[CLOSE] OSVDB ID : 34924 - Disclosed: 2007-04-10

Description:

(Description Provided by CVE) : DropAFew before 0.2.1 does not require authorization for certain privileged actions, which allows remote attackers to (1) view the logged calorie information of arbitrary users via the id parameter in editlogcal.php, (2) add arbitrary links via links.php, or (3) create arbitrary users via newaccount2.php.

[CLOSE] OSVDB ID : 34925 - Disclosed: 2007-04-10

Description:

(Description Provided by CVE) : DropAFew before 0.2.1 does not require authorization for certain privileged actions, which allows remote attackers to (1) view the logged calorie information of arbitrary users via the id parameter in editlogcal.php, (2) add arbitrary links via links.php, or (3) create arbitrary users via newaccount2.php.

[CLOSE] OSVDB ID : 34926 - Disclosed: 2007-04-10

Description:

(Description Provided by CVE) : DropAFew before 0.2.1 does not require authorization for certain privileged actions, which allows remote attackers to (1) view the logged calorie information of arbitrary users via the id parameter in editlogcal.php, (2) add arbitrary links via links.php, or (3) create arbitrary users via newaccount2.php.

[CLOSE] OSVDB ID : 34896 - Disclosed: 2007-04-10

Description:

Bridge Update contains an unspecified flaw that may allow a malicious user to gain access to unauthorized privileges. This flaw may lead to a loss of integrity.

[CLOSE] OSVDB ID : 34889 - Disclosed: 2007-04-10

Description:

(Description Provided by CVE) : Double free vulnerability in bftpd before 1.8 allows remote authenticated users to cause a denial of service (daemon crash) via a (1) get or (2) mget command.

[CLOSE] OSVDB ID : 34807 - Disclosed: 2007-04-10

Description:

(Description Provided by CVE) : PHP remote file inclusion vulnerability in index.php in Weatimages 1.7.1 and earlier, when weatimages.ini is missing, allows remote attackers to execute arbitrary PHP code via a URL in the ini[langpack] parameter.

[CLOSE] OSVDB ID : 34671 - Disclosed: 2007-04-10

Description:

PHP contains a flaw that may allow a context-dependent attacker to execute arbitrary code. The issue is due to the GD library (libgd) not properly sanitizing user-supplied input to the createwbmp or readwbmp functions in wbmp.c. Using a specially crafted Wireless Bitmap (WBMP) image with a large width or height value, an attacker could trigger an integer overflow and execute arbitrary code.

[CLOSE] OSVDB ID : 34808 - Disclosed: 2007-04-10

Description:

(Description Provided by CVE) : InoutMailingListManager 3.1 and earlier allows remote attackers to access certain restricted functionality, and upload and execute arbitrary PHP code, by setting an arbitrary admin cookie.

[CLOSE] OSVDB ID : 34809 - Disclosed: 2007-04-10

Description:

(Description Provided by CVE) : InoutMailingListManager 3.1 and earlier sends a Location redirect header but does not exit after an authorization check fails, which allows remote attackers to access certain restricted functionality, and upload and execute arbitrary PHP code, by ignoring the redirect.

[CLOSE] OSVDB ID : 34810 - Disclosed: 2007-04-10

Description:

(Description Provided by CVE) : Multiple SQL injection vulnerabilities in InoutMailingListManager 3.1 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter to changename.php and other unspecified vectors.

[CLOSE] OSVDB ID : 34775 - Disclosed: 2007-04-10

Description:

(Description Provided by CVE) : PHP remote file inclusion vulnerability in index.php in SimpCMS Light 04.10.2007 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the site parameter.

[CLOSE] OSVDB ID : 34930 - Disclosed: 2007-04-10

Description:

(Description Provided by CVE) : Adobe ColdFusion MX 7 for Linux and Solaris uses insecure permissions for certain scripts and directories, which allows local users to execute arbitrary code or obtain sensitive information via the (1) CFMX7DreamWeaverExtensions.mxp, (2) CFReportBuilderInstaller.exe, (3) .com.zerog.registry.xml, (4) uninstall.lax, (5) license.txt, (6) Readme.htm, (7) .com.zerog.registry.xml, (8) k2adminstop, or (9) k2adminstart files; or (10) certain files in lib/wsconfig/.

