| OSVDB ID | Disclosure Date | Title |
|---|
|
24464
Description:
(Description Provided by CVE) : Unspecified vulnerabilities in Zen Cart before 1.2.7 allow remote attackers to cause unknown impact via unspecified vectors related to "other attempted exploits" other than SQL injection.
|
2006-02-11
|
Zen Cart Unspecified Issue
|
|
27983
Description:
(Description Provided by CVE) : imageVue 16.1 allows remote attackers to obtain folder permission settings via a direct request to dir.php, which returns an XML document that lists folders and their permissions.
|
2006-02-11
|
ImageVue dir.php Folder Permission Disclosure
|
|
27980
Description:
(Description Provided by CVE) : Zen Cart before 1.2.7 does not protect the admin/includes directory, which allows remote attackers to cause unknown impact via unspecified vectors, probably direct requests.
|
2006-02-11
|
Zen Cart Admin/Includes Directory Unspecified Issue
|
|
23066
Description:
Verity KeyView Viewer SDK contains a flaw that allows a remote attacker to delete arbitrary files. The issue is due to 'kvarcve.dll' not properly checking the filenames of compressed files in ZIP, UUE, and TAR archives for traversal style attacks (../../) when generating their previews.
|
2006-02-11
|
Verity KeyView Viewer SDK kvarcve.dll Compressed File Preview Traversal Arbitrary File Deletion
|
|
23068
Description:
An overflow exists in the HTML speed reader component of the KeyView Viewer SDK. The software fails to properly validate file names passed to the 'htmsr.dll' library when a link is clicked, resulting in a buffer overflow. With a specially crafted long file name starting with a 'http', 'ftp' or '//' prefix, an attacker can execute arbitrary code, resulting in a loss of integrity. Note that the vulnerable component is used by IBM Lotus Notes for viewing HTML files.
|
2006-02-11
|
Verity KeyView Viewer SDK htmsr.dll Link Processing Overflow
|
|
23122
Description:
(Description Provided by CVE) : process.php in DocMGR 0.54.2 does not initialize the $siteModInfo variable when a direct request is made, which allows remote attackers to include arbitrary local files or possibly remote files via a modified includeModule and siteModInfo variable.
|
2006-02-11
|
DocMGR process.php siteModInfo Parameter Remote File Inclusion
|
|
23112
Description:
(Description Provided by CVE) : Directory traversal vulnerability in LinPHA 1.0 allows remote attackers to include arbitrary files via .. (dot dot) sequences in the (1) lang parameter in docs/index.php and the language parameter in (2) install/install.php, (3) install/sec_stage_install.php, (4) install/third_stage_install.php, and (5) install/forth_stage_install.php. NOTE: direct static code injection is resultant from this issue, as demonstrated by inserting PHP code into the username, which is inserted into linpha.log, which is accessible from the directory traversal.
|
2006-02-11
|
LinPHA index.php lang Parameter Local File Inclusion
|
|
23113
Description:
(Description Provided by CVE) : Directory traversal vulnerability in LinPHA 1.0 allows remote attackers to include arbitrary files via .. (dot dot) sequences in the (1) lang parameter in docs/index.php and the language parameter in (2) install/install.php, (3) install/sec_stage_install.php, (4) install/third_stage_install.php, and (5) install/forth_stage_install.php. NOTE: direct static code injection is resultant from this issue, as demonstrated by inserting PHP code into the username, which is inserted into linpha.log, which is accessible from the directory traversal.
|
2006-02-11
|
LinPHA install.php language Parameter Local File Inclusion
|
|
23114
Description:
(Description Provided by CVE) : Directory traversal vulnerability in LinPHA 1.0 allows remote attackers to include arbitrary files via .. (dot dot) sequences in the (1) lang parameter in docs/index.php and the language parameter in (2) install/install.php, (3) install/sec_stage_install.php, (4) install/third_stage_install.php, and (5) install/forth_stage_install.php. NOTE: direct static code injection is resultant from this issue, as demonstrated by inserting PHP code into the username, which is inserted into linpha.log, which is accessible from the directory traversal.
|
2006-02-11
|
LinPHA sec_stage_install.php language Parameter Local File Inclusion
|
|
23115
Description:
(Description Provided by CVE) : Directory traversal vulnerability in LinPHA 1.0 allows remote attackers to include arbitrary files via .. (dot dot) sequences in the (1) lang parameter in docs/index.php and the language parameter in (2) install/install.php, (3) install/sec_stage_install.php, (4) install/third_stage_install.php, and (5) install/forth_stage_install.php. NOTE: direct static code injection is resultant from this issue, as demonstrated by inserting PHP code into the username, which is inserted into linpha.log, which is accessible from the directory traversal.
