[CLOSE] OSVDB ID : 51303 - Disclosed: 2008-12-29

Description:

(Description Provided by CVE) : Unrestricted file upload vulnerability in add.php in FlexPHPDirectory 0.0.1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in photo/.

[CLOSE] OSVDB ID : 54016 - Disclosed: 2008-12-29

Description:

(Description Provided by CVE) : SepCity Classified Ads stores the admin password in cleartext in data/classifieds.mdb, which allows context-dependent attackers to obtain sensitive information.

[CLOSE] OSVDB ID : 53188 - Disclosed: 2008-12-29

Description:

FlexPHPLink Pro contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the admin/index.php script not properly sanitizing user-supplied input to the 'checkuser' and 'checkpass' parameters. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 54144 - Disclosed: 2008-12-29

Description:

(Description Provided by CVE) : Static code injection vulnerability in admin/install.php in Flexcustomer 0.0.6 might allow remote attackers to inject arbitrary PHP code into const.inc.php via the installdbname parameter (aka the Database Name field). NOTE: the installation instructions specify deleting admin/install.php.

[CLOSE] OSVDB ID : 55945 - Disclosed: 2008-12-29

Description:

A buffer overflow exists in Sascam. The webcam server ActiveX control fails to validate data passed to the Get() method resulting in a stack overflow. With a specially crafted website, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 56280 - Disclosed: 2008-12-29

Description:

(Description Provided by CVE) : ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to access the contents of an arbitrary shopping cart via a modified cart_name parameter.

[CLOSE] OSVDB ID : 56917 - Disclosed: 2008-12-29

Description:

TaskDriver contains a flaw that may allow a malicious user to bypass admin authentication. The issue is triggered when a malicious user sets the auth cookie to 'fook:' followed by a valid username when accessing the profileedit.php script. It is possible that the flaw may allow administrative access resulting in a loss of confidentiality and integrity.

[CLOSE] OSVDB ID : 59059 - Disclosed: 2008-12-29

Description:

(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in ViewAction in Pentaho BI Server 1.7.0.1062 and earlier allows remote attackers to inject arbitrary web script or HTML via the outputType parameter.

[CLOSE] OSVDB ID : 51009 - Disclosed: 2008-12-28

Description:

PaxGallery Component for Joomla! contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.php script not properly sanitizing user-supplied input to the gid variable when "option" is set to "com_paxgallery". This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 52039 - Disclosed: 2008-12-28

Description:

MagpieRSS contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not sanitize the CDATA upon parsing the submitted RSS feed. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 53305 - Disclosed: 2008-12-28

Description:

(Description Provided by CVE) : Multiple untrusted search path vulnerabilities in pdfjam allow local users to gain privileges via a Trojan horse program in (1) the current working directory or (2) /var/tmp, related to the (a) pdf90, (b) pdfjoin, and (c) pdfnup scripts.

[CLOSE] OSVDB ID : 50990 - Disclosed: 2008-12-28

Description:

(Description Provided by CVE) : Buffer overflow in BreakPoint Software Hex Workshop 5.1.4 allows user-assisted attackers to cause a denial of service and possibly execute arbitrary code via a long mapping reference in a Color Mapping (.cmap) file.

[CLOSE] OSVDB ID : 50992 - Disclosed: 2008-12-28

Description:

MWP Blog System for PHP-Fusion contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'blog.php' script not properly sanitizing user-supplied input to the 'id' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 50994 - Disclosed: 2008-12-28

Description:

(Description Provided by CVE) : ForumApp 3.3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for (1) data/8690.mdb or (2) data/8690BAK.mdb.

[CLOSE] OSVDB ID : 50995 - Disclosed: 2008-12-28

Description:

(Description Provided by CVE) : ForumApp 3.3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for (1) data/8690.mdb or (2) data/8690BAK.mdb.

[CLOSE] OSVDB ID : 53187 - Disclosed: 2008-12-28

Description:

(Description Provided by CVE) : Unrestricted file upload vulnerability in submitlink.php in FlexPHPLink Pro 0.0.7 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the renamed file in linkphoto/.

[CLOSE] OSVDB ID : 51203 - Disclosed: 2008-12-28

Description:

DeluxeBB contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'pm.php' script not properly sanitizing user-supplied input to the delete* parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 51142 - Disclosed: 2008-12-28

Description:

(Description Provided by CVE) : CRLF injection vulnerability in xterm allows user-assisted attackers to execute arbitrary commands via LF (aka \n) characters surrounding a command name within a Device Control Request Status String (DECRQSS) escape sequence in a text file, a related issue to CVE-2003-0063 and CVE-2003-0071.

[CLOSE] OSVDB ID : 51074 - Disclosed: 2008-12-28

Description:

(Description Provided by CVE) : Stack-based buffer overflow in BulletProof FTP Client allows user-assisted attackers to execute arbitrary code via a .bps file (aka Session-File) with a long second line, possibly a related issue to CVE-2008-5753.

[CLOSE] OSVDB ID : 51077 - Disclosed: 2008-12-28

Description:

AlstraSoft Web Email Script Enterprise contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'id' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 51321 - Disclosed: 2008-12-28

Description:

(Description Provided by CVE) : Stack-based buffer overflow in IntelliTamper 2.07 and 2.08 allows remote attackers to execute arbitrary code via a MAP file containing a long URL, possibly a related issue to CVE-2006-2494.