[CLOSE] OSVDB ID : 34840 - Disclosed: 2007-04-10

Description:

(Description Provided by CVE) : Multiple directory traversal vulnerabilities in MimarSinan CompreXX 4.1 allow remote attackers to create files in arbitrary directories via a .. (dot dot) in a (1) .rar, (2) .jar or (3) .zip archive.

[CLOSE] OSVDB ID : 58746 - Disclosed: 2007-04-10

Description:

Apache Axis2 contains an unspecified flaw in JAX-WS Java2 related to WSDL4J. No further details are currently available.

[CLOSE] OSVDB ID : 34832 - Disclosed: 2007-04-10

Description:

(Description Provided by CVE) : Direct static code injection vulnerability in HIOX Guest Book (HGB) 4.0 allows remote attackers to inject arbitrary PHP code via the Email field, which results in code execution through a direct request to gb.php.

[CLOSE] OSVDB ID : 43427 - Disclosed: 2007-04-10

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 57125 - Disclosed: 2007-04-10

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 36709 - Disclosed: 2007-04-10

Description:

Absolute Poll Manager XE contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'msg' variable upon submission to the AbsolutePollManager/xlaapmview.asp script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 37425 - Disclosed: 2007-04-10

Description:

MyNews contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'include/blocks/week_events.php' script not properly sanitizing user input supplied to the 'myNewsConf[path][sys][index]' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

[CLOSE] OSVDB ID : 37637 - Disclosed: 2007-04-09

Description:

(Description Provided by CVE) : Heap-based buffer overflow in Microsoft Windows allows user-assisted remote attackers to have an unknown impact via a crafted .HLP file.

[CLOSE] OSVDB ID : 37754 - Disclosed: 2007-04-09

Description:

(Description Provided by CVE) : The ft_bitmap_assure_buffer function in src/base/ftbimap.c in FreeType 2.3.3 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors involving bitmap fonts, related to a "memory buffer overwrite bug."

[CLOSE] OSVDB ID : 37634 - Disclosed: 2007-04-09

Description:

(Description Provided by CVE) : Multiple unspecified vulnerabilities in Microsoft Word 2007 allow remote attackers to cause a denial of service (CPU consumption) via crafted documents, as demonstrated by (1) file798-1.doc and (2) file613-1.doc, possibly related to a buffer overflow.

[CLOSE] OSVDB ID : 37633 - Disclosed: 2007-04-09

Description:

(Description Provided by CVE) : Buffer overflow in wwlib.dll in Microsoft Word 2007 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted document, as demonstrated by file789-1.doc.

[CLOSE] OSVDB ID : 34322 - Disclosed: 2007-04-09

Description:

(Description Provided by CVE) : Multiple stack-based buffer overflows in the SignKorea SKCrypAX ActiveX control module 5.4.1.2 allow remote attackers to execute arbitrary code via a long string in unspecified arguments to the (1) DownloadCert, (2) DecryptFileByKey, and (3) EncryptFileByKey functions, a different module and vectors than CVE-2007-1722. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

[CLOSE] OSVDB ID : 34776 - Disclosed: 2007-04-09

Description:

(Description Provided by CVE) : Directory traversal vulnerability in richedit/keyboard.php in eCardMAX HotEditor (Hot Editor) 4.0, and the HotEditor plugin for MyBB, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the first parameter.

[CLOSE] OSVDB ID : 34835 - Disclosed: 2007-04-09

Description:

(Description Provided by CVE) : Multiple directory traversal vulnerabilities in ArchiveXpert 2.02 build 80 allow remote attackers to create files in arbitrary directories via a .. (dot dot) in a (1) .gz, (2) .jar, (3) .rar, (4) .tar.gz, (5) .zip, or (6) .tar file.

