[CLOSE] OSVDB ID : 41386 - Disclosed: 2007-09-30

Description:

(Description Provided by CVE) : Unspecified vulnerability in the XOOPS uploader class in Xoops 2.0.17.1-RC1 and earlier allows remote attackers to upload arbitrary files via unspecified vectors related to improper upload configuration settings in class/uploader.php and class/mimetypes.inc.php, possibly an incomplete blacklist that omits the .php4 extension.

[CLOSE] OSVDB ID : 45520 - Disclosed: 2007-09-30

Description:

(Description Provided by CVE) : ASP-CMS 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing the username and password via a direct request for mdb-database/ASP-CMS_v100.mdb.

[CLOSE] OSVDB ID : 41383 - Disclosed: 2007-09-30

Description:

(Description Provided by CVE) : Unspecified vulnerability in Quicksilver Forums before 1.4.1 allows remote attackers to delete arbitrary PMs via unspecified vectors.

[CLOSE] OSVDB ID : 41384 - Disclosed: 2007-09-30

Description:

(Description Provided by CVE) : Quicksilver Forums before 1.4.1 allows remote attackers to obtain sensitive information by causing unspecified connection errors, which reveals the database password in the resulting error message.

[CLOSE] OSVDB ID : 43273 - Disclosed: 2007-09-30

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 43272 - Disclosed: 2007-09-30

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 44749 - Disclosed: 2007-09-30

Description:

(Description Provided by CVE) : The iwl_set_rate function in compatible/iwl3945-base.c in iwlwifi 1.1.21 and earlier dereferences an iwl_get_hw_mode return value without checking for NULL, which might allow remote attackers to cause a denial of service (kernel panic) via unspecified vectors during module initialization.

[CLOSE] OSVDB ID : 45844 - Disclosed: 2007-09-30

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 45845 - Disclosed: 2007-09-30

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 37419 - Disclosed: 2007-09-30

Description:

phpbb-openid Module for phpBB contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'BBStore.php' script not properly sanitizing user input supplied to the 'openid_root_path' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

[CLOSE] OSVDB ID : 37427 - Disclosed: 2007-09-30

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in messaging/course/composeMessage.jsp in BlackBoard Learning System 6.3.1.593 and earlier in BlackBoard Academic Suite allow remote attackers to inject arbitrary web script or HTML via the (1) subject_t and (2) body_text parameters. NOTE: vector 2 requires bypassing a client-side security mechanism that attempts to block XSS sequences.

[CLOSE] OSVDB ID : 38555 - Disclosed: 2007-09-30

Description:

(Description Provided by CVE) : SQL injection vulnerability in catalog.asp in ASP Product Catalog allows remote attackers to execute arbitrary SQL commands via the cid parameter and possibly other parameters.

[CLOSE] OSVDB ID : 45519 - Disclosed: 2007-09-29

Description:

(Description Provided by CVE) : PHP remote file inclusion vulnerability in log.php in phpFreeLog alpha 0.2.0 allows remote attackers to include and execute arbitrary files via unspecified vectors. NOTE: the original disclosure is likely erroneous.

[CLOSE] OSVDB ID : 37400 - Disclosed: 2007-09-29

Description:

Mx At A Glance Module for MxBB Portal contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'contrib/mx_glance_sdesc.php' script not properly sanitizing user input supplied to the 'mx_root_path' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

[CLOSE] OSVDB ID : 38507 - Disclosed: 2007-09-29

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in eGov Manager allow remote attackers to inject arbitrary web script or HTML via unspecified "user-supplied input" to (1) center.exe or (2) Index.exe.

[CLOSE] OSVDB ID : 38508 - Disclosed: 2007-09-29

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in eGov Manager allow remote attackers to inject arbitrary web script or HTML via unspecified "user-supplied input" to (1) center.exe or (2) Index.exe.

[CLOSE] OSVDB ID : 38556 - Disclosed: 2007-09-29

Description:

(Description Provided by CVE) : SQL injection vulnerability in index.php in MAXdev MDPro (MD-Pro) 1.0.76 allows remote attackers to execute arbitrary SQL commands via a "Firefox ID=" substring in a Referer HTTP header.

[CLOSE] OSVDB ID : 38590 - Disclosed: 2007-09-29

Description:

(Description Provided by CVE) : SQL injection vulnerability in index.php in the MambAds (com_mambads) 1.5 and earlier component for Mambo allows remote attackers to execute arbitrary SQL commands via the caid parameter.

