| OSVDB ID | Disclosure Date | Title |
|
53247
Description:
Unknown / Incomplete
|
2008-12-31
|
Dillo Web Browser SSL Certificate Verification Failure
|
|
53306
Description:
(Description Provided by CVE) : An ActiveX control in prtstb06.dll in Microsoft Money 2006, when used with WScript in Windows Script Host (WSH) on Windows Vista, allows remote attackers to cause a denial of service (access violation and application crash) via a zero value for the Startup property.
|
2008-12-31
|
Microsoft Money prtstb06.dll ActiveX Startup Property Remote DoS
|
|
53307
Description:
(Description Provided by CVE) : Memory leak in Libxul, as used in Mozilla Firefox 3.0.5 and other products, allows remote attackers to cause a denial of service (memory consumption and browser hang) via a long CLASS attribute in an HR element in an HTML document.
|
2008-12-31
|
Libxul CLASS Attribute Handling Memory Exhaustion DoS
|
|
53308
Description:
(Description Provided by CVE) : Memory leak in WebKit.dll in WebKit, as used by Apple Safari 3.2 on Windows Vista SP1, allows remote attackers to cause a denial of service (memory consumption and browser crash) via a long ALINK attribute in a BODY element in an HTML document.
|
2008-12-31
|
Apple Safari on Windows WebKit.dll ALINK Attribute Handling Memory Exhaustion DoS
|
|
51161
Description:
FlexPHPic contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the admin/index.php script not properly sanitizing user-supplied input to the checkuser and checkpass parameters. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-12-30
|
FlexPHPic admin/index.php Multiple Parameter SQL Injection
|
|
51160
Description:
Vacation Script contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the properties_view.php script not properly sanitizing user-supplied input to the editid1 parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-12-30
|
Vacation Script properties_view.php editid1 Parameter SQL Injection
|
|
52033
Description:
Sections Module for PHP-Nuke contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'modules.php' script not properly sanitizing user-supplied input to the 'artid' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-12-30
|
Sections Module for PHP-Nuke modules.php artid Parameter SQL Injection
|
|
59019
Description:
Unknown / Incomplete
|
2008-12-30
|
Apache mod_python Cookie Salting Weakness
|
|
51147
Description:
Unknown / Incomplete
|
2008-12-30
|
Nokia Phones Crafted SMS Message Remote DoS (Curse of Silence)
|
|
51026
Description:
OpenEdit DAM contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'name' parameter upon submission to the 'archive/savedqueries/savequeryfinish.html'. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2008-12-30
|
OpenEdit DAM archive/savedqueries/savequeryfinish.html name Parameter XSS
|
|
51028
Description:
OpenEdit DAM contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate "catalogid" variables upon submission to data/views/index.html. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2008-12-30
|
OpenEdit data/views/index.html catalogid Parameter XSS
|
|
51027
Description:
OpenEdit DAM contains a flaw that allows a remote Cross-Site Request Forgery (CSRF / XSRF) attack. The flaw exists because the application does not require multiple steps and/or confirmation for sensitive transactions. By using a crafted URL (e.g. a crafted GET request inside an "img" tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into executing arbitrary commands in the context of their session with the application, without further prompting or verification.
|
2008-12-30
|
OpenEdit DAM Unspecified CSRF
|
|
51081
Description:
Pixel8 Web Photo Album contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'Photo.asp' script not properly sanitizing user-supplied input to the 'AlbumID' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-12-30
|
Pixel8 Web Photo Album Photo.asp AlbumID Parameter SQL Injection
|
|
51069
Description:
(Description Provided by CVE) : Heap-based buffer overflow in msadpcm.c in libaudiofile in audiofile 0.2.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WAV file.
|
2008-12-30
|
Audio File Library libaudiofile/modules/msadpcm.c ms_adpcm_decode_block() Function Crafted WAV File Handling Overflow
|
|
51118
Description:
CMScout contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'id' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-12-30
|
CMScout index.php id Parameter SQL Injection
|
|
51106
Description:
(Description Provided by CVE) : Eval injection vulnerability in Megacubo 5.0.7 allows remote attackers to inject and execute arbitrary PHP code via the play action in a mega:// URI.
|
2008-12-30
|
Megacubo mega:// URI Handling Arbitrary PHP Code Injection
|
|
51119
Description:
CMScout contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'admin.php' script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'bit' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.
|
2008-12-30
|
CMScout admin.php bit Parameter Traversal Local File Inclusion
|
|
51120
Description:
CMScout contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'index.php' script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'bit' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.
|
2008-12-30
|
CMScout index.php bit Parameter Traversal Local File Inclusion
|
|
53294
Description:
Unknown / Incomplete
|
2008-12-29
|
Cisco Multiple Switches DTP Protocol Unspecified Remote Overflow
|
|
51015
Description:
webClassifieds contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.php script, when the page parameter is set to "sign_in", not properly sanitizing user-supplied input to the password variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-12-29
|
webClassifieds index.php Multiple Parameter SQL Injection
|
|
51013
Description:
eDNews contains a flaw that allows a remote attacker to view local files outside of the web path. The issue is due to the 'eDNews_archive.php' not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'lg' parameter.