[CLOSE] OSVDB ID : 51991 - Disclosed: 2008-12-28

Description:

(Description Provided by CVE) : OwenPoll 1.0 allows remote attackers to bypass authentication and obtain administrative access via a modified account name in the username cookie.

[CLOSE] OSVDB ID : 88044 - Disclosed: 2008-12-28

Description:

Open Auto Classifieds contains a weakness that may allow an attacker to hijack another user's web session after the user logs in via the env.inc.php script. No further details have been provided.

[CLOSE] OSVDB ID : 89363 - Disclosed: 2008-12-28

Description:

Foswiki contains a flaw that may lead to unauthorized disclosure of potentially sensitive information. The issue is triggered when the home topic of the registration form transmits password information in cleartext. This may allow a remote attacker to gain access to credential information when viewing the bullet points of the registration form.

[CLOSE] OSVDB ID : 52532 - Disclosed: 2008-12-26

Description:

(Description Provided by CVE) : Unspecified vulnerability in the X Inter Client Exchange library (aka libICE) in Sun Solaris 8 through 10 and OpenSolaris before snv_85 allows context-dependent attackers to cause a denial of service (application crash), as demonstrated by a port scan that triggers a segmentation violation in the Gnome session manager (aka gnome-session).

[CLOSE] OSVDB ID : 51010 - Disclosed: 2008-12-26

Description:

Perl Nopaste contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the language parameter upon submission to the index.pl script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 51007 - Disclosed: 2008-12-25

Description:

Mayaa contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate unspecified parameter(s) upon submission to the error page script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 51984 - Disclosed: 2008-12-25

Description:

Madrese-Portal contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the haber.asp script not properly sanitizing user-supplied input to the haber parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 52000 - Disclosed: 2008-12-25

Description:

Low Cost Hotels for Joomla! contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 51017 - Disclosed: 2008-12-25

Description:

TI Blog System Mod for PHP-Fusion contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'blog.php' script not properly sanitizing user-supplied input to the 'id' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 51006 - Disclosed: 2008-12-24

Description:

BloofoxCMS contains a flaw that allows a remote attacker to view files outside of the web path. The issue is due to the plugins/spaw2/dialogs/dialog.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the lang, theme, and module parameters.

[CLOSE] OSVDB ID : 51005 - Disclosed: 2008-12-24

Description:

mDigg Component for Joomla! contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.php script not properly sanitizing user-supplied input to the category parameter when "option" is set to "com_mdigg", "act" is set to "story_lists", and "task" is set to "view". This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 51004 - Disclosed: 2008-12-24

Description:

Live Ticker Component for Joomla! contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.php script not properly sanitizing user-supplied input to the tid parameter when "option" is set to "com_liveticker" and "task" is set to "viewticker". This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 50968 - Disclosed: 2008-12-24

Description:

(Description Provided by CVE) : Stack-based buffer overflow in BulletProof FTP Client 2.63 allows user-assisted attackers to execute arbitrary code via a bookmark file entry with a long host name.

[CLOSE] OSVDB ID : 50987 - Disclosed: 2008-12-24

Description:

Sun SNMP Management Agent contains a flaw that may allow a malicious local user to overwrite arbitrary files on the system. The issue is due to the agent creating temporary files insecurely. It is possible for a user to use a symlink style attack to manipulate arbitrary files, resulting in a loss of integrity.

[CLOSE] OSVDB ID : 51025 - Disclosed: 2008-12-24

Description:

(Description Provided by CVE) : Buffer overflow in SAWStudio 3.9i allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long SAWSTUDIO PREFERENCES STRUCT value in a .prf (preferences) file.

[CLOSE] OSVDB ID : 51052 - Disclosed: 2008-12-24

Description:

PHP-Fusion contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the submit.php script not properly sanitizing user-supplied input to the submit_info[] parameter when "stype" is set to "l" and "submit_link", "link_name", "link_url" and "link_description" are set to non-NULL values. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 51137 - Disclosed: 2008-12-24

Description:

(Description Provided by CVE) : Multiple unspecified vulnerabilities in SPIP 1.8 before 1.8.3b, 1.9 before 1.9.2g, and 2.0 before 2.0.2 have unknown impact and attack vectors.

[CLOSE] OSVDB ID : 51031 - Disclosed: 2008-12-24

Description:

(Description Provided by CVE) : Array index error in the imageRotate function in PHP 5.2.8 and earlier allows context-dependent attackers to read the contents of arbitrary memory locations via a crafted value of the third argument (aka the bgd_color or clrBack argument) for an indexed image.

[CLOSE] OSVDB ID : 51133 - Disclosed: 2008-12-24

Description:

(Description Provided by CVE) : Integer overflow in quartz.dll in the DirectShow framework in Microsoft Windows Media Player (WMP) 9, 10, and 11, including 11.0.5721.5260, allows remote attackers to cause a denial of service (application crash) via a crafted (1) WAV, (2) SND, or (3) MID file. NOTE: this has been incorrectly reported as a code-execution vulnerability. NOTE: it is not clear whether this issue is related to CVE-2008-4927.