[CLOSE] OSVDB ID : 42342 - Disclosed: 2007-09-29

Description:

(Description Provided by CVE) : Multiple unspecified vulnerabilities in AlstraSoft Affiliate Network Pro allow remote attackers to include local files and have other unspecified impact, related to incorrect input validation or other defects involving (1) admin/backupstart.php, (2) a .sql filename under admin/admin/dump/, (3) a .sql filename in the fl parameter to admin/downloadbackup.php, and (4) a .. (dot dot) in the fl parameter to admin/downloadbackup.php.

[CLOSE] OSVDB ID : 42343 - Disclosed: 2007-09-29

Description:

(Description Provided by CVE) : Multiple unspecified vulnerabilities in AlstraSoft Affiliate Network Pro allow remote attackers to include local files and have other unspecified impact, related to incorrect input validation or other defects involving (1) admin/backupstart.php, (2) a .sql filename under admin/admin/dump/, (3) a .sql filename in the fl parameter to admin/downloadbackup.php, and (4) a .. (dot dot) in the fl parameter to admin/downloadbackup.php.

[CLOSE] OSVDB ID : 42344 - Disclosed: 2007-09-29

Description:

(Description Provided by CVE) : Multiple unspecified vulnerabilities in AlstraSoft Affiliate Network Pro allow remote attackers to include local files and have other unspecified impact, related to incorrect input validation or other defects involving (1) admin/backupstart.php, (2) a .sql filename under admin/admin/dump/, (3) a .sql filename in the fl parameter to admin/downloadbackup.php, and (4) a .. (dot dot) in the fl parameter to admin/downloadbackup.php.

[CLOSE] OSVDB ID : 42308 - Disclosed: 2007-09-28

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 41409 - Disclosed: 2007-09-28

Description:

(Description Provided by CVE) : admin/upload_files.php in Zomplog 3.8.1 and earlier does not check for administrative credentials, which allows remote attackers to perform administrative actions via a direct request. NOTE: this can be leveraged for code execution by exploiting CVE-2007-5231.

[CLOSE] OSVDB ID : 41410 - Disclosed: 2007-09-28

Description:

(Description Provided by CVE) : Unrestricted file upload vulnerability in admin/upload_files.php in Zomplog 3.8.1 and earlier allows remote authenticated administrators to upload and execute arbitrary .php files by sending a modified MIME type. NOTE: this can be exploited by unauthenticated attackers by leveraging CVE-2007-5230.

[CLOSE] OSVDB ID : 41411 - Disclosed: 2007-09-28

Description:

(Description Provided by CVE) : Zomplog 3.8.1 and earlier stores potentially sensitive information under the web root with insufficient access control, which allows remote attackers to download files that were uploaded by users, as demonstrated by obtaining a directory listing via a direct request to /upload and then retrieving individual files. NOTE: in a non-default configuration, the directory listing is denied, but filenames may be predicable.

[CLOSE] OSVDB ID : 39492 - Disclosed: 2007-09-28

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware 2.43 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO to the default URI associated with a directory, as demonstrated by (a) the root directory and (b) the view/ directory; (2) parameters associated with saved settings, as demonstrated by (c) the conf_Network_HostName parameter on the Network page and (d) the conf_Layout_OwnTitle parameter to ServerManager.srv; and (3) the query string to ServerManager.srv, which is displayed on the logs page. NOTE: an attacker can leverage a CSRF vulnerability to modify saved settings.

[CLOSE] OSVDB ID : 39493 - Disclosed: 2007-09-28

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware 2.43 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO to the default URI associated with a directory, as demonstrated by (a) the root directory and (b) the view/ directory; (2) parameters associated with saved settings, as demonstrated by (c) the conf_Network_HostName parameter on the Network page and (d) the conf_Layout_OwnTitle parameter to ServerManager.srv; and (3) the query string to ServerManager.srv, which is displayed on the logs page. NOTE: an attacker can leverage a CSRF vulnerability to modify saved settings.

[CLOSE] OSVDB ID : 39494 - Disclosed: 2007-09-28

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware 2.43 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO to the default URI associated with a directory, as demonstrated by (a) the root directory and (b) the view/ directory; (2) parameters associated with saved settings, as demonstrated by (c) the conf_Network_HostName parameter on the Network page and (d) the conf_Layout_OwnTitle parameter to ServerManager.srv; and (3) the query string to ServerManager.srv, which is displayed on the logs page. NOTE: an attacker can leverage a CSRF vulnerability to modify saved settings.

