| OSVDB ID | Disclosure Date | Title |
|---|
|
46140
Description:
(Description Provided by CVE) : Todd Woolums ASP News Management 2.2 allows remote attackers to obtain news items via a direct request to (1) rss.asp, (2) viewheadings.asp, or (3) viewnews.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
|
2008-06-10
|
ASP News Management rss.asp Direct Request Information Disclosure
|
|
46141
Description:
(Description Provided by CVE) : Todd Woolums ASP News Management 2.2 allows remote attackers to obtain news items via a direct request to (1) rss.asp, (2) viewheadings.asp, or (3) viewnews.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
|
2008-06-10
|
ASP News Management viewheadings.asp Direct Request Information Disclosure
|
|
46142
Description:
(Description Provided by CVE) : Todd Woolums ASP News Management 2.2 allows remote attackers to obtain news items via a direct request to (1) rss.asp, (2) viewheadings.asp, or (3) viewnews.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
|
2008-06-10
|
ASP News Management viewnews.asp Direct Request Information Disclosure
|
|
46324
Description:
(Description Provided by CVE) : Multiple directory traversal vulnerabilities in ErfurtWiki R1.02b and earlier, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) ewiki_id and (2) ewiki_action parameters to fragments/css.php, and possibly the (3) id parameter to the default URI. NOTE: the default URI is site-specific but often performs an include_once of ewiki.php.
|
2008-06-10
|
ErfurtWiki /ewiki/fragments/css.php Multiple Variable Traversal Arbitrary File Disclosure
|
|
46325
Description:
(Description Provided by CVE) : Multiple directory traversal vulnerabilities in ErfurtWiki R1.02b and earlier, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) ewiki_id and (2) ewiki_action parameters to fragments/css.php, and possibly the (3) id parameter to the default URI. NOTE: the default URI is site-specific but often performs an include_once of ewiki.php.
|
2008-06-10
|
ErfurtWiki Default URI id Variable Traversal Arbitrary File Disclosure
|
|
46873
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in PHPEasyData 1.5.4 allow remote attackers to inject arbitrary web script or HTML via the (1) annuaire parameter to (a) last_records.php and (b) annuaire.php and the (2) by and (3) cat_id parameters to annuaire.php.
|
2008-06-10
|
PHPEasyData last_records.php annuaire Parameter XSS
|
|
46874
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in PHPEasyData 1.5.4 allow remote attackers to inject arbitrary web script or HTML via the (1) annuaire parameter to (a) last_records.php and (b) annuaire.php and the (2) by and (3) cat_id parameters to annuaire.php.
|
2008-06-10
|
PHPEasyData annuaire.php Multiple Parameter XSS
|
|
50361
Description:
Experts contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'answer.php' script not properly sanitizing user-supplied input to the 'question_id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-06-10
|
Experts answer.php question_id Parameter SQL Injection
|
|
50362
Description:
(Description Provided by CVE) : SQL injection vulnerability in content/forums/reply.asp in ASPPortal allows remote attackers to execute arbitrary SQL commands via the Topic_Id parameter.
|
2008-06-10
|
ASPPortal content/forums/reply.asp Topic_Id Parameter SQL Injection
|
|
50365
Description:
Yuhhu Superstar contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'view.topics.php' script not properly sanitizing user-supplied input to the 'board' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-06-10
|
Yuhhu Superstar view.topics.php board Parameter SQL Injection
|
|
53907
Description:
(Description Provided by CVE) : Todd Woolums ASP Download management script 1.03 does not require authentication for setupdownload.asp, which allows remote attackers to gain administrator privileges via a direct request.
|
2008-06-10
|
ASP Download Management Script setupdownload.asp Admin Authentication Bypass
|
|
59368
Description:
Unknown / Incomplete
|
2008-06-10
|
AOL Instant Messenger (AIM) sipXtapi.dll RTCP Sender Report Packet Remote Overflow
|
|
59369
Description:
AOL AIM is prone to an overflow condition. The sipXtapi.dll fails to properly sanitize user-supplied input resulting in a buffer overflow. With a specially crafted voice or video link, a remote attacker can potentially execute arbitrary code with the privileges of a user running the software.
|
2008-06-10
|
AOL Instant Messenger (AIM) sipXtapi.dll RTP Extension Length Header Remote Overflow
|
|
46207
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in Kronos webTA allow remote attackers to inject arbitrary web script or HTML via the description field to (1) servlet/com.threeis.webta.H710selProject and (2) servlet/com.threeis.webta.H720editProjectInfo. NOTE: BID:29610 states that the initial report was incorrect, but the reason for this conclusion is unknown.
