| OSVDB ID | Disclosure Date | Title |
|
29449
Description:
(Description Provided by CVE) : Multiple directory traversal vulnerabilities in OpenBiblio before 0.5.2 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the page parameter to shared/help.php or (2) the tab parameter to shared/header.php.
|
2006-09-30
|
OpenBiblio shared/header.php tab Parameter Traversal Local File Inclusion
|
|
29450
Description:
(Description Provided by CVE) : Multiple directory traversal vulnerabilities in OpenBiblio before 0.5.2 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the page parameter to shared/help.php or (2) the tab parameter to shared/header.php.
|
2006-09-30
|
OpenBiblio shared/help.php page Parameter Traversal Local File Inclusion
|
|
29451
Description:
(Description Provided by CVE) : SQL injection vulnerability in the reports system in OpenBiblio before 0.5.2 allows remote attackers with report privileges to execute arbitrary SQL commands via unspecified vectors.
|
2006-09-30
|
OpenBiblio Unspecified SQL Injection
|
|
29435
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in userupload.php in OlateDownload 3.4.0 allows remote attackers to inject arbitrary web script or HTML via the description_small parameter.
|
2006-09-30
|
OlateDownload userupload.php description_small Parameter XSS
|
|
29436
Description:
(Description Provided by CVE) : Multiple SQL injection vulnerabilities in OlateDownload 3.4.0 allow remote attackers to execute arbitrary SQL commands via the (1) page parameter in details.php or the (2) query parameter in search.php.
|
2006-09-30
|
OlateDownload details.php page Parameter SQL Injection
|
|
29437
Description:
(Description Provided by CVE) : Multiple SQL injection vulnerabilities in OlateDownload 3.4.0 allow remote attackers to execute arbitrary SQL commands via the (1) page parameter in details.php or the (2) query parameter in search.php.
|
2006-09-30
|
OlateDownload search.php query Parameter SQL Injection
|
|
32107
Description:
Mozilla Firefox and Mozilla SeaMonkey contain a flaw that may allow a remote attacker to perform cross-site scripting attacks. The issue is due to improper validation of user-supplied input by the browser.js script. The flaw is triggered when the victim visits the attacker's site which is constructed so that it frames the target site plus another frame whose source is the same data: URL as the victim site. If the attacker can then convince the victim to open a specially-crafted javascript: URL popup from the data: frame the popup could inject a malicious script, which would be executed in a victim's web browser within the security context of the hosting web site, resulting in a loss of confidentiality and/or integrity.
|
2006-09-30
|
Mozilla Multiple Products Blocked Popup XSS
|
|
29464
Description:
(Description Provided by CVE) : Eval injection vulnerability in Template.php in HAMweather 3.9.8.4 and earlier allows remote attackers to execute arbitrary code via a modified query string, which is supplied to an eval function call within the do_parse_code function.
|
2006-09-30
|
HAMweather Template.php do_parse_code Function Arbitrary Code Execution
|
|
29557
Description:
AAIportal contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due an unspecified script not properly sanitizing user-supplied input. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2006-09-30
|
AAIportal Project Unspecified SQL Injection
|
|
32600
Description:
Unknown / Incomplete
|
2006-09-30
|
Cscope Multiple Unspecified Issues
|
|
33916
Description:
(Description Provided by CVE) : PHP remote file inclusion vulnerability in wamp_dir/setup/yesno.phtml in VAMP Webmail 2.0beta1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the no_url parameter.
|
2006-09-30
|
VAMP Webmail yesno.phtml no_url Parameter Remote File Inclusion
|
|
32320
Description:
(Description Provided by CVE) : Groupee UBB.threads 6.5.1.1 allows remote attackers to obtain sensitive information via a direct request for cron/php/subscriptions.php, which reveals the path in an error message.
