[CLOSE] OSVDB ID : 52710 - Disclosed: 2008-11-28

Description:

(Description Provided by CVE) : mailscanner 4.68.8 and other versions before 4.74.16-1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the (1) f-prot-autoupdate, (2) clamav-autoupdate, (3) avast-autoupdate, and (4) f-prot-6-autoupdate scripts in /etc/MailScanner/autoupdate/; the (5) bitdefender-wrapper, (6) kaspersky-wrapper, (7) clamav-wrapper, and (8) rav-wrapper scripts in /etc/MailScanner/wrapper/; the (9) Quarantine.pm, (10) TNEF.pm, (11) MessageBatch.pm, (12) WorkArea.pm, and (13) SA.pm scripts in /usr/share/MailScanner/MailScanner/; (14) /usr/sbin/MailScanner; and (15) scripts that load the /etc/MailScanner/mailscanner.conf.with.mcp configuration file.

[CLOSE] OSVDB ID : 50381 - Disclosed: 2008-11-28

Description:

Bluo CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'id' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 88042 - Disclosed: 2008-11-28

Description:

IBM WebSphere Message Broker contains a flaw that is triggered when Access Control Lists (ACL) for V5 are not properly imported and implemented by the configuration manager when upgrading to V6. This can cause an administrator to believe that Access Control Lists (ACL) are running, when they are in-fact not.

[CLOSE] OSVDB ID : 54332 - Disclosed: 2008-11-28

Description:

Full Decent Camera Life (FDCL) contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'path' parameter upon submission to the 'folder.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 50387 - Disclosed: 2008-11-28

Description:

Ocean12 FAQ Manager Pro contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'default.asp' script not properly sanitizing user-supplied input to the 'ID' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 50388 - Disclosed: 2008-11-28

Description:

Active Photo Gallery contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the account.asp script not properly sanitizing user-supplied input to the 'username' and 'password' parameters. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 50383 - Disclosed: 2008-11-28

Description:

Basic PHP CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 50389 - Disclosed: 2008-11-28

Description:

Active Trade contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the account.asp script not properly sanitizing user-supplied input to the 'username' and 'password' parameters. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 50390 - Disclosed: 2008-11-28

Description:

Active Newsletter contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the SubscriberStart.asp script not properly sanitizing user-supplied input to the 'email' and 'password' parameters. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 50391 - Disclosed: 2008-11-28

Description:

Active Votes contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'VoteHistory.asp' script not properly sanitizing user-supplied input to the 'AccountID' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 50401 - Disclosed: 2008-11-28

Description:

Active Price Comparison contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'reviews.aspx' script not properly sanitizing user-supplied input to the 'ProductID' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 50379 - Disclosed: 2008-11-28

Description:

ASPReferral contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'Merchantsadd.asp' script not properly sanitizing user-supplied input to the 'AccountID' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 50492 - Disclosed: 2008-11-28

Description:

Active Membership contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the account.asp script not properly sanitizing user-supplied input to the 'username' and 'password' parameters. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 50494 - Disclosed: 2008-11-28

Description:

(Description Provided by CVE) : Integer overflow in the _cupsImageReadPNG function in CUPS 1.1.17 through 1.3.9 allows remote attackers to execute arbitrary code via a PNG image with a large height value, which bypasses a validation check and triggers a buffer overflow.

[CLOSE] OSVDB ID : 50583 - Disclosed: 2008-11-28

Description:

(Description Provided by CVE) : Buffer overflow in the ReadEmbeddedTextTag function in src/cmsio1.c in Little cms color engine (aka lcms) before 1.16 allows attackers to have an unknown impact via vectors related to a length parameter inconsistency involving the contents of "the input file," a different vulnerability than CVE-2007-2741.

[CLOSE] OSVDB ID : 50584 - Disclosed: 2008-11-28

Description:

(Description Provided by CVE) : Integer signedness error in the cmsAllocGamma function in src/cmsgamma.c in Little cms color engine (aka lcms) before 1.17 allows attackers to have an unknown impact via a file containing a certain "number of entries" value, which is interpreted improperly, leading to an allocation of insufficient memory.

[CLOSE] OSVDB ID : 50834 - Disclosed: 2008-11-28

Description:

Active Price Comparison contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'reviews.aspx' script not properly sanitizing user-supplied input to the 'ProductID' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 50836 - Disclosed: 2008-11-28

Description:

CMS little contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'term' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 54619 - Disclosed: 2008-11-28

Description:

Venalsur Booking Centre Booking System for Hotels Group contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the admin/checklogin.php script not properly sanitizing user-supplied input to the 'myusername' and 'password' parameters. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 57358 - Disclosed: 2008-11-28

Description:

All Club CMS contains a flaw that may lead to an unauthorized information disclosure.  The issue is triggered when a malicious user directly requests accms.dat, which will disclose database credential information resulting in a loss of confidentiality.

