[CLOSE] OSVDB ID : 27531 - Disclosed: 2008-01-31

Description:

Novell GroupWise WebAccess contains a flaw that may allow a remote cross-site scripting attack. The 'webacc' program fails to validate the 'User.html', 'Error', 'User.Theme.index' and 'User.lang' variables before being returned to the user. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server.

[CLOSE] OSVDB ID : 40833 - Disclosed: 2008-01-31

Description:

(Description Provided by CVE) : Stack-based buffer overflow in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.5.70 and earlier, as used in MySpace MySpaceUploader.ocx 1.0.0.4, allows remote attackers to execute arbitrary code via a long Action property.

[CLOSE] OSVDB ID : 40887 - Disclosed: 2008-01-31

Description:

(Description Provided by CVE) : Multiple directory traversal vulnerabilities in Nilson's Blogger 0.11 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the permalink parameter in core.php, accessed through index.php; and (2) the thispost parameter in comments.php.

[CLOSE] OSVDB ID : 40888 - Disclosed: 2008-01-31

Description:

(Description Provided by CVE) : Multiple directory traversal vulnerabilities in Nilson's Blogger 0.11 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the permalink parameter in core.php, accessed through index.php; and (2) the thispost parameter in comments.php.

[CLOSE] OSVDB ID : 40889 - Disclosed: 2008-01-31

Description:

Stack-based buffer overflow in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.5.70 and earlier, as used in MySpace MySpaceUploader.ocx 1.0.0.4, allows remote attackers to execute arbitrary code via a long Action property.

[CLOSE] OSVDB ID : 41128 - Disclosed: 2008-01-31

Description:

(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in Mindmeld 1.2.0.10 allow remote attackers to execute arbitrary PHP code via a URL in the MM_GLOBALS[home] parameter to (1) acweb/admin_index.php; and (2) ask.inc.php, (3) learn.inc.php, (4) manage.inc.php, (5) mind.inc.php, and (6) sensory.inc.php in include/.

[CLOSE] OSVDB ID : 41129 - Disclosed: 2008-01-31

Description:

(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in Mindmeld 1.2.0.10 allow remote attackers to execute arbitrary PHP code via a URL in the MM_GLOBALS[home] parameter to (1) acweb/admin_index.php; and (2) ask.inc.php, (3) learn.inc.php, (4) manage.inc.php, (5) mind.inc.php, and (6) sensory.inc.php in include/.

[CLOSE] OSVDB ID : 41130 - Disclosed: 2008-01-31

Description:

(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in Mindmeld 1.2.0.10 allow remote attackers to execute arbitrary PHP code via a URL in the MM_GLOBALS[home] parameter to (1) acweb/admin_index.php; and (2) ask.inc.php, (3) learn.inc.php, (4) manage.inc.php, (5) mind.inc.php, and (6) sensory.inc.php in include/.

[CLOSE] OSVDB ID : 41131 - Disclosed: 2008-01-31

Description:

(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in Mindmeld 1.2.0.10 allow remote attackers to execute arbitrary PHP code via a URL in the MM_GLOBALS[home] parameter to (1) acweb/admin_index.php; and (2) ask.inc.php, (3) learn.inc.php, (4) manage.inc.php, (5) mind.inc.php, and (6) sensory.inc.php in include/.

[CLOSE] OSVDB ID : 41132 - Disclosed: 2008-01-31

Description:

(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in Mindmeld 1.2.0.10 allow remote attackers to execute arbitrary PHP code via a URL in the MM_GLOBALS[home] parameter to (1) acweb/admin_index.php; and (2) ask.inc.php, (3) learn.inc.php, (4) manage.inc.php, (5) mind.inc.php, and (6) sensory.inc.php in include/.

[CLOSE] OSVDB ID : 41133 - Disclosed: 2008-01-31

Description:

(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in Mindmeld 1.2.0.10 allow remote attackers to execute arbitrary PHP code via a URL in the MM_GLOBALS[home] parameter to (1) acweb/admin_index.php; and (2) ask.inc.php, (3) learn.inc.php, (4) manage.inc.php, (5) mind.inc.php, and (6) sensory.inc.php in include/.

[CLOSE] OSVDB ID : 41213 - Disclosed: 2008-01-31

Description:

(Description Provided by CVE) : SQL injection vulnerability in index.php in the Restaurant (com_restaurant) 1.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action.

