| OSVDB ID | Disclosure Date | Title |
|
47294
Description:
An unspecified memory coruption flaw exists in Firebird. With a specially crafted 'EXECUTE STATEMENT,' an attacker can cause a server crash resulting in a loss of availability.
|
2008-05-31
|
Firebird 2 EXECUTE STATEMENT Memory Corruption DoS
|
|
45853
Description:
(Description Provided by CVE) : Directory traversal vulnerability in passwiki.php in PassWiki 0.9.16 RC3 and earlier allows remote attackers to read arbitrary local files via a .. (dot dot) in the site_id parameter.
|
2008-05-31
|
PassWiki passwiki.php site_id Parameter Traversal Local File Inclusion
|
|
45856
Description:
PrayerCenter Component for Joomla contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index2.php' script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-05-31
|
PrayerCenter Component for Joomla! index2.php id Parameter SQL Injection
|
|
45867
Description:
A remote overflow exists in freeSSHd. The freeSSHd fails to check the bounds on the opendir variable resulting in a stack overflow. With a specially crafted request, an attacker can cause the execution of arbitrary code resulting in a loss of integrity, and/or availability.
|
2008-05-31
|
freeSSHd SFTP Command Name Handling Overflow
|
|
45859
Description:
Social Site Generator contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'display_blog.php' script not properly sanitizing user-supplied input to the 'sgc_id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-05-31
|
Social Site Generator display_blog.php sgc_id Parameter SQL Injection
|
|
45858
Description:
TorrentTrader contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'scrape.php' script not properly sanitizing user-supplied input to the 'info_hash' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-05-31
|
TorrentTrader scrape.php info_hash Parameter SQL Injection
|
|
45866
Description:
(Description Provided by CVE) : LokiCMS 0.3.4 and possibly earlier versions does not properly restrict access to administrative functions, which allows remote attackers to bypass intended restrictions and modify configuration settings via the LokiACTION parameter in a direct request to admin.php.
|
2008-05-31
|
LokiCMS admin.php Direct Request Authentication Bypass
|
|
45860
Description:
(Description Provided by CVE) : Multiple SQL injection vulnerabilities in Social Site Generator (SSG) 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) sgc_id parameter to display_blog.php, (2) scm_mem_id parameter to social_my_profile_download.php, and the (3) catid parameter to social_forum_subcategories.php.
|
2008-05-31
|
Social Site Generator social_my_profile_download.php scm_mem_id Parameter SQL Injection
|
|
45861
Description:
Social Site Generator contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'social_forum_subcategories.php' script not properly sanitizing user-supplied input to the 'catid' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-05-31
|
Social Site Generator social_forum_subcategories.php catid Parameter SQL Injection
|
|
45862
Description:
(Description Provided by CVE) : Social Site Generator (SSG) 2.0 allows remote attackers to read arbitrary files via the file parameter to (1) filedload.php, (2) webadmin/download.php, and (3) webadmin/download_file.php.
|
2008-05-31
|
Social Site Generator filedload.php file Parameter Arbitrary File Access
|
|
45863
Description:
(Description Provided by CVE) : Social Site Generator (SSG) 2.0 allows remote attackers to read arbitrary files via the file parameter to (1) filedload.php, (2) webadmin/download.php, and (3) webadmin/download_file.php.
|
2008-05-31
|
Social Site Generator webadmin/download.php file Parameter Arbitrary File Access
|
|
45864
Description:
(Description Provided by CVE) : Social Site Generator (SSG) 2.0 allows remote attackers to read arbitrary files via the file parameter to (1) filedload.php, (2) webadmin/download.php, and (3) webadmin/download_file.php.
|
2008-05-31
|
Social Site Generator webadmin/download_file.php file Parameter Arbitrary File Access
|
|
45865
Description:
Social Site Generator contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'social_game_play.php' script not properly sanitizing user input supplied to the 'path' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.
|
2008-05-31
|
Social Site Generator social_game_play.php path Parameter Remote File Inclusion
|
|
45868
Description:
PsychoStats contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'weapon.php' script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-05-31
|
PsychoStats weapon.php id Parameter SQL Injection
|
|
45869
Description:
PsychoStats contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'map.php' script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-05-31
|
PsychoStats map.php id Parameter SQL Injection
|
|
45910
Description:
Bible Study Component for Joomla! contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-05-31
|
Bible Study Component for Joomla! index.php id Parameter SQL Injection
|
|
45911
Description:
OtomiGenX contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'userAccount' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-05-31
|
OtomiGenX index.php userAccount Parameter SQL Injection
|
|
45980
Description:
BP Blog contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'template_permalink.asp' script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-05-31
|
BP Blog template_permalink.asp id Parameter SQL Injection
|
|
45981
Description:
BP Blog contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'template_archives_cat.asp' script not properly sanitizing user-supplied input to the 'cat' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-05-31
|
BP Blog template_archives_cat.asp cat Parameter SQL Injection
|
|
48856
Description:
Unknown / Incomplete
|
2008-05-31
|
H2 Database Engine Char Array Cleartext Password Disclosure
|
|
88037
Description:
phpTraffic Acontains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the Php/Functions/log_function.php not properly sanitizing user-supplied input before using it in SQL queries. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2008-05-31
|
phpTrafficA Php/Functions/log_function.php SQL Injection
|
|
45892
Description:
(Description Provided by CVE) : Apple Safari on Mac OS X, and before 3.1.2 on Windows, does not prompt the user before downloading an object that has an unrecognized content type, which allows remote attackers to place malware into the (1) Desktop directory on Windows or (2) Downloads directory on Mac OS X, and subsequently allows remote attackers to execute arbitrary code on Windows by leveraging an untrusted search path vulnerability in (a) Internet Explorer 7 on Windows XP or (b) the SearchPath function in Windows XP, Vista, and Server 2003 and 2008, aka a "Carpet Bomb" and a "Blended Threat Elevation of Privilege Vulnerability," a different issue than CVE-2008-1032. NOTE: Apple considers this a vulnerability only because the Microsoft products can load application libraries from the desktop and, as of 20080619, has not covered the issue in an advisory for Mac OS X.
