| OSVDB ID | Disclosure Date | Title |
|---|
|
46821
Description:
(Description Provided by CVE) : SQL injection vulnerability in item.php in PHPAuction 3.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
2008-06-21
|
PHPauction item.php id Parameter SQL Injection
|
|
46849
Description:
(Description Provided by CVE) : SQL injection vulnerability in index.php in KbLance allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a comment action.
|
2008-06-21
|
KbLance index.php cat_id Parameter SQL Injection
|
|
48114
Description:
(Description Provided by CVE) : Integer overflow in the sctp_getsockopt_local_addrs_old function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) functionality in the Linux kernel before 2.6.25.9 allows local users to cause a denial of service (resource consumption and system outage) via vectors involving a large addr_num field in an sctp_getaddrs_old data structure.
|
2008-06-21
|
Linux Kernel SCTP net/sctp/socket.c sctp_getsockopt_local_addrs_old Function Local Overflow DoS
|
|
77236
Description:
Unknown / Incomplete
|
2008-06-21
|
FreeBSD ftpd PAM Multiple Method Account Enumeration
|
|
46540
Description:
(Description Provided by CVE) : Stack-based buffer overflow in NConvert 4.92, GFL SDK 2.82, and XnView 1.93.6 on Windows and 1.70 on Linux and FreeBSD allows user-assisted remote attackers to execute arbitrary code via a crafted format keyword in a Sun TAAC file.
|
2008-06-20
|
NConvert Sun TAAC File format Keyword Handling Overflow
|
|
46541
Description:
(Description Provided by CVE) : Stack-based buffer overflow in NConvert 4.92, GFL SDK 2.82, and XnView 1.93.6 on Windows and 1.70 on Linux and FreeBSD allows user-assisted remote attackers to execute arbitrary code via a crafted format keyword in a Sun TAAC file.
|
2008-06-20
|
GFL SDK Sun TAAC File format Keyword Handling Overflow
|
|
46539
Description:
(Description Provided by CVE) : Stack-based buffer overflow in NConvert 4.92, GFL SDK 2.82, and XnView 1.93.6 on Windows and 1.70 on Linux and FreeBSD allows user-assisted remote attackers to execute arbitrary code via a crafted format keyword in a Sun TAAC file.
|
2008-06-20
|
XnView Sun TAAC File format Keyword Handling Overflow
|
|
46563
Description:
(Description Provided by CVE) : The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check permissions before performing a chmod, which allows local users to modify the permissions of arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448 and CVE-2004-0452.
|
2008-06-20
|
Perl File::Path::rmtree lib/File/Path.pm Symlink Arbitrary File chmod
|
|
46537
Description:
(Description Provided by CVE) : Directory traversal vulnerability in the FTP client in AceBIT WISE-FTP 4.1.0 and 5.5.8 allows remote FTP servers to create or overwrite arbitrary files via a ..\ (dot dot backslash) in a response to a LIST command, a related issue to CVE-2002-1345.
|
2008-06-20
|
WISE-FTP Client LIST Command Handling Traversal Arbitrary File Write
|
|
46538
Description:
(Description Provided by CVE) : Directory traversal vulnerability in the FTP client in NCH Software Classic FTP 1.02 for Windows allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a response to a LIST command, a related issue to CVE-2002-1345.
|
2008-06-20
|
Classic FTP Client LIST Command Handling Traversal Arbitrary File Write
|
|
46550
Description:
(Description Provided by CVE) : Multiple integer overflows in the rb_str_buf_append function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors that trigger memory corruption, a different issue than CVE-2008-2663, CVE-2008-2664, and CVE-2008-2725. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. This CVE description should be regarded as authoritative, although it is likely to change.
|
2008-06-20
|
Ruby rb_str_buf_append Function Multiple Overflows
|
|
46551
Description:
(Description Provided by CVE) : Multiple integer overflows in the rb_ary_store function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors, a different issue than CVE-2008-2662, CVE-2008-2664, and CVE-2008-2725. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. The CVE description should be regarded as authoritative, although it is likely to change.
|
2008-06-20
|
Ruby rb_ary_store Function Multiple Overflows
|
|
46552
Description:
(Description Provided by CVE) : The rb_str_format function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allows context-dependent attackers to trigger memory corruption via unspecified vectors related to alloca, a different issue than CVE-2008-2662, CVE-2008-2663, and CVE-2008-2725. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. The CVE description should be regarded as authoritative, although it is likely to change.
|
2008-06-20
|
Ruby rb_str_format Function Unspecified Memory Corruption
|
|
46553
Description:
(Description Provided by CVE) : Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22; and (2) the rb_ary_replace function in 1.6.x allows context-dependent attackers to trigger memory corruption via unspecified vectors, aka the "REALLOC_N" variant, a different issue than CVE-2008-2662, CVE-2008-2663, and CVE-2008-2664. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. The CVE description should be regarded as authoritative, although it is likely to change.
|
2008-06-20
|
Ruby rb_ary_splice Function REALLOC_N Overflow
|
|
46554
Description:
A buffer overflow exists in Ruby. The rb_ary_splice function fails to validate unspecified data resulting in an integer overflow. With a specially crafted request, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.
|
2008-06-20
|
Ruby rb_ary_splice Function Overflow (beg + rlen)
|
|
46459
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in eLineStudio Site Composer (ESC) 2.6 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) topic and (2) button parameters to ansFAQ.asp and the (3) id and (4) txtEmail parameters to login.asp.
|
2008-06-20
|
eLineStudio Site Composer ansFAQ.asp Multiple Parameter XSS
|
|
46460
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in eLineStudio Site Composer (ESC) 2.6 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) topic and (2) button parameters to ansFAQ.asp and the (3) id and (4) txtEmail parameters to login.asp.