|
2006-09-29
|
UBB.threads cron/php/subscriptions.php Direct Request Path Disclosure
|
|
32321
Description:
(Description Provided by CVE) : Multiple direct static code injection vulnerabilities in Groupee UBB.threads 6.5.1.1 allow remote attackers to (1) inject PHP code via a theme[] array parameter to admin/doedittheme.php, which is injected into includes/theme.inc.php; (2) inject PHP code via a config[] array parameter to admin/doeditconfig.php, and then execute the code via includes/config.inc.php; and inject a reference to PHP code via a URL in the config[path] parameter, and then execute the code via (3) dorateuser.php, (4) calendar.php, and unspecified other scripts.
|
2006-09-29
|
UBB.threads admin/doedittheme.php theme[] Variable PHP Code Injection
|
|
32322
Description:
(Description Provided by CVE) : Multiple direct static code injection vulnerabilities in Groupee UBB.threads 6.5.1.1 allow remote attackers to (1) inject PHP code via a theme[] array parameter to admin/doedittheme.php, which is injected into includes/theme.inc.php; (2) inject PHP code via a config[] array parameter to admin/doeditconfig.php, and then execute the code via includes/config.inc.php; and inject a reference to PHP code via a URL in the config[path] parameter, and then execute the code via (3) dorateuser.php, (4) calendar.php, and unspecified other scripts.
|
2006-09-29
|
UBB.threads admin/doeditconfig.php config[] Variable PHP Code Injection
|
|
32325
Description:
(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in ubbt.inc.php in Groupee UBB.threads 6.5.1.1 allow remote attackers to execute arbitrary PHP code via a URL in the (1) GLOBALS[thispath] or (2) GLOBALS[configdir] parameter.
|
2006-09-29
|
UBB.threads ubbt.inc.php Multiple Parameter Remote File Inclusion
|
|
29458
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in Mercury SiteScope 8.2 (8.1.2.0) allow remote authenticated users to inject arbitrary web script or HTML via (1) "any field create name field" except "create new group name" or (2) any description field.
|
2006-09-29
|
Mercury SiteScope Create Name Fields XSS
|
|
29459
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in Mercury SiteScope 8.2 (8.1.2.0) allow remote authenticated users to inject arbitrary web script or HTML via (1) "any field create name field" except "create new group name" or (2) any description field.
|
2006-09-29
|
Mercury SiteScope Description Field XSS
|
|
29413
Description:
(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in Forum82 2.5.2b and earlier allow remote attackers to execute arbitrary PHP code via a URL in the repertorylevel parameter including scripts in /forum/ including (1) search.php, (2) message.php, (3) member.php, (4) mail.php, (5) lostpassword.php, (6) gesfil.php, (7) forum82lib.php3, and other unspecified scripts.
|
2006-09-29
|
Forum82 search.php repertorylevel Parameter Remote File Inclusion
|
|
29414
Description:
(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in Forum82 2.5.2b and earlier allow remote attackers to execute arbitrary PHP code via a URL in the repertorylevel parameter including scripts in /forum/ including (1) search.php, (2) message.php, (3) member.php, (4) mail.php, (5) lostpassword.php, (6) gesfil.php, (7) forum82lib.php3, and other unspecified scripts.
|
2006-09-29
|
Forum82 message.php repertorylevel Parameter Remote File Inclusion
|
|
29415
Description:
(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in Forum82 2.5.2b and earlier allow remote attackers to execute arbitrary PHP code via a URL in the repertorylevel parameter including scripts in /forum/ including (1) search.php, (2) message.php, (3) member.php, (4) mail.php, (5) lostpassword.php, (6) gesfil.php, (7) forum82lib.php3, and other unspecified scripts.
|
2006-09-29
|
Forum82 member.php repertorylevel Parameter Remote File Inclusion
|
|
29416
Description:
(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in Forum82 2.5.2b and earlier allow remote attackers to execute arbitrary PHP code via a URL in the repertorylevel parameter including scripts in /forum/ including (1) search.php, (2) message.php, (3) member.php, (4) mail.php, (5) lostpassword.php, (6) gesfil.php, (7) forum82lib.php3, and other unspecified scripts.
