[CLOSE] OSVDB ID : 44055 - Disclosed: 2008-01-31

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 27531 - Disclosed: 2008-01-31

Description:

Novell GroupWise WebAccess contains a flaw that may allow a remote cross-site scripting attack. The 'webacc' program fails to validate the 'User.html', 'Error', 'User.Theme.index' and 'User.lang' variables before being returned to the user. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server.

[CLOSE] OSVDB ID : 40833 - Disclosed: 2008-01-31

Description:

(Description Provided by CVE) : Stack-based buffer overflow in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.5.70 and earlier, as used in MySpace MySpaceUploader.ocx 1.0.0.4, allows remote attackers to execute arbitrary code via a long Action property.

[CLOSE] OSVDB ID : 40887 - Disclosed: 2008-01-31

Description:

(Description Provided by CVE) : Multiple directory traversal vulnerabilities in Nilson's Blogger 0.11 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the permalink parameter in core.php, accessed through index.php; and (2) the thispost parameter in comments.php.

[CLOSE] OSVDB ID : 40888 - Disclosed: 2008-01-31

Description:

(Description Provided by CVE) : Multiple directory traversal vulnerabilities in Nilson's Blogger 0.11 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the permalink parameter in core.php, accessed through index.php; and (2) the thispost parameter in comments.php.

[CLOSE] OSVDB ID : 40889 - Disclosed: 2008-01-31

Description:

(Description Provided by CVE) : Stack-based buffer overflow in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.5.70 and earlier, as used in MySpace MySpaceUploader.ocx 1.0.0.4, allows remote attackers to execute arbitrary code via a long Action property.

[CLOSE] OSVDB ID : 41128 - Disclosed: 2008-01-31

Description:

Mindmeld contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'acweb/admin_index.php' script not properly sanitizing user input supplied to the 'MM_GLOBALS[home]' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

[CLOSE] OSVDB ID : 41129 - Disclosed: 2008-01-31

Description:

Mindmeld contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'include/ask.inc.php' script not properly sanitizing user input supplied to the 'MM_GLOBALS[home]' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

[CLOSE] OSVDB ID : 41130 - Disclosed: 2008-01-31

Description:

Mindmeld contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'include/learn.inc.php' script not properly sanitizing user input supplied to the 'MM_GLOBALS[home]' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

[CLOSE] OSVDB ID : 41131 - Disclosed: 2008-01-31

Description:

Mindmeld contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'include/manage.inc.php' script not properly sanitizing user input supplied to the 'MM_GLOBALS[home]' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

[CLOSE] OSVDB ID : 41132 - Disclosed: 2008-01-31

Description:

Mindmeld contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'include/mind.inc.php' script not properly sanitizing user input supplied to the 'MM_GLOBALS[home]' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

[CLOSE] OSVDB ID : 41133 - Disclosed: 2008-01-31

Description:

Mindmeld contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'include/sensory.inc.php' script not properly sanitizing user input supplied to the 'MM_GLOBALS[home]' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

[CLOSE] OSVDB ID : 41213 - Disclosed: 2008-01-31

Description:

(Description Provided by CVE) : SQL injection vulnerability in index.php in the Restaurant (com_restaurant) 1.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action.

[CLOSE] OSVDB ID : 41214 - Disclosed: 2008-01-31

Description:

(Description Provided by CVE) : SQL injection vulnerability in index.php in the Arthur Konze AkoGallery (com_akogallery) 2.5 beta component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action.

[CLOSE] OSVDB ID : 41216 - Disclosed: 2008-01-31

Description:

cforms Plugin for Wordpress contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'cforms-css.php' script not properly sanitizing user input supplied to the 'tm' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

[CLOSE] OSVDB ID : 41219 - Disclosed: 2008-01-31

Description:

(Description Provided by CVE) : SQL injection vulnerability in index.php in the CatalogShop (com_catalogshop) 1.0b1 componenent for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action.

[CLOSE] OSVDB ID : 41522 - Disclosed: 2008-01-31

Description:

(Description Provided by CVE) : Multiple directory traversal vulnerabilities in sflog! 0.96 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) permalink or (2) section parameter to index.php, possibly involving includes/entries.inc.php and other files included by index.php.