|
2008-06-20
|
eLineStudio Site Composer login.asp txtEmail Parameter XSS
|
|
46461
Description:
eLineStudio Site Composer contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'ansFAQ.asp' script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2008-06-20
|
eLineStudio Site Composer ansFAQ.asp id Parameter SQL Injection
|
|
46462
Description:
(Description Provided by CVE) : Multiple absolute path traversal vulnerabilities in eLineStudio Site Composer (ESC) 2.6 allow remote attackers to create or delete arbitrary directories via a full pathname in the inpCurrFolder parameter to (1) folderdel_.asp or (2) foldernew.asp in cms/assetmanager/.
|
2008-06-20
|
eLineStudio Site Composer cms/assetmanager/folderdel_.asp x Direct Request Arbitrary Directory Manipulation
|
|
46463
Description:
(Description Provided by CVE) : Multiple absolute path traversal vulnerabilities in eLineStudio Site Composer (ESC) 2.6 allow remote attackers to create or delete arbitrary directories via a full pathname in the inpCurrFolder parameter to (1) folderdel_.asp or (2) foldernew.asp in cms/assetmanager/.
|
2008-06-20
|
eLineStudio Site Composer cms/assetmanager/foldernew.asp Direct Request Arbitrary Directory Manipulation
|
|
46473
Description:
(Description Provided by CVE) : Directory traversal vulnerability in index.php in chaozz@work FubarForum 1.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
|
2008-06-20
|
FubarForum index.php page Parameter Traversal Local File Inclusion
|
|
46481
Description:
(Description Provided by CVE) : SQL injection vulnerability in index.php in eMuSOFT emuCMS 0.3 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a category action.
|
2008-06-20
|
emuCMS index.php cat_id Parameter SQL Injection
|
|
46503
Description:
(Description Provided by CVE) : SQL injection vulnerability in links-extern.php in CiBlog 3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
2008-06-20
|
CiBlog links-extern.php id Parameter SQL Injection
|
|
46521
Description:
eTicket contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'pri' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-06-20
|
eTicket index.php pri Parameter SQL Injection
|
|
46522
Description:
eTicket contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'open.php' script not properly sanitizing user-supplied input to the 'pri' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-06-20
|
eTicket open.php pri Parameter SQL Injection
|
|
46523
Description:
eTicket contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'open_raw.php' script not properly sanitizing user-supplied input to the 'pri' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-06-20
|
eTicket open_raw.php pri Parameter SQL Injection
|
|
46524
Description:
eTicket contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'newticket.php' script not properly sanitizing user-supplied input to the 'pri' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-06-20
|
eTicket newticket.php pri Parameter SQL Injection
|
|
46640
Description:
(Description Provided by CVE) : Stack-based buffer overflow in tmsnc allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an MSN packet with a UBX command containing a large UBX payload length field.
|
2008-06-20
|
tmsnc MSN Packet Handling Crafted UBX Command Remote Overflow
|
|
46818
Description:
(Description Provided by CVE) : Directory traversal vulnerability in index.php in FireAnt 1.3 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
|
2008-06-20
|
FireAnt index.php page Parameter Traversal Local File Inclusion
|
|
46846
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in viewforum.php in JaxUltraBB (JUBB) 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the forum parameter.
|
2008-06-20
|
JaxUltraBB (JUBB) viewforum.php forum Parameter XSS
|
|
46847
Description:
(Description Provided by CVE) : Directory traversal vulnerability in viewprofile.php in JaxUltraBB 2.0 and earlier allows remote attackers to read arbitrary local files via a .. (dot dot) in the user parameter. party information.
|
2008-06-20
|
JaxUltraBB (JUBB) viewprofile.php user Parameter Traversal Local File Inclusion
|
|
46907
Description:
eLineStudio Site Composer contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'preview.asp' script not properly sanitizing user-supplied input to the 'template_id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-06-20
|
eLineStudio Site Composer preview.asp template_id Parameter SQL Injection
|
|
53468
Description:
PHPAuctions contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'PHPAuctions.info' script not properly sanitizing user-supplied input to the 'auction_id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-06-20
|
PHPAuctions PHPAuctions.info auction_id Parameter SQL Injection
|
|
57814
Description:
(Description Provided by CVE) : Lightweight news portal (LNP) 1.0b does not properly restrict access to administrator functionality, which allows remote attackers to gain administrator privileges via direct requests to admin.php with the (1) potd_delete, (2) potd, (3) vote_update, (4) vote, or (5) modifynews actions.
|
2008-06-20
|
Lightweight news portal (LNP) admin.php Multiple Action Direct Request Admin Authentication Bypass
|
|
57815
Description:
Lightweight news portal (LNP) contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'photo' parameters upon submission to the 'show_photo.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2008-06-20
|
Lightweight news portal (LNP) show_photo.php photo Parameter XSS
|
|
57816
Description:
Lightweight news portal (LNP) contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'potd' parameters upon submission to the 'show_potd.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2008-06-20
|
Lightweight news portal (LNP) show_potd.php potd Parameter XSS
|
|
57817
Description:
Lightweight news portal (LNP) contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'Current Question' fields upon submission to the 'admin.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2008-06-20
|
Lightweight news portal (LNP) admin.php Current Question Field XSS
|
|
57877
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in Diigo Toolbar and Diigolet allows remote attackers to inject arbitrary web script or HTML via a public comment.
|
2008-06-20
|
Diigo Toolbar Public Comment XSS
|
|
57878
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in Diigo Toolbar and Diigolet allows remote attackers to inject arbitrary web script or HTML via a public comment.
|
2008-06-20
|
Diigolet Public Comment XSS
|
|
46545
Description:
Unknown / Incomplete
|
2008-06-19
|
HTML Purifier font-family CSS XSS
|
