| OSVDB ID | Disclosure Date | Title |
|---|
|
42391
Description:
IAPR COMMENCE System contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'includes/page_includes/pagebase.php' script not properly sanitizing user input supplied to the 'php_root_path' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.
|
2007-11-25
|
IAPR COMMENCE System includes/page_includes/pagebase.php php_root_path Parameter Remote File Inclusion
|
|
44156
Description:
(Description Provided by CVE) : The web management interface in Citrix NetScaler 8.0 build 47.8 uses weak encryption (XOR of unpadded data) to store credentials within a cookie, which makes it easier for remote attackers to obtain cleartext credentials when a cookie is captured via a known-plaintext attack.
|
2007-11-25
|
Citrix NetScaler Web Management Interface Cookie Credentials Encryption Weakness
|
|
44155
Description:
(Description Provided by CVE) : The web management interface in Citrix NetScaler 8.0 build 47.8 stores the device's primary IP address in a cookie, which might allow remote attackers to obtain sensitive network configuration information if this address is not the same as the address being used by the web interface.
|
2007-11-25
|
Citrix NetScaler Web Management Interface IP Address Cookie Information Disclosure
|
|
51212
Description:
Unknown / Incomplete
|
2007-11-25
|
RichFX RFXInstMgr.RFXInstMgr ActiveX (nprfxins.dll) Control Multiple Overflows
|
|
82762
Description:
Anti Spam Image Plugin for WordPress contains a flaw that may allow an attacker to bypass the anti-automated CAPTCHA test. This flaw is triggered when an attacker supplies the same value for the 'securitycode' parameter on multiple pages, allowing an attacker to bypass CAPTCHA testing.
|
2007-11-25
|
Anti Spam Image Plugin for WordPress securitycode Parameter Replay CAPTCHA Bypass
|
|
41230
Description:
Unknown / Incomplete
|
2007-11-24
|
RunCMS modules/news/index.php xoopsOption[pagetype] Parameter Traversal Local File Inclusion
|
|
45765
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in the Red Hat Network channel search feature, as used in RHN and Red Hat Network Satellite before 5.0.2, allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
|
2007-11-24
|
Red Hat Linux Network Channel Search Feature Unspecified XSS
|
|
52796
Description:
Unknown / Incomplete
|
2007-11-24
|
PBLang ntopic.php fid Parameter Traversal Arbitrary File Write
|
|
43176
Description:
Unknown / Incomplete
|
2007-11-24
|
Ability Mail Server WebMail Auto-Signup Cloned User Information Disclosure
|
|
38814
Description:
(Description Provided by CVE) : Directory traversal vulnerability in scripts/include/show_content.php in Amber Script 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the id parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL.
|
2007-11-24
|
Amber Script show_content.php id Parameter Local File Inclusion
|
|
38817
Description:
Project Alumni contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'year' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2007-11-24
|
Project Alumni index.php year Parameter SQL Injection
|
|
38818
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in project alumni 1.0.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the year parameter to (1) xml/index.php; or (2) the year parameter to view.page.inc.php, which is reachable through a view action to the top-level index.php.
|
2007-11-24
|
Project Alumni index.php year Parameter XSS
|
|
38819
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in project alumni 1.0.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the year parameter to (1) xml/index.php; or (2) the year parameter to view.page.inc.php, which is reachable through a view action to the top-level index.php.
|
2007-11-24
|
Project Alumni xml/index.php year Parameter XSS
|
|
38824
Description:
E-Lite POS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'default.asp' script not properly sanitizing user-supplied input to the 'username' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2007-11-24
|
E-Lite POS default.asp username Parameter SQL Injection
|
|
38825
Description:
Unknown / Incomplete
|
2007-11-24
|
E-Lite POS Error Message User Account Information Disclosure
|
|
38872
Description:
Unknown / Incomplete
|
2007-11-24
|
NetAuctionHelp Classified Ads login.asp username Parameter SQL Injection
|
|
38885
Description:
vBTube Module for vBulletin contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'search' variables upon submission to the 'vBTube.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2007-11-24
|
vBTube Module for vBulletin vBTube.php search Parameter XSS
|
|
39278
Description:
WorkingOnWeb contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the events.php script not properly sanitizing user-supplied input to the idevent variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2007-11-24
|
WorkingOnWeb events.php idevent Parameter SQL Injection
|
|
43714
Description:
(Description Provided by CVE) : Heap-based buffer overflow in cygwin1.dll in Cygwin 1.5.7 and earlier allows context-dependent attackers to execute arbitrary code via a filename with a certain length, as demonstrated by a remote authenticated user who uses the SCP protocol to send a file to the Cygwin machine, and thereby causes scp.exe on this machine to execute, and then overwrite heap memory with characters from the filename. NOTE: it is also reported that a related issue might exist in 1.5.7 through 1.5.19.
|
2007-11-24
|
Cygwin cygwin1.dll Crafted Filename Handling Overflow
|
|
48703
Description:
Unknown / Incomplete
|
2007-11-23
|
Dell PowerEdge RAID Controller 5 Series Vulnerability Scan Remote DoS
|
|
41261
Description:
Unknown / Incomplete
|
2007-11-23
|
JEvents for Joomla comutils.php Remote File Inclusion
|
|
40876
Description:
A buffer overflow exists in Quicktime. Quicktime fails to validate RTSP stream Content-Type headers resulting in a stack overflow. With a specially crafted RTSP stream, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.