|
2006-02-11
|
LinPHA third_stage_install.php language Parameter Local File Inclusion
|
|
23116
Description:
(Description Provided by CVE) : Directory traversal vulnerability in LinPHA 1.0 allows remote attackers to include arbitrary files via .. (dot dot) sequences in the (1) lang parameter in docs/index.php and the language parameter in (2) install/install.php, (3) install/sec_stage_install.php, (4) install/third_stage_install.php, and (5) install/forth_stage_install.php. NOTE: direct static code injection is resultant from this issue, as demonstrated by inserting PHP code into the username, which is inserted into linpha.log, which is accessible from the directory traversal.
|
2006-02-11
|
LinPHA forth_stage_install.php language Variable POST Method Local File Inclusion
|
|
23089
Description:
(Description Provided by CVE) : IBM Tivoli Directory Server 6.0 allows remote attackers to cause a denial of service (crash) via a crafted LDAP request, as demonstrated by test 2532 in the ProtoVer Sample LDAP test suite.
|
2006-02-11
|
IBM Tivoli Directory Server Crafted LDAP Packet DoS
|
|
23104
Description:
(Description Provided by CVE) : SQL injection vulnerability in deleteSession() in DB_eSession library 1.0.2 and earlier, as used in multiple products, allows remote attackers to execute arbitrary SQL commands via the $_sess_id_set variable, which is usually derived from PHPSESSID.
|
2006-02-11
|
DB_eSession Cookie PHPSESSID Parameter SQL Injection
|
|
23107
Description:
(Description Provided by CVE) : change_password.php in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier does not verify the old password when a user changes the password, which may allow remote attackers to gain unauthorized access.
|
2006-02-11
|
VHCS change_password.php Current Password Weakness
|
|
23108
Description:
(Description Provided by CVE) : The check_login function in login.php in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier does not exit when authentication fails, which allows remote attackers to gain unauthorized access.
|
2006-02-11
|
VHCS login.php check_login() Function Authentication Bypass
|
|
23109
Description:
(Description Provided by CVE) : add_user.php in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier does not check user privileges when adding a new administrative user, which allows remote attackers to gain unauthorized access.
|
2006-02-11
|
VHCS add_user.php Privilege Escalation
|
|
23102
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in search.php in Siteframe 5.0.1 allows remote attackers to inject arbitrary web script or HTML via the q parameter.
|
2006-02-11
|
Siteframe search.php q Parameter XSS
|
|
23100
Description:
(Description Provided by CVE) : Unspecified vulnerability in the loaders (load_*.php) in Ansilove before 1.03 allows remote attackers to read arbitrary files via unspecified vectors involving "converting files accessible by the webserver".
|
2006-02-11
|
Ansilove Multiple Loaders (load_*.php) Arbitrary File Disclosure
|
|
23101
Description:
(Description Provided by CVE) : Ansilove before 1.03 does not filter uploaded file extensions, which allows remote attackers to execute arbitrary code by uploading arbitrary files with dangerous extensions, then accessing them directly in the upload directory.
|
2006-02-11
|
Ansilove File Upload Arbitrary Command Execution
|
|
23167
Description:
(Description Provided by CVE) : readfolder.php in imageVue 16.1 allows remote attackers to list directories via modified path and ext parameters.
|
2006-02-11
|
ImageVue readfolder.php path Variable Arbitrary Directory Listing
|
|
23168
Description:
(Description Provided by CVE) : Unspecified vulnerability in index.php in imageVue 16.1 has unknown impact, probably a cross-site scripting (XSS) vulnerability involving the query string that is not quoted when inserted into style and body tags, as demonstrated using a bgcol parameter.
|
2006-02-11
|
ImageVue index.php bgcol Parameter XSS
|
|
23169
Description:
(Description Provided by CVE) : admin/upload.php in imageVue 16.1 allows remote attackers to upload arbitrary files to certain allowed folders via .. (dot dot) sequences in the path parameter. NOTE: due to the lack of details, the specific vulnerability type cannot be determined, although it might be due to directory traversal.
|
2006-02-11
|
ImageVue upload.php Unrestricted File Upload
|
|
23239
Description:
MyBulletinBoard (MyBB) contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'managegroup.php' script not properly sanitizing user-supplied input to the 'gid' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2006-02-11
|
MyBulletinBoard (MyBB) managegroup.php gid Parameter SQL Injection
|
|
23240
Description:
Unknown / Incomplete
|
2006-02-11
|
MyBulletinBoard (MyBB) managegroup.php gid Parameter XSS
|
|
23283
Description:
Unknown / Incomplete
|
2006-02-11
|
Monster Top List index.php user_error_message Parameter XSS
|
|
23067
Description:
A remote overflow exists in Verity KeyView Viewer SDK. 'tarrdr.dll' fails to perform bounds checking on filenames of files contained by TAR archives, resulting in a stack based overflow. With a specially crafted TAR archive, an attacker can cause arbitrary code execution when the archive is extracted with an application using the vulnerable viewer, resulting in a loss of integrity.