|
2006-09-29
|
Forum82 mail.php repertorylevel Parameter Remote File Inclusion
|
|
29417
Description:
(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in Forum82 2.5.2b and earlier allow remote attackers to execute arbitrary PHP code via a URL in the repertorylevel parameter including scripts in /forum/ including (1) search.php, (2) message.php, (3) member.php, (4) mail.php, (5) lostpassword.php, (6) gesfil.php, (7) forum82lib.php3, and other unspecified scripts.
|
2006-09-29
|
Forum82 lostpassword.php repertorylevel Parameter Remote File Inclusion
|
|
29418
Description:
(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in Forum82 2.5.2b and earlier allow remote attackers to execute arbitrary PHP code via a URL in the repertorylevel parameter including scripts in /forum/ including (1) search.php, (2) message.php, (3) member.php, (4) mail.php, (5) lostpassword.php, (6) gesfil.php, (7) forum82lib.php3, and other unspecified scripts.
|
2006-09-29
|
Forum82 gesfil.php repertorylevel Parameter Remote File Inclusion
|
|
29419
Description:
(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in Forum82 2.5.2b and earlier allow remote attackers to execute arbitrary PHP code via a URL in the repertorylevel parameter including scripts in /forum/ including (1) search.php, (2) message.php, (3) member.php, (4) mail.php, (5) lostpassword.php, (6) gesfil.php, (7) forum82lib.php3, and other unspecified scripts.
|
2006-09-29
|
Forum82 forum82lib.php3 repertorylevel Parameter Remote File Inclusion
|
|
37969
Description:
Open Geo Targeting contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'script.php' script not properly sanitizing user input supplied to the 'anp_path' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.
|
2006-09-29
|
Open Geo Targeting script.php anp_path Parameter Remote File Inclusion
|
|
29420
Description:
(Description Provided by CVE) : PHP remote file inclusion vulnerability in core/pdf.php in VideoDB 2.2.1 and earlier allows remote attackers to execute arbitrary PHP code via the config[pdf_module] parameter.
|
2006-09-29
|
VideoDB core/pdf.php config[pdf_module] Parameter Remote File Inclusion
|
|
29312
Description:
(Description Provided by CVE) : Multiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p20060530 allow remote attackers to cause a denial of service or possibly execute arbitrary code via multiple unspecified vectors in (1) dtsdec.c, (2) vorbis.c, (3) rm.c, (4) sierravmd.c, (5) smacker.c, (6) tta.c, (7) 4xm.c, (8) alac.c, (9) cook.c, (10) shorten.c, (11) smacker.c, (12) snow.c, and (13) tta.c. NOTE: it is likely that this is a different vulnerability than CVE-2005-4048 and CVE-2006-2802.
|
2006-09-29
|
FFmpeg libavcodec Multiple Overflows
|
|
29452
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in Bartels Schoene ConPresso before 4.0.5a allow remote attackers to inject arbitrary web script or HTML via (1) the nr parameter in detail.php, (2) the msg parameter in db_mysql.inc.php, and (3) the pos parameter in index.php.
|
2006-09-29
|
ConPresso CMS detail.php nr Parameter XSS
|
|
29453
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in Bartels Schoene ConPresso before 4.0.5a allow remote attackers to inject arbitrary web script or HTML via (1) the nr parameter in detail.php, (2) the msg parameter in db_mysql.inc.php, and (3) the pos parameter in index.php.
|
2006-09-29
|
ConPresso CMS db_mysql.inc.php msg Parameter XSS
|
|
29454
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in Bartels Schoene ConPresso before 4.0.5a allow remote attackers to inject arbitrary web script or HTML via (1) the nr parameter in detail.php, (2) the msg parameter in db_mysql.inc.php, and (3) the pos parameter in index.php.