[CLOSE] OSVDB ID : 57400 - Disclosed: 2008-11-28

Description:

SailPlanner contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the login page not properly sanitizing user-supplied input to the 'username' and 'password' fields. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 57465 - Disclosed: 2008-11-28

Description:

(Description Provided by CVE) : Multiple SQL injection vulnerabilities in ReVou Micro Blogging Twitter clone allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields.

[CLOSE] OSVDB ID : 50459 - Disclosed: 2008-11-27

Description:

(Description Provided by CVE) : Unrestricted file upload vulnerability in user.modify.profile.php in Kalptaru Infotech Ltd. Star Articles 6.0 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a profile photo, then accessing it via a direct request to the file in authorphoto/.

[CLOSE] OSVDB ID : 50318 - Disclosed: 2008-11-27

Description:

Ocean12 Membership Manager Pro contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the login.asp script not properly sanitizing user-supplied input to the Username and Password parameters. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 50316 - Disclosed: 2008-11-27

Description:

Ocean12 Contact Manager Pro contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'default.asp' script not properly sanitizing user-supplied input to the 'Sort' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 50317 - Disclosed: 2008-11-27

Description:

Ocean12 Contact Manager Pro contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the DisplayFormat parameter upon submission to the default.asp script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 50315 - Disclosed: 2008-11-27

Description:

Turnkey Arcade Script contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.php script not properly sanitizing user-supplied input to the id parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 50314 - Disclosed: 2008-11-27

Description:

FamilyProject contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.php script not properly sanitizing user-supplied input to the logmbr and mdpmbr parameters. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 50215 - Disclosed: 2008-11-27

Description:

(Description Provided by CVE) : Buffer overflow in ndp in IBM AIX 6.1.0 through 6.1.2, when the netcd daemon is running, allows local users to gain privileges via unspecified vectors.

[CLOSE] OSVDB ID : 50216 - Disclosed: 2008-11-27

Description:

(Description Provided by CVE) : Buffer overflow in autoconf6 in IBM AIX 6.1.0 through 6.1.2, when Role-Based Access Control is enabled, allows local users with aix.network.config.tcpip authorization to gain privileges via unspecified vectors.

[CLOSE] OSVDB ID : 50217 - Disclosed: 2008-11-27

Description:

(Description Provided by CVE) : enq in bos.rte.printers in IBM AIX 6.1.0 through 6.1.2, when a print queue is defined in /etc/qconfig, allows local users to delete arbitrary files via unspecified vectors.

[CLOSE] OSVDB ID : 50218 - Disclosed: 2008-11-27

Description:

(Description Provided by CVE) : crontab in bos.rte.cron in IBM AIX 6.1.0 through 6.1.2 allows local users with aix.system.config.cron authorization to gain privileges by launching an editor.

[CLOSE] OSVDB ID : 50313 - Disclosed: 2008-11-27

Description:

RakhiSoftware Shopping Cart contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the product.php script not properly sanitizing user-supplied input to the subcategory_id variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 50230 - Disclosed: 2008-11-27

Description:

(Description Provided by CVE) : smbd in Samba 3.0.29 through 3.2.4 might allow remote attackers to read arbitrary memory and cause a denial of service via crafted (1) trans, (2) trans2, and (3) nttrans requests, related to a "cut&paste error" that causes an improper bounds check to be performed.

[CLOSE] OSVDB ID : 52206 - Disclosed: 2008-11-27

Description:

(Description Provided by CVE) : The dba_replace function in PHP 5.2.6 and 4.x allows context-dependent attackers to cause a denial of service (file truncation) via a key with the NULL byte. NOTE: this might only be a vulnerability in limited circumstances in which the attacker can modify or add database entries but does not have permissions to truncate the file.

[CLOSE] OSVDB ID : 50232 - Disclosed: 2008-11-27

Description:

(Description Provided by CVE) : Format string vulnerability in MemeCode Software i.Scribe 1.88 through 2.00 before Beta9 allows remote SMTP servers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in a server response, which is not properly handled "when displaying the signon message."

[CLOSE] OSVDB ID : 50235 - Disclosed: 2008-11-27

Description:

(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in Subtext 2.0 allows remote attackers to inject arbitrary web script or HTML via a comment, related to "the feature which converts URLs to anchor tags."

[CLOSE] OSVDB ID : 50325 - Disclosed: 2008-11-27

Description:

(Description Provided by CVE) : RakhiSoftware Price Comparison Script (aka Shopping Cart) allows remote attackers to obtain sensitive information via an invalid PHPSESSID cookie, which reveals the installation path in an error message.

[CLOSE] OSVDB ID : 50326 - Disclosed: 2008-11-27

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in product.php in RakhiSoftware Price Comparison Script (aka Shopping Cart) allow remote attackers to inject arbitrary web script or HTML via the (1) category_id and (2) subcategory_id parameters.

[CLOSE] OSVDB ID : 50833 - Disclosed: 2008-11-27

Description:

TxtBlog contains a flaw that allows a remote attacker to traverse outside of a restricted path. The issue is due to the 'index.php' script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied via the 'm' parameter. This directory traversal attack would allow the attacker to access arbitrary files.