|
2006-02-11
|
Verity KeyView Viewer SDK tarrdr.dll TAR Extraction Overflow
|
|
23181
Description:
(Description Provided by CVE) : Absolute path traversal vulnerability in convert.cgi in Quirex 2.0.2 and earlier allows remote attackers to read arbitrary files, and possibly execute arbitrary code, via the (1) quiz_head, (2) quiz_foot, and (3) template variables.
|
2006-02-11
|
Quirex convert.cgi Multiple Parameter Arbitrary File Access
|
|
23182
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in guestex.pl in Teca Scripts Guestex 1.0 allows remote attackers to inject arbitrary web script or HTML via the url parameter.
|
2006-02-11
|
Guestex guestex.pl url Parameter XSS
|
|
23183
Description:
(Description Provided by CVE) : Unspecified vulnerability in guestex.pl in Teca Scripts Guestex 1.0 allows remote attackers to execute arbitrary shell commands via the email parameter, possibly involving shell metacharacters.
|
2006-02-11
|
Guestex Shell guestex.pl email Variable Arbitrary Command Execution
|
|
23184
Description:
(Description Provided by CVE) : SQL injection vulnerability in functions.php in Teca Diary PE 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) yy, (2) mm, and (3) dd parameters.
|
2006-02-11
|
Teca Diary PE functions.php Multiple Parameter SQL Injection
|
|
23064
Description:
A remote overflow exists in Verity KeyView Viewer SDK. 'kvarcve.dll' fails to perform bounds checking when constructing the full pathname of a compressed file before extracting it from a ZIP archive, resulting in a stack based overflow. With a specially crafted ZIP archive, an attacker can cause arbitrary code execution when a compressed file with a long filename is extracted from within an application using the vulnerable viewer, resulting in a loss of integrity.
|
2006-02-10
|
Verity KeyView Viewer SDK kvarcve.dll Compressed File Pathname Generation Overflow
|
|
23065
Description:
A remote overflow exists in Verity KeyView Viewer SDK. 'uudrdr.dll' fails to perform bounds checking on filenames of UUE files, resulting in a stack based overflow. With a specially crafted UUE file, an attacker can cause arbitrary code execution when the file is opened in an application using the vulnerable viewer, resulting in a loss of integrity.
|
2006-02-10
|
Verity KeyView Viewer SDK uudrdr.dll UUE Filename Overflow
|
|
48887
Description:
Unknown / Incomplete
|
2006-02-10
|
YaCy UserDB Passwordcheck Unspecified Issue
|
|
48888
Description:
Unknown / Incomplete
|
2006-02-10
|
YaCy YBR Transmission Protocol Path Selection Unspecified Issue
|
|
28142
Description:
(Description Provided by CVE) : index.php in Invision Power Board (IPB) 2.0.1, with Code Confirmation disabled, allows remote attackers to cause an unspecified denial of service by registering a large number of users.
|
2006-02-10
|
Invision Power Board index.php User Registration Saturation DoS
|
|
86679
Description:
By default, AS/400 iSeries installs with multiple default accounts and passwords, which are publicly known and documented. This allows attackers to trivially access the program or system and gain privileged access.
|
2006-02-10
|
IBM AS/400 iSeries Multiple Default Accounts
|
|
27961
Description:
(Description Provided by CVE) : Unspecified vulnerability in HP PSC 1210 All-in-One Drivers before 1.0.06 has unknown impact and attack vectors.
|
2006-02-10
|
HP PSC 1210 All-in-One Drivers Unspecified Issue
|
|
51221
Description:
IBM AS/400 systems contain a flaw that may allow a remote attacker to gain access to information. The issue is due to the telnet error message giving different error messages when a user login fails. By using these different error messages, an attacker can enumerate valid account names. While this information is often low risk, it is useful in carrying out additional, more focused attacks.
|
2006-02-10
|
IBM AS/400 Telnet Error Message Account Enumeration
|
|
23721
Description:
Unknown / Incomplete
|
2006-02-10
|
bMail sendmail.php SQL Injection
|
|
23722
Description:
Unknown / Incomplete
|
2006-02-10
|
bMail GBK Cleartext Administrator Password Storage
|