|
2008-05-30
|
Apple Safari on Mac OS X Default Download Location Unspecified Arbitrary Code Execution
|
|
45890
Description:
(Description Provided by CVE) : Heap-based buffer overflow in the VMware Host Guest File System (HGFS) in VMware Workstation 6 before 6.0.4 build 93057, VMware Player 2 before 2.0.4 build 93057, VMware ACE 2 before 2.0.2 build 93057, and VMware Fusion before 1.1.2 build 87978, when folder sharing is used, allows guest OS users to execute arbitrary code on the host OS via unspecified vectors.
|
2008-05-30
|
VMware Multiple Products Host Guest File System (HGFS) Shared Folders Feature Overflow
|
|
45891
Description:
(Description Provided by CVE) : Unspecified vulnerability in VMCI in VMware Workstation 6 before 6.0.4 build 93057, VMware Player 2 before 2.0.4 build 93057, and VMware ACE 2 before 2.0.2 build 93057 on Windows allows guest OS users to execute arbitrary code on the host OS via unspecified vectors.
|
2008-05-30
|
VMware Multiple Products VMCI Arbitrary Local Code Execution
|
|
51439
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in Opencosmo VisualSentinel 0.7 allows remote attackers to inject arbitrary web script or HTML via the User-Agent header ($_SERVER ['HTTP_USER_AGENT']), which is not properly handled when displaying log files.
|
2008-05-30
|
VisualSentinel user_useragent Log Injection XSS
|
|
45893
Description:
(Description Provided by CVE) : Plugin/passwordauth.pm (aka the passwordauth plugin) in ikiwiki 1.34 through 2.47 allows remote attackers to bypass authentication, and login to any account for which an OpenID identity is configured and a password is not configured, by specifying an empty password during the login sequence.
|
2008-05-30
|
ikiwiki Account Password Null Value Weakness
|
|
45883
Description:
(Description Provided by CVE) : The Sun Cluster Global File System in Sun Cluster 3.1 on Sun Solaris 8 through 10, when an underlying ufs filesystem is used, might allow local users to read data from arbitrary deleted files, or corrupt files in global filesystems, via unspecified vectors.
|
2008-05-30
|
Sun Cluster Global File System Arbitrary Deleted File Access
|
|
45884
Description:
(Description Provided by CVE) : The Sun Cluster Global File System in Sun Cluster 3.1 on Sun Solaris 8 through 10, when an underlying ufs filesystem is used, might allow local users to read data from arbitrary deleted files, or corrupt files in global filesystems, via unspecified vectors.
|
2008-05-30
|
Sun Cluster Global File System Unspecified Applications Data Integrity Issue
|
|
88036
Description:
IBM WebSphere Message Broker contains an unspecified flaw. No further details have been provided.
|
2008-05-30
|
IBM WebSphere Message Broker Unspecified Issue
|
|
45729
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in Kent Web Mart 1.61 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
2008-05-30
|
KENT-WEB Web Mart Unspecified XSS
|
|
45734
Description:
DVBBS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'login.asp' script not properly sanitizing user-supplied input to the 'username' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-05-30
|
DVBBS login.asp username Parameter SQL Injection
|
|
45857
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in Default.aspx in DotNetNuke 4.8.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
|
2008-05-30
|
DotNetNuke Default.aspx URL XSS
|
|
45916
Description:
HiveMaker Professional contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'cid' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-05-30
|
HiveMaker Professional index.php cid Parameter SQL Injection
|
|
45955
Description:
CMS Easyway contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'mid' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-05-30
|
CMS Easyway index.php mid Parameter SQL Injection
|
|
45978
Description:
PHP Visit Counter contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'read.php' script not properly sanitizing user-supplied input to the 'datespan' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-05-30
|
PHP Visit Counter read.php datespan Parameter SQL Injection
|
|
45979
Description:
EasyWay CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'mid' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-05-30
|
EasyWay CMS index.php mid Parameter SQL Injection
|
|
55777
Description:
Unknown / Incomplete
|
2008-05-29
|
GraphicsMagick coders/pict.c RLE Decoding Unspecified Overflow
|
|
53510
Description:
Unknown / Incomplete
|
2008-05-29
|
Apple Mac OS X Mail MIME Formatted Mail Long Line Handling DoS
|
|
53511
Description:
Unknown / Incomplete
|
2008-05-29
|
IBM Lotus Notes MIME Formatted Mail Long Line Handling DoS
|
|
45723
Description:
(Description Provided by CVE) : The default configuration of consolehelper in system-config-network before 1.5.10-1 on Fedora 8 lacks the USER=root directive, which allows local users of the workstation console to gain privileges and change the network configuration.
|
2008-05-29
|
system-config-network on Fedora Red Hat Linux Console User Unauthorized Network Setting Manipulation
|