|
2007-11-23
|
Apple QuickTime RTSP Content-Type Header Processing Overflow
|
|
82761
Description:
Math Comment Spam Protection Plugin for Wordpress contains a flaw that may allow an attacker to bypass the anti-automated CAPTCHA test. This flaw is triggered when an attacker supplies the same value for the 'mcspvalue' and 'mcspinfo' parameters on multiple pages, allowing an attacker to bypass CAPTCHA testing.
|
2007-11-23
|
Math Comment Spam Protection Plugin for Wordpress mcspvalue / mcspinfo Parameter Replay CAPTCHA Bypass
|
|
42676
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in math-comment-spam-protection.php in the Math Comment Spam Protection 2.1 and earlier plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) mcsp_opt_msg_no_answer or (2) mcsp_opt_msg_wrong_answer parameter to wp-admin/options-general.php.
|
2007-11-23
|
Math Comment Spam Protection Plugin for Wordpress wp-admin/options-general.php Multiple Parameter XSS
|
|
42618
Description:
(Description Provided by CVE) : Multiple cross-site request forgery (CSRF) vulnerabilities in math-comment-spam-protection.php in the Math Comment Spam Protection 2.1 and earlier plugin for WordPress allow remote attackers to perform actions as administrators via the (1) mcsp_opt_msg_no_answer or (2) mcsp_opt_msg_wrong_answer parameter to wp-admin/options-general.php.
|
2007-11-23
|
Math Comment Spam Protection Plugin for Wordpress wp-admin/options-general.php Multiple Parameter CSRF
|
|
38800
Description:
(Description Provided by CVE) : Multiplce cross-site scripting (XSS) vulnerabilities in index.php in M2Scripts MySpace Scripts Poll Creator allow remote attackers to inject arbitrary web script or HTML via the (1) title, (2) intro, and (3) question parameters, and (4) unspecified answer parameters, in a create_new action. NOTE: some of these details are obtained from third party information.
|
2007-11-23
|
MySpace Scripts Poll Creator index.php Multiple Parameter XSS
|
|
38813
Description:
(Description Provided by CVE) : Multiple SQL injection vulnerabilities in login.asp in Irola My-Time (aka Timesheet) 3.5 allow remote attackers to execute arbitrary SQL commands via the (1) login (aka Username) and (2) password parameters. NOTE: some of these details are obtained from third party information.
|
2007-11-23
|
My-Time login.asp Multiple Parameter SQL Injection
|
|
39681
Description:
Mp3 Toolbox contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'index.php' script not properly sanitizing user input supplied to the 'skin_file' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.
|
2007-11-23
|
Mp3 ToolBox index.php skin_file Parameter Remote File Inclusion
|
|
50920
Description:
Unknown / Incomplete
|
2007-11-23
|
BitComet Resource Browser about: Script XSS
|
|
58755
Description:
Unknown / Incomplete
|
2007-11-23
|
Apache Harmony DRLVM Non-public Class Member Access
|
|
40583
Description:
(Description Provided by CVE) : Buffer overflow in Lhaplus 1.55 and earlier allows remote attackers to execute arbitrary code via a crafted LZH archive, a different vector than CVE-2007-5048.
|
2007-11-22
|
Lhaplus LZH Archive Handling Unspecified Overflow
|
|
42353
Description:
(Description Provided by CVE) : Unspecified vulnerability in Hitachi JP1/File Transmission Server/FTP 01-00 through 08-10-01 allows remote attackers to bypass authentication and "view files" via unspecified vectors.
|
2007-11-22
|
Hitachi JP1/File Transmission Server/FTP Unspecified Remote Authentication Bypass
|
|
42354
Description:
(Description Provided by CVE) : Hitachi JP1/File Transmission Server/FTP 01-00 through 08-10-02 on Windows might allow remote attackers to cause a denial of service (service stop) via a "specific file" argument to an FTP command.
|
2007-11-22
|
Hitachi JP1/File Transmission Server/FTP Unspecified FTP Command Remote DoS
|
|
40911
Description:
(Description Provided by CVE) : The chrp_show_cpuinfo function (chrp/setup.c) in Linux kernel 2.4.21 through 2.6.18-53, when running on PowerPC, might allow local users to cause a denial of service (crash) via unknown vectors that cause the of_get_property function to fail, which triggers a NULL pointer dereference.
|
2007-11-22
|
Linux Kernel on PowerPC chrp/setup.c chrp_show_cpuinfo Function Local DoS
|
|
39579
Description:
(Description Provided by CVE) : Multiple untrusted search path vulnerabilities in SUSE Linux 10.0 cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) liferea or (2) banshee.
|
2007-11-22
|
Liferea LD_LIBRARY_PATH Variable Path Subversion Local Privilege Escalation
|
|
39580
Description:
(Description Provided by CVE) : Multiple untrusted search path vulnerabilities in SUSE Linux 10.0 cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) liferea or (2) banshee.
|
2007-11-22
|
SuSE Linux banshee LD_LIBRARY_PATH Variable Path Subversion Local Privilege Escalation
|
|
51240
Description:
Unknown / Incomplete
|
2007-11-22
|
Ucms search.cache.inc.php Multiple Backdoor Paswords
|
|
52731
Description:
Unknown / Incomplete
|
2007-11-22
|
VigileCMS index.php rem_user / rem_pass Cookie Traversal Authentication Bypass
|
|
52732
Description:
Unknown / Incomplete
|
2007-11-22
|
VigileCMS vedipm.php Arbitrary File Write
|
|
38801
Description:
(Description Provided by CVE) : SQL injection vulnerability in news.php in Content Injector 1.52 allows remote attackers to execute arbitrary SQL commands via the cat parameter to index.php. NOTE: some of these details are obtained from third party information.
|
2007-11-22
|
Content Injector news.php cat Parameter SQL Injection
|