|
2008-06-09
|
Kronos webTA com.threeis.webta.H710selProject Description Field XSS
|
|
46208
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in Kronos webTA allow remote attackers to inject arbitrary web script or HTML via the description field to (1) servlet/com.threeis.webta.H710selProject and (2) servlet/com.threeis.webta.H720editProjectInfo. NOTE: BID:29610 states that the initial report was incorrect, but the reason for this conclusion is unknown.
|
2008-06-09
|
Kronos webTA com.threeis.webta.H720editProjectInfo Description Field XSS
|
|
46262
Description:
(Description Provided by CVE) : The routine infrastructure component in IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP1 on Unix and Linux does not change the ownership of the db2fmp process, which has unknown impact and attack vectors.
|
2008-06-09
|
IBM DB2 Universal Database on *nix DB2FMP Process Ownership Switching Unspecified Issue
|
|
46263
Description:
(Description Provided by CVE) : Multiple stack-based buffer overflows in IBM DB2 9.1 before Fixpak 5 and 9.5 before Fixpak 1 allow remote attackers to cause a denial of service (system outage) via vectors related to (1) use of XQuery to issue statements; the (2) XMLQUERY, (3) XMLEXISTS, and (4) XMLTABLE statements; and the (5) sqlrlaka function.
|
2008-06-09
|
IBM DB2 Universal Database XQuery Statement Overflow
|
|
46267
Description:
(Description Provided by CVE) : Multiple stack-based buffer overflows in IBM DB2 9.1 before Fixpak 5 and 9.5 before Fixpak 1 allow remote attackers to cause a denial of service (system outage) via vectors related to (1) use of XQuery to issue statements; the (2) XMLQUERY, (3) XMLEXISTS, and (4) XMLTABLE statements; and the (5) sqlrlaka function.
|
2008-06-09
|
IBM DB2 Universal Database SQLRLAKA() Overflow
|
|
46268
Description:
Unknown / Incomplete
|
2008-06-09
|
IBM DB2 Universal Database sqlj.install_jar Administration Routine Overflow
|
|
46270
Description:
(Description Provided by CVE) : Unspecified vulnerability in the CLR stored procedure deployment from IBM Database Add-Ins for Visual Studio in the Visual Studio Net component in IBM DB2 9.1 before Fixpak 5 and 9.5 before Fixpak 2 allows remote authenticated users to execute arbitrary code via unknown vectors.
|
2008-06-09
|
IBM DB2 Universal Database Add-ins for Visual Studio CLR Stored Procedure Deployment Privilege Escalation
|
|
46271
Description:
(Description Provided by CVE) : Unspecified vulnerability in the DB2 Administration Server (DAS) in the Core DAS function component in IBM DB2 9.1 before Fixpak 5 allows local users to gain privileges, aka a "FILE CREATION VULNERABILITY." NOTE: this may be the same as CVE-2007-5664.
|
2008-06-09
|
IBM DB2 Universal Database Admin Server File Creation Unspecified Local Privilege Escalation
|
|
46264
Description:
(Description Provided by CVE) : Multiple stack-based buffer overflows in IBM DB2 9.1 before Fixpak 5 and 9.5 before Fixpak 1 allow remote attackers to cause a denial of service (system outage) via vectors related to (1) use of XQuery to issue statements; the (2) XMLQUERY, (3) XMLEXISTS, and (4) XMLTABLE statements; and the (5) sqlrlaka function.
|
2008-06-09
|
IBM DB2 Universal Database XMLQUERY Statement Overflow
|
|
46265
Description:
(Description Provided by CVE) : Multiple stack-based buffer overflows in IBM DB2 9.1 before Fixpak 5 and 9.5 before Fixpak 1 allow remote attackers to cause a denial of service (system outage) via vectors related to (1) use of XQuery to issue statements; the (2) XMLQUERY, (3) XMLEXISTS, and (4) XMLTABLE statements; and the (5) sqlrlaka function.
|
2008-06-09
|
IBM DB2 Universal Database XMLEXISTS Statement Overflow
|
|
46266
Description:
(Description Provided by CVE) : Multiple stack-based buffer overflows in IBM DB2 9.1 before Fixpak 5 and 9.5 before Fixpak 1 allow remote attackers to cause a denial of service (system outage) via vectors related to (1) use of XQuery to issue statements; the (2) XMLQUERY, (3) XMLEXISTS, and (4) XMLTABLE statements; and the (5) sqlrlaka function.