[CLOSE] OSVDB ID : 49167 - Disclosed: 2008-01-31

Description:

(Description Provided by CVE) : Insecure method vulnerability in the Chilkat FTP 2.0 ActiveX component (ChilkatCert.dll) allows remote attackers to overwrite arbitrary files via a full pathname in the SavePkcs8File method.

[CLOSE] OSVDB ID : 57915 - Disclosed: 2008-01-31

Description:

(Description Provided by CVE) : Coppermine Photo Gallery (CPG) 1.4.14 does not restrict access to update.php, which allows remote attackers to obtain sensitive information such as the database table prefix via a direct request. NOTE: this might be leveraged for attacks against CVE-2008-0504.

[CLOSE] OSVDB ID : 57916 - Disclosed: 2008-01-31

Description:

(Description Provided by CVE) : Coppermine Photo Gallery (CPG) 1.4.14 allows remote attackers to obtain sensitive information via a direct request to include/slideshow.inc.php, which leaks the installation path in an error message.

[CLOSE] OSVDB ID : 41761 - Disclosed: 2008-01-30

Description:

(Description Provided by CVE) : Unspecified vulnerability in the product view functionality in VirtueMart 1.0.13a and earlier allows remote attackers to read arbitrary files via vectors related to a template file.

[CLOSE] OSVDB ID : 41762 - Disclosed: 2008-01-30

Description:

(Description Provided by CVE) : Cross-site request forgery (CSRF) vulnerability in VirtueMart 1.0.13a and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.

[CLOSE] OSVDB ID : 40854 - Disclosed: 2008-01-30

Description:

(Description Provided by CVE) : Multiple SQL injection vulnerabilities in main.php in the WassUp plugin 1.4 through 1.4.3 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) from_date or (2) to_date parameter to spy.php.

[CLOSE] OSVDB ID : 43849 - Disclosed: 2008-01-30

Description:

(Description Provided by CVE) : Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9, when generating the HTTP Referer header, does not list the entire URL when it contains Basic Authentication credentials without a username, which makes it easier for remote attackers to bypass application protection mechanisms that rely on Referer headers, such as with some Cross-Site Request Forgery (CSRF) mechanisms.

[CLOSE] OSVDB ID : 41068 - Disclosed: 2008-01-30

Description:

(Description Provided by CVE) : The Comment Upload 4.7.x before 4.7.x-0.1 and 5.x before 5.x-0.1 module for Drupal does not properly use functions in the upload module, which allows remote attackers to bypass upload validation, and upload arbitrary files and possibly execute arbitrary code, via unspecified vectors.

[CLOSE] OSVDB ID : 42199 - Disclosed: 2008-01-30

Description:

(Description Provided by CVE) : Buffer overflow in url.c in MPlayer 1.0rc2 and SVN before r25823 allows remote attackers to execute arbitrary code via a crafted URL that prevents the IPv6 parsing code from setting a pointer to NULL, which causes the buffer to be reused by the unescape code.

[CLOSE] OSVDB ID : 42200 - Disclosed: 2008-01-30

Description:

(Description Provided by CVE) : Buffer overflow in stream_cddb.c in MPlayer 1.0rc2 and SVN before r25824 allows remote user-assisted attackers to execute arbitrary code via a CDDB database entry containing a long album title.

[CLOSE] OSVDB ID : 41069 - Disclosed: 2008-01-30

Description:

(Description Provided by CVE) : Unspecified vulnerability in the IP-authentication feature in the Secure Site 5.x-1.0 and 4.7.x-1.0 module for Drupal allows remote attackers to gain the privileges of a user who has authenticated from behind the same proxy server as the attacker.

[CLOSE] OSVDB ID : 42834 - Disclosed: 2008-01-30

Description:

(Description Provided by CVE) : Stack-based buffer overflow in Pierre-emmanuel Gougelet (1) XnView 1.91 and 1.92, (2) NConvert 4.85, and (3) libgfl280.dll in GFL SDK 2.870 for Windows allows user-assisted remote attackers to execute arbitrary code via a crafted Radiance RGBE (.hdr) file.

