenURLInPlayerBrowser Method Remote DoS
|
|
35444
Description:
(Description Provided by CVE) : SQL injection vulnerability in admin/admin_acronyms.php in the Acronym Mod 0.9.5 for phpBB2 Plus 1.53 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
2006-12-28
|
phpBB2 Plus admin/admin_acronyms.php id Variable SQL Injection
|
|
32503
Description:
(Description Provided by CVE) : admin/uploads.php in PHP-Update 2.7 and earlier allows remote attackers to gain privileges by setting the rights[7] parameter to 1 during a login action.
|
2006-12-28
|
PHP-Update admin/uploads.php rights[7] Variable Privilege Escalation
|
|
32537
Description:
(Description Provided by CVE) : AIDeX Mini-WebServer 1.1 early release 3 allows remote attackers to cause a denial of service (daemon crash) via a flood of HTTP GET requests, possibly related to display of HTTP log data by the GUI. NOTE: some of these details are obtained from third party information.
|
2006-12-28
|
AIDeX Mini-Webserver HTTP Request Saturation DoS
|
|
32508
Description:
(Description Provided by CVE) : Direct static code injection vulnerability in WebText CMS 0.4.5.2 and earlier allows remote attackers to inject arbitrary PHP code into a script in wt/users/ via the im parameter during a profile edit (edycja) operation, which is then executed via a direct request for this script.
|
2006-12-28
|
WebText CMS wt/users/ im Variable Profile Edit (edycja) Arbitrary PHP Command Injection
|
|
32509
Description:
(Description Provided by CVE) : Multiple SQL injection vulnerabilities in While You Were Out (WYWO) InOut Board 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the num parameter in (a) phonemessage.asp, (2) the catcode parameter in (b) faqDsp.asp, and the (3) Username and (4) Password fields in (c) login.asp.
|
2006-12-28
|
While You Were Out (WYWO) InOut Board phonemessage.asp num Variable SQL Injection
|
|
32510
Description:
(Description Provided by CVE) : Multiple SQL injection vulnerabilities in While You Were Out (WYWO) InOut Board 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the num parameter in (a) phonemessage.asp, (2) the catcode parameter in (b) faqDsp.asp, and the (3) Username and (4) Password fields in (c) login.asp.
|
2006-12-28
|
While You Were Out (WYWO) InOut Board faqDsp.asp catcode Variable SQL Injection
|
|
32511
Description:
(Description Provided by CVE) : Multiple SQL injection vulnerabilities in While You Were Out (WYWO) InOut Board 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the num parameter in (a) phonemessage.asp, (2) the catcode parameter in (b) faqDsp.asp, and the (3) Username and (4) Password fields in (c) login.asp.
|
2006-12-28
|
While You Were Out (WYWO) InOut Board login.asp Multiple Field SQL Injection
|
|
32506
Description:
(Description Provided by CVE) : SQL injection vulnerability in admin.asp in ASPTicker 1.0 allows remote attackers to execute arbitrary SQL commands via the PATH_INFO, possibly related to the Password parameter.
|
2006-12-28
|
ASPTicker admin.asp Password Field SQL Injection
|
|
31468
Description:
(Description Provided by CVE) : SQL injection vulnerability in Cacti 0.8.6i and earlier, when register_argc_argv is enabled, allows remote attackers to execute arbitrary SQL commands via the (1) second or (2) third arguments to cmd.php. NOTE: this issue can be leveraged to execute arbitrary commands since the SQL query results are later used in the polling_items array and popen function.
|
2006-12-28
|
Cacti cmd.php Command Execution and SQL Injection
|
|
33342
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in contact_us.php in ac4p Mobilelib gold 2 allow remote attackers to inject arbitrary web script or HTML via the (1) email or (2) errr parameter.
|
2006-12-28
|
Mobilelib Gold contact_us.php Multiple Variable XSS
|
|
33398
Description:
Unknown / Incomplete
|
2006-12-28
|
Windows XP msgina.dll Local Overflow
|
|
33340
Description:
A remote overflow exists in OpenSER. The OpenSER SMS module fails to properly bounds-check user-supplied input to the fetchsms() function resulting in a buffer overflow. With a specially crafted request, an attacker can execute arbitrary code in the context of the user running the application resulting in a loss of confidentiality, integrity, and/or availability.
|
2006-12-28
|
OpenSER SMS Handling fetchsms Function Remote Overflow
|
|
33341
Description:
(Description Provided by CVE) : Buffer overflow in the validateospheader function in the Open Settlement Protocol (OSP) module in OpenSER 1.1.0 and earlier allows remote attackers to execute arbitrary code via a crafted OSP header.
|
2006-12-28
|
OpenSER OSP Module validateospheader Function OSP Header Processing Remote Overflow
|