|
2008-12-29
|
eDNews eDNews_archive.php lg Parameter Traversal Local File Inclusion
|
|
51014
Description:
eDNews contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the eDNews_view.php script not properly sanitizing user-supplied input to the newsid parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-12-29
|
eDNews eDNews_view.php newsid SQL Injection
|
|
51054
Description:
Sepcity Shopping Mall contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the shpdetails.php script not properly sanitizing user-supplied input to the ID Parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-12-29
|
Sepcity Shopping Mall shpdetails.asp ID Parameter SQL Injection
|
|
51012
Description:
eDContainer contains a flaw that allows a remote attacker to view local files outside of the web path. The issue is due to the index.php not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the lg parameter.
|
2008-12-29
|
eDContainer index.php lg Parameter Traversal Local File Inclusion
|
|
51055
Description:
Sepcity Classified Ads contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the classdis.asp script not properly sanitizing user-supplied input to the ID Parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-12-29
|
Sepcity Classified Ads classdis.asp ID Parameter SQL Injection
|
|
53281
Description:
(Description Provided by CVE) : ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to obtain sensitive information via a URL in the POST_DATA parameter to manuals_search.php, which reveals the installation path in an error message.
|
2008-12-29
|
ViArt Shop manuals_search.php POST_DATA Parameter Path Disclosure
|
|
53282
Description:
(Description Provided by CVE) : ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to obtain sensitive information via an unauthenticated add and save action for a shopping cart in cart_save.php, which reveals the SQL table names in an error message, related to code that mishandles the lack of a user_id parameter.
|
2008-12-29
|
ViArt Shop cart_save.php Database Tables Disclosure
|
|
53283
Description:
ViArt Shop contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'cart_name' parameter upon submission to the 'cart_save.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2008-12-29
|
ViArt Shop cart_save.php cart_name Parameter XSS
|
|
53284
Description:
ViArt Shop contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'manuals_search' parameter upon submission to the 'manuals_search.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2008-12-29
|
ViArt Shop manuals_search.php manuals_search Parameter XSS
|
|
53285
Description:
(Description Provided by CVE) : cart_save.php in ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to cause a denial of service (excessive shopping carts) via a flood of requests.
|
2008-12-29
|
ViArt Shop cart_save.php Saturation DoS
|
|
51011
Description:
Ultimate PHP Board contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the User-Agent Header. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2008-12-29
|
Ultimate PHP Board (UPB) User-Agent Header XSS
|
|
51056
Description:
Sepcity Faculty Portal contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the deptdisplay.asp script not properly sanitizing user-supplied input to the ID Parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-12-29
|
Sepcity Faculty Portal deptdisplay.asp ID Parameter SQL Injection
|
|
55708
Description:
NetCat contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'modules/poll/index.php' script not properly sanitizing user-supplied input to the 'PollID' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-12-29
|
NetCat modules/poll/index.php PollID Parameter SQL Injection
|
|
51029
Description:
(Description Provided by CVE) : Cross-site request forgery (CSRF) vulnerability in cart_save.php in ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to hijack the authentication of arbitrary users for requests that conduct persistent cross-site scripting (XSS) attacks via the cart_name parameter in a save action.
|
2008-12-29
|
ViArt Shop cart_save.php cart_name Parameter CSRF
|
|
51302
Description:
FlexPHPDirectory contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the admin/usercheck.php script not properly sanitizing user-supplied input to the 'checkuser' and 'checkpass' parameters. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2008-12-29
|
FlexPHPDirectory admin/usercheck.php Multiple Parameter SQL Injection
|
|
51034
Description:
FlexPHPSite contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the admin/index.php script not properly sanitizing user-supplied input to the 'checkuser' and 'checkpass' parameters. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2008-12-29
|
FlexPHPSite admin/index.php Multiple Parameter SQL Injection
|
|
51143
Description:
(Description Provided by CVE) : Unrestricted file upload vulnerability in admin/galeria.php in ThePortal2 2.2 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the file in galeria/.
|
2008-12-29
|
ThePortal2 galeria.php Unrestricted File Upload Arbitrary PHP Code Execution
|
|
51053
Description:
PHP-Fusion contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate unspecified parameters upon submission to the messages.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2008-12-29
|
PHP-Fusion messages.php Unspecified Parameter XSS
|
|
51139
Description:
phpAlumni contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'Acomment.php' script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-12-29
|
phpAlumni Acomment.php id Parameter SQL Injection
|
|
51261
Description:
(Description Provided by CVE) : Stack-based buffer overflow in IntelliTamper 2.07 and 2.08 allows user-assisted attackers to execute arbitrary code via a long ProxyLogin value in a configuration (.cfg) file.
|
2008-12-29
|
IntelliTamper CFG File ProxyLogin Value Handling Overflow
|