[CLOSE] OSVDB ID : 39495 - Disclosed: 2007-09-28

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware 2.43 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO to the default URI associated with a directory, as demonstrated by (a) the root directory and (b) the view/ directory; (2) parameters associated with saved settings, as demonstrated by (c) the conf_Network_HostName parameter on the Network page and (d) the conf_Layout_OwnTitle parameter to ServerManager.srv; and (3) the query string to ServerManager.srv, which is displayed on the logs page. NOTE: an attacker can leverage a CSRF vulnerability to modify saved settings.

[CLOSE] OSVDB ID : 41639 - Disclosed: 2007-09-28

Description:

A remote overflow exists in Nagios Plugins. Nagios Plugins fails to check for a boundary in check_http.c in the redir function caused by an overly long HTTP location header response resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 41382 - Disclosed: 2007-09-28

Description:

(Description Provided by CVE) : The focus handling for the onkeydown event in Microsoft Internet Explorer 6.0 allows remote attackers to change field focus and copy keystrokes via a certain use of a JavaScript htmlFor attribute, as demonstrated by changing focus from a textarea to a file upload field, a related issue to CVE-2007-3511.

[CLOSE] OSVDB ID : 41381 - Disclosed: 2007-09-28

Description:

(Description Provided by CVE) : IceGUI.DLL in ICEOWS 4.20b invokes a function with incorrect arguments, which allows user-assisted remote attackers to execute arbitrary code via a long filename in the header of an ACE archive, which triggers a stack-based buffer overflow.

[CLOSE] OSVDB ID : 40832 - Disclosed: 2007-09-28

Description:

(Description Provided by CVE) : Unspecified vulnerability in the embedded service processor (SP) before 3.09 in Sun Fire X2100 M2 and X2200 M2 Embedded Lights Out Manager (ELOM) allows remote attackers to send arbitrary network traffic and use ELOM as a spam proxy.

[CLOSE] OSVDB ID : 41380 - Disclosed: 2007-09-28

Description:

(Description Provided by CVE) : Session fixation vulnerability in Aipo and Aipo ASP 3.0.1.0 and earlier allows remote attackers to hijack web sessions via unspecified vectors.

[CLOSE] OSVDB ID : 45822 - Disclosed: 2007-09-28

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 38795 - Disclosed: 2007-09-28

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware before 2.43 allow remote attackers to inject arbitrary web script or HTML via (1) parameters associated with saved settings, as demonstrated by the conf_SMTP_MailServer1 parameter to ServerManager.srv; or (2) the subpage parameter to wizard/first/wizard_main_first.shtml. NOTE: an attacker can leverage a CSRF vulnerability to modify saved settings.

[CLOSE] OSVDB ID : 38796 - Disclosed: 2007-09-28

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware before 2.43 allow remote attackers to inject arbitrary web script or HTML via (1) parameters associated with saved settings, as demonstrated by the conf_SMTP_MailServer1 parameter to ServerManager.srv; or (2) the subpage parameter to wizard/first/wizard_main_first.shtml. NOTE: an attacker can leverage a CSRF vulnerability to modify saved settings.

[CLOSE] OSVDB ID : 39138 - Disclosed: 2007-09-27

Description:

(Description Provided by CVE) : Incomplete blacklist vulnerability in editor/filemanager/upload/php/upload.php in FCKeditor, as used in SiteX CMS 0.7.3.beta, La-Nai CMS, Syntax CMS, Cardinal Cms, and probably other products, allows remote attackers to upload and execute arbitrary PHP code via a file whose name contains ".php." and has an unknown extension, which is recognized as a .php file by the Apache HTTP server, a different vulnerability than CVE-2006-0658 and CVE-2006-2529.

[CLOSE] OSVDB ID : 42303 - Disclosed: 2007-09-27

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 41365 - Disclosed: 2007-09-27

Description:

(Description Provided by CVE) : Multiple SQL injection vulnerabilities in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary SQL commands via CsAgent service commands with opcodes (1) 0x07, (2) 0x08, (3) 0x09, (4) 0x1E, (5) 0x32, (6) 0x36, (7) 0x40, and possibly others.