[CLOSE] OSVDB ID : 42150 - Disclosed: 2008-01-30

Description:

(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in the Project Issue Tracking module 5.x-2.x-dev before 20080130 in the 5.x-2.x series, 5.x-1.2 and earlier in the 5.x-1.x series, 4.7.x-2.6 and earlier in the 4.7.x-2.x series, and 4.7.x-1.6 and earlier in the 4.7.x-1.x series for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors that write to summary table pages.

[CLOSE] OSVDB ID : 42151 - Disclosed: 2008-01-30

Description:

(Description Provided by CVE) : The Project Issue Tracking module 5.x-2.x-dev before 20080130 in the 5.x-2.x series, 5.x-1.2 and earlier in the 5.x-1.x series, 4.7.x-2.6 and earlier in the 4.7.x-2.x series, and 4.7.x-1.6 and earlier in the 4.7.x-1.x series for Drupal (1) does not restrict the extensions of attached files when the Upload module is enabled for issue nodes, which allows remote attackers to upload and possibly execute arbitrary files; and (2) accepts the .html extension within the bundled file-upload functionality, which allows remote attackers to upload files containing arbitrary web script or HTML.

[CLOSE] OSVDB ID : 42832 - Disclosed: 2008-01-30

Description:

(Description Provided by CVE) : Stack-based buffer overflow in Pierre-emmanuel Gougelet (1) XnView 1.91 and 1.92, (2) NConvert 4.85, and (3) libgfl280.dll in GFL SDK 2.870 for Windows allows user-assisted remote attackers to execute arbitrary code via a crafted Radiance RGBE (.hdr) file.

[CLOSE] OSVDB ID : 42833 - Disclosed: 2008-01-30

Description:

(Description Provided by CVE) : Stack-based buffer overflow in Pierre-emmanuel Gougelet (1) XnView 1.91 and 1.92, (2) NConvert 4.85, and (3) libgfl280.dll in GFL SDK 2.870 for Windows allows user-assisted remote attackers to execute arbitrary code via a crafted Radiance RGBE (.hdr) file.

[CLOSE] OSVDB ID : 41685 - Disclosed: 2008-01-30

Description:

(Description Provided by CVE) : Unspecified vulnerability in Electronic Logbook (ELOG) before 2.7.2 has unknown impact and attack vectors when the "logbook contains HTML code," probably cross-site scripting (XSS).

[CLOSE] OSVDB ID : 41677 - Disclosed: 2008-01-30

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in docs/showdoc.php in Coppermine Photo Gallery (CPG) before 1.4.15 allow remote attackers to inject arbitrary web script or HTML via the (1) h and (2) t parameters.

[CLOSE] OSVDB ID : 41676 - Disclosed: 2008-01-30

Description:

Coppermine Photo Gallery contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is triggered when include/imageObjectIM.class.php fails to validate data passed to the 'quality,' 'angle' and 'clipval' parameters.

[CLOSE] OSVDB ID : 41679 - Disclosed: 2008-01-30

Description:

(Description Provided by CVE) : Multiple SQL injection vulnerabilities in Coppermine Photo Gallery (CPG) before 1.4.15 allow remote authen ticated administrators to execute arbitrary SQL commands via the (1) albumid, (2) startpic, and (3) numpics parameters to util.php; and (4) cid_array parameter to reviewcom.php.

[CLOSE] OSVDB ID : 40775 - Disclosed: 2008-01-30

Description:

SoftCart contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'License_Plate', 'License_State', 'Ticket_Date', and 'Ticket_Number' variables upon submission to the 'SoftCart.exe' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 40779 - Disclosed: 2008-01-30

Description:

(Description Provided by CVE) : SQL injection vulnerability in adclick.php in the AdServe 0.2 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter.

[CLOSE] OSVDB ID : 40781 - Disclosed: 2008-01-30

Description:

SQLiteManager contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'spaw/dialogs/confirm.php' script not properly sanitizing user input supplied to the 'spaw_root' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.