[CLOSE] OSVDB ID : 41214 - Disclosed: 2008-01-31

Description:

(Description Provided by CVE) : SQL injection vulnerability in index.php in the Arthur Konze AkoGallery (com_akogallery) 2.5 beta component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action.

[CLOSE] OSVDB ID : 41216 - Disclosed: 2008-01-31

Description:

(Description Provided by CVE) : ** DISPUTED ** PHP remote file inclusion vulnerability in cforms-css.php in Oliver Seidel cforms (contactforms), a Wordpress plugin, allows remote attackers to execute arbitrary PHP code via a URL in the tm parameter. NOTE: CVE disputes this issue for 7.3, since there is no tm parameter, and the code exits with a fatal error due to a call to an undefined function.

[CLOSE] OSVDB ID : 41219 - Disclosed: 2008-01-31

Description:

(Description Provided by CVE) : SQL injection vulnerability in index.php in the CatalogShop (com_catalogshop) 1.0b1 componenent for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action.

[CLOSE] OSVDB ID : 41522 - Disclosed: 2008-01-31

Description:

(Description Provided by CVE) : Multiple directory traversal vulnerabilities in sflog! 0.96 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) permalink or (2) section parameter to index.php, possibly involving includes/entries.inc.php and other files included by index.php.

[CLOSE] OSVDB ID : 41761 - Disclosed: 2008-01-30

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 41762 - Disclosed: 2008-01-30

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 40854 - Disclosed: 2008-01-30

Description:

(Description Provided by CVE) : Multiple SQL injection vulnerabilities in main.php in the WassUp plugin 1.4 through 1.4.3 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) from_date or (2) to_date parameter to spy.php.

[CLOSE] OSVDB ID : 43849 - Disclosed: 2008-01-30

Description:

(Description Provided by CVE) : Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9, when generating the HTTP Referer header, does not list the entire URL when it contains Basic Authentication credentials without a username, which makes it easier for remote attackers to bypass application protection mechanisms that rely on Referer headers, such as with some Cross-Site Request Forgery (CSRF) mechanisms.

[CLOSE] OSVDB ID : 41068 - Disclosed: 2008-01-30

Description:

(Description Provided by CVE) : The Comment Upload 4.7.x before 4.7.x-0.1 and 5.x before 5.x-0.1 module for Drupal does not properly use functions in the upload module, which allows remote attackers to bypass upload validation, and upload arbitrary files and possibly execute arbitrary code, via unspecified vectors.

[CLOSE] OSVDB ID : 42199 - Disclosed: 2008-01-30

Description:

(Description Provided by CVE) : Buffer overflow in url.c in MPlayer 1.0rc2 and SVN before r25823 allows remote attackers to execute arbitrary code via a crafted URL that prevents the IPv6 parsing code from setting a pointer to NULL, which causes the buffer to be reused by the unescape code.

[CLOSE] OSVDB ID : 42200 - Disclosed: 2008-01-30

Description:

(Description Provided by CVE) : Buffer overflow in stream_cddb.c in MPlayer 1.0rc2 and SVN before r25824 allows remote user-assisted attackers to execute arbitrary code via a CDDB database entry containing a long album title.

[CLOSE] OSVDB ID : 41069 - Disclosed: 2008-01-30

Description:

(Description Provided by CVE) : Unspecified vulnerability in the IP-authentication feature in the Secure Site 5.x-1.0 and 4.7.x-1.0 module for Drupal allows remote attackers to gain the privileges of a user who has authenticated from behind the same proxy server as the attacker.

[CLOSE] OSVDB ID : 42834 - Disclosed: 2008-01-30

Description:

(Description Provided by CVE) : Stack-based buffer overflow in Pierre-emmanuel Gougelet (1) XnView 1.91 and 1.92, (2) NConvert 4.85, and (3) libgfl280.dll in GFL SDK 2.870 for Windows allows user-assisted remote attackers to execute arbitrary code via a crafted Radiance RGBE (.hdr) file.

[CLOSE] OSVDB ID : 42150 - Disclosed: 2008-01-30

Description:

(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in the Project Issue Tracking module 5.x-2.x-dev before 20080130 in the 5.x-2.x series, 5.x-1.2 and earlier in the 5.x-1.x series, 4.7.x-2.6 and earlier in the 4.7.x-2.x series, and 4.7.x-1.6 and earlier in the 4.7.x-1.x series for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors that write to summary table pages.