[CLOSE] OSVDB ID : 34747 - Disclosed: 2007-04-09

Description:

(Description Provided by CVE) : SQL injection vulnerability in login.php in Ryan Haudenschilt Battle.net Clan Script for PHP 1.5.1 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) user or (2) pass parameter.

[CLOSE] OSVDB ID : 79039 - Disclosed: 2007-04-09

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 34839 - Disclosed: 2007-04-09

Description:

(Description Provided by CVE) : Directory traversal vulnerability in AOL Instant Messenger (AIM) 5.9 and earlier, and ICQ 5.1 and probably earlier, allows user-assisted remote attackers to write files to arbitrary locations via a .. (dot dot) in a filename in a file transfer operation.

[CLOSE] OSVDB ID : 34119 - Disclosed: 2007-04-09

Description:

(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in signup.asp in CmailServer WebMail 5.3.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the POP3Mail parameter.

[CLOSE] OSVDB ID : 34321 - Disclosed: 2007-04-09

Description:

(Description Provided by CVE) : Multiple buffer overflows in the Internet Pictures Corporation iPIX Image Well ActiveX control (iPIX-ImageWell-ipix.dll) allow remote attackers to execute arbitrary code via unspecified vectors.

[CLOSE] OSVDB ID : 34722 - Disclosed: 2007-04-09

Description:

(Description Provided by CVE) : PHP remote file inclusion vulnerability in index.php in Request It 1.0b allows remote attackers to execute arbitrary PHP code via a URL in the id parameter.

[CLOSE] OSVDB ID : 34720 - Disclosed: 2007-04-09

Description:

(Description Provided by CVE) : PHP file inclusion vulnerability in php121db.php in PHP121 Instant Messenger 2.2 allows remote attackers to execute arbitrary PHP code via a UNC share pathname or a local file pathname in the php121dir parameter, which is accessed by the file_exists function.

[CLOSE] OSVDB ID : 34965 - Disclosed: 2007-04-09

Description:

(Description Provided by CVE) : Certain programs in containers in ScramDisk 4 Linux before 1.0-1 execute with SUID permissions, which allows local users to gain privileges via mounted containers.

[CLOSE] OSVDB ID : 34966 - Disclosed: 2007-04-09

Description:

(Description Provided by CVE) : ScramDisk 4 Linux before 1.0-1 does not perform permission checks on mount points, which allows local users to gain privileges by using a system directory as a mount point for a container.

[CLOSE] OSVDB ID : 34838 - Disclosed: 2007-04-09

Description:

(Description Provided by CVE) : Directory traversal vulnerability in AOL Instant Messenger (AIM) 5.9 and earlier, and ICQ 5.1 and probably earlier, allows user-assisted remote attackers to write files to arbitrary locations via a .. (dot dot) in a filename in a file transfer operation.

[CLOSE] OSVDB ID : 34811 - Disclosed: 2007-04-09

Description:

phpGalleryScript contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'init.gallery.php' script not properly sanitizing user input supplied to the 'include_class' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

[CLOSE] OSVDB ID : 34759 - Disclosed: 2007-04-09

Description:

(Description Provided by CVE) : Ichitaro 2005 through 2007, and possibly related products, allows remote attackers to have an unknown impact via unspecified vectors in a document distributed through e-mail or a web site, possibly due to a buffer overflow or cross-site scripting (XSS).

[CLOSE] OSVDB ID : 34844 - Disclosed: 2007-04-09

Description:

(Description Provided by CVE) : fsck, as used by the AirPort Disk feature of the AirPort Extreme Base Station with 802.11n before Firmware Update 7.1, and by Apple Mac OS X 10.3.9 through 10.4.9, does not properly enforce password protection of a USB hard drive, which allows context-dependent attackers to list arbitrary directories or execute arbitrary code, resulting from memory corruption.

[CLOSE] OSVDB ID : 37394 - Disclosed: 2007-04-09

Description:

(Description Provided by CVE) : PHP remote file inclusion vulnerability in warn.php in Pathos Content Management System (CMS) 0.92-2 allows remote attackers to execute arbitrary PHP code via a URL in the file parameter.