|
2006-09-29
|
ConPresso CMS index.php pos Parameter XSS
|
|
29455
Description:
(Description Provided by CVE) : SQL injection vulnerability in index.php in Bartels Schoene ConPresso before 4.0.5a allows remote attackers to execute arbitrary SQL commands via the nr parameter.
|
2006-09-29
|
ConPresso CMS index.php nr Parameter SQL Injection
|
|
29293
Description:
TagIt! Tagboard contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to index.php not properly sanitizing user input supplied to the 'page' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.
|
2006-09-29
|
TagIt! Tagboard index.php page Parameter Remote File Inclusion
|
|
29485
Description:
(Description Provided by CVE) : SQL injection vulnerability in modules/Downloads/admin.php in the Admin section of PostNuke 0.762 allows remote attackers to execute arbitrary SQL commands via the hits parameter.
|
2006-09-29
|
PostNuke admin.php hits Parameter SQL Injection
|
|
29290
Description:
PHProjekt contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is triggered because the input supplied to 'lib_path' and 'lang_path' variables is not properly verified. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.
|
2006-09-29
|
PHProjekt Multiple Global Parameter Remote File Inclusion
|
|
29432
Description:
(Description Provided by CVE) : Buffer overflow in NTLM authentication in MailEnable Professional 2.0 and Enterprise 2.0 allows remote attackers to execute arbitrary code via "the signature field of NTLM Type 1 messages".
|
2006-09-29
|
MailEnable SMTP Connector NTLM Type 1 Message Signature Field Overflow
|
|
29433
Description:
(Description Provided by CVE) : The NTLM authentication in MailEnable Professional 2.0 and Enterprise 2.0 allows remote attackers to (1) execute arbitrary code via unspecified vectors involving crafted base64 encoded NTLM Type 3 messages, or (2) cause a denial of service via crafted base64 encoded NTLM Type 1 messages, which trigger a buffer over-read.
|
2006-09-29
|
MailEnable SMTP Connector NTLM Authentication Type 3 Message Unspecified Code Execution
|
|
29434
Description:
(Description Provided by CVE) : The NTLM authentication in MailEnable Professional 2.0 and Enterprise 2.0 allows remote attackers to (1) execute arbitrary code via unspecified vectors involving crafted base64 encoded NTLM Type 3 messages, or (2) cause a denial of service via crafted base64 encoded NTLM Type 1 messages, which trigger a buffer over-read.
|
2006-09-29
|
MailEnable SMTP Connector NTLM Authentication base64 Type 1 Message DoS
|
|
29989
Description:
(Description Provided by CVE) : Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick 6.0.7 allow user-assisted attackers to cause a denial of service and possibly execute arbitrary code via (1) a DCM image that is not properly handled by the ReadDCMImage function in coders/dcm.c, or (2) a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c.
|
2006-09-29
|
ImageMagick coders/dcm.c Unspecified Overflow
|
|
29284
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in the IP Address Lookup functionality in BSQ Sitestats (component for Joomla) 1.8.0, and possibly other versions before 2.2.1, allows remote attackers to inject arbitrary web script and HTML via the ip parameter.
|
2006-09-29
|
BSQ Sitestats for Joomla IP Address Lookup ip Field XSS
|
|
29285
Description:
(Description Provided by CVE) : Multiple SQL injection vulnerabilities in BSQ Sitestats (component for Joomla) 1.8.0, and possibly other versions before 2.2.1, allow remote attackers to execute arbitrary SQL commands via (1) unspecified parameters when importing the (a) ip-to-country.csv file; and the (2) HTTP Referer, (3) HTTP User Agent, and (4) HTTP Accept Language headers to (b) bsqtemplateinc.php.
|
2006-09-29
|
BSQ Sitestats for Joomla ip-to-country.csv Import Multiple Field SQL Injection
|