[CLOSE] OSVDB ID : 42151 - Disclosed: 2008-01-30

Description:

(Description Provided by CVE) : The Project Issue Tracking module 5.x-2.x-dev before 20080130 in the 5.x-2.x series, 5.x-1.2 and earlier in the 5.x-1.x series, 4.7.x-2.6 and earlier in the 4.7.x-2.x series, and 4.7.x-1.6 and earlier in the 4.7.x-1.x series for Drupal (1) does not restrict the extensions of attached files when the Upload module is enabled for issue nodes, which allows remote attackers to upload and possibly execute arbitrary files; and (2) accepts the .html extension within the bundled file-upload functionality, which allows remote attackers to upload files containing arbitrary web script or HTML.

[CLOSE] OSVDB ID : 42832 - Disclosed: 2008-01-30

Description:

(Description Provided by CVE) : Stack-based buffer overflow in Pierre-emmanuel Gougelet (1) XnView 1.91 and 1.92, (2) NConvert 4.85, and (3) libgfl280.dll in GFL SDK 2.870 for Windows allows user-assisted remote attackers to execute arbitrary code via a crafted Radiance RGBE (.hdr) file.

[CLOSE] OSVDB ID : 42833 - Disclosed: 2008-01-30

Description:

(Description Provided by CVE) : Stack-based buffer overflow in Pierre-emmanuel Gougelet (1) XnView 1.91 and 1.92, (2) NConvert 4.85, and (3) libgfl280.dll in GFL SDK 2.870 for Windows allows user-assisted remote attackers to execute arbitrary code via a crafted Radiance RGBE (.hdr) file.

[CLOSE] OSVDB ID : 41685 - Disclosed: 2008-01-30

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 40775 - Disclosed: 2008-01-30

Description:

SoftCart contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'License_Plate', 'License_State', 'Ticket_Date', and 'Ticket_Number' variables upon submission to the 'SoftCart.exe' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 40779 - Disclosed: 2008-01-30

Description:

(Description Provided by CVE) : SQL injection vulnerability in adclick.php in the AdServe 0.2 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter.

[CLOSE] OSVDB ID : 40781 - Disclosed: 2008-01-30

Description:

(Description Provided by CVE) : PHP remote file inclusion vulnerability in spaw/dialogs/confirm.php in SQLiteManager 1.2.0 allows remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

[CLOSE] OSVDB ID : 40784 - Disclosed: 2008-01-30

Description:

(Description Provided by CVE) : PHP remote file inclusion vulnerability in templates/Official/part_userprofile.php in Connectix Boards 0.8.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the template_path parameter.

[CLOSE] OSVDB ID : 41067 - Disclosed: 2008-01-30

Description:

(Description Provided by CVE) : The OpenID 5.x-1.0 and earlier module for Drupal does not properly verify the claimed_id returned by an OpenID provider, which allows remote OpenID providers to spoof OpenID authentication for domains associated with other providers.

[CLOSE] OSVDB ID : 40824 - Disclosed: 2008-01-30

Description:

(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in index.php in webSPELL 4.01.02 allows remote attackers to inject arbitrary web script or HTML via the sort parameter in a whoisonline action.

[CLOSE] OSVDB ID : 40841 - Disclosed: 2008-01-30

Description:

(Description Provided by CVE) : The point moderation form in the Userpoints 4.7.x before 4.7.x-2.3, 5.x-2 before 5.x-2.16, and 5.x-3 before 5.x-3.3 module for Drupal does not follow Drupal's Forms API submission model, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and manipulate points.

[CLOSE] OSVDB ID : 40825 - Disclosed: 2008-01-30

Description:

(Description Provided by CVE) : Cross-site request forgery (CSRF) vulnerability in admin/admincenter.php in webSPELL 4.01.02 allows remote attackers to assign the superadmin privilege level to arbitrary accounts as administrators via an "update member" action.

[CLOSE] OSVDB ID : 40840 - Disclosed: 2008-01-30

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 40931 - Disclosed: 2008-01-30

Description:

(Description Provided by CVE) : The XML parsing code in Sun Java Runtime Environment JDK and JRE 6 Update 3 and earlier processes external entity references even when the "external general entities" property is false, which allows remote attackers to conduct XML external entity (XXE) attacks and cause a denial of service or access restricted resources.