|
2008-06-09
|
IBM DB2 Universal Database XMLTABLE Statement Overflow
|
|
46269
Description:
Unknown / Incomplete
|
2008-06-09
|
IBM DB2 Universal Database sqlj.replace_jar Administration Routine Overflow
|
|
53482
Description:
(Description Provided by CVE) : GSC build 2067 and earlier relies on the client to enforce administrator privileges, which allows remote attackers to execute arbitrary administrator commands via a crafted packet.
|
2008-06-09
|
GSC Client Side Authentication Privileged Command Spoofing
|
|
46059
Description:
(Description Provided by CVE) : SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (8) Ingate Firewall 3.1.0 and later and SIParator 3.1.0 and later; (9) HP OpenView SNMP Emanate Master Agent 15.x; and possibly other products relies on the client to specify the HMAC length, which makes it easier for remote attackers to bypass SNMP authentication via a length value of 1, which only checks the first byte.
|
2008-06-09
|
Net-SNMP HMAC Authentication SNMPv3 Authentication Packet Spoofing
|
|
46060
Description:
(Description Provided by CVE) : SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (8) Ingate Firewall 3.1.0 and later and SIParator 3.1.0 and later; (9) HP OpenView SNMP Emanate Master Agent 15.x; and possibly other products relies on the client to specify the HMAC length, which makes it easier for remote attackers to bypass SNMP authentication via a length value of 1, which only checks the first byte.
|
2008-06-09
|
UCD-SNMP HMAC Authentication SNMPv3 Authentication Packet Spoofing
|
|
46053
Description:
Realm CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the '_includes/inc_routines.asp' script not properly sanitizing user-supplied input to the 'kwrd' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-06-09
|
Realm CMS _includes/inc_routines.asp kwrd Parameter SQL Injection
|
|
46046
Description:
Pilot Cart contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'pilot.asp' script not properly sanitizing user-supplied input to the 'article' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-06-09
|
Pilot Cart pilot.asp article Parameter SQL Injection
|
|
46047
Description:
Real-Estate-Website contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'location.asp' script not properly sanitizing user-supplied input to the 'location' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-06-09
|
Real-Estate-Website location.asp location Parameter SQL Injection
|
|
46048
Description:
Unknown / Incomplete
|
2008-06-09
|
Real-Estate-Website location.asp name Parameter XSS
|
|
46051
Description:
Powie pNews contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'shownews' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-06-09
|
Powie pNews index.php shownews Parameter SQL Injection
|
|
46054
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in _db/compact.asp in Realm CMS 2.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) CmpctedDB and (2) Boyut parameters.
|
2008-06-09
|
Realm CMS _db/compact.asp Multiple Parameter XSS
|
|
46055
Description:
(Description Provided by CVE) : Realm CMS 2.3 and earlier allows remote attackers to obtain sensitive information via a direct request to _db/compact.asp, which reveals the database path in an error message.
|
2008-06-09
|
Realm CMS _db/compact.asp Direct Request Path Disclosure
|
|
46056
Description:
(Description Provided by CVE) : _RealmAdmin/login.asp in Realm CMS 2.3 and earlier allows remote attackers to bypass authentication and access admin pages via certain modified cookies, probably including (1) cUserRole, (2) cUserName, and (3) cUserID.
|
2008-06-09
|
Realm CMS _RealmAdmin/login.asp Crafted Cookie Authentication Bypass
|
|
46128
Description:
Telephone Directory 2008 contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'edit1.php' script not properly sanitizing user-supplied input to the 'code' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-06-09
|
Telephone Directory 2008 edit1.php code Parameter SQL Injection
|
|
46129
Description:
Telephone Directory 2008 contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'view_more.php' script not properly sanitizing user-supplied input to the 'id' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-06-09
|
Telephone Directory 2008 view_more.php id Parameter SQL Injection
|
|
46130
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in edit1.php in Telephone Directory 2008 allows remote attackers to inject arbitrary web script or HTML via the action parameter.
|
2008-06-09
|
Telephone Directory 2008 edit1.php action Parameter XSS
|
|
46131
Description:
iJoomla News Portal Component for Joomla! contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'Itemid' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2008-06-09
|
iJoomla News Portal Component for Joomla! index.php Itemid Parameter SQL Injection
|
