| OSVDB ID | Disclosure Date | Title |
|---|
|
51585
Description:
WB News contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'news.php' script not properly sanitizing user input supplied to the 'config[installdir]' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.
|
2009-01-25
|
WB News news.php config[installdir] Parameter Remote File Inclusion
|
|
51586
Description:
WB News contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'base/News.php' script not properly sanitizing user input supplied to the 'config[installdir]' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.
|
2009-01-25
|
WB News base/News.php config[installdir] Parameter Remote File Inclusion
|
|
51587
Description:
WB News contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'base/SendFriend.php' script not properly sanitizing user input supplied to the 'config[installdir]' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.
|
2009-01-25
|
WB News base/SendFriend.php config[installdir] Parameter Remote File Inclusion
|
|
51588
Description:
WB News contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'base/Archive.php' script not properly sanitizing user input supplied to the 'config[installdir]' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.
|
2009-01-25
|
WB News base/Archive.php config[installdir] Parameter Remote File Inclusion
|
|
51589
Description:
WB News contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'base/Comments.php' script not properly sanitizing user input supplied to the 'config[installdir]' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.
|
2009-01-25
|
WB News base/Comments.php config[installdir] Parameter Remote File Inclusion
|
|
51595
Description:
Unknown / Incomplete
|
2009-01-25
|
ConPresso CMS _admin/frame_titel.php URL XSS
|
|
51635
Description:
(Description Provided by CVE) : Directory traversal vulnerability in upgrade/index.php in OpenGoo 1.1, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the form_data[script_class] parameter.
|
2009-01-25
|
OpenGoo upgrade/index.php form_data[script_class] Parameter Traversal Arbitrary File Access
|
|
51846
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in Phorum before 5.2.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
2009-01-25
|
Phorum Unspecified XSS
|
|
52013
Description:
Unknown / Incomplete
|
2009-01-25
|
MediaMonkey M3U File Handling Local Overflow
|
|
52012
Description:
Unknown / Incomplete
|
2009-01-25
|
Nokia Multimedia Player AVI File Handling DoS
|
|
78773
Description:
Unknown / Incomplete
|
2009-01-24
|
I2P Inbound Message Handling Latency-measuring Attack Weakness
|
|
52239
Description:
Unknown / Incomplete
|
2009-01-24
|
w3b|cms admin/index.php cms_admin Cookie Manipulation Admin Authentication Bypass
|
|
52240
Description:
Downloads Module for w3b|cms contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'includes/module/downloads/index.inc.php' script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2009-01-24
|
Downloads Module for w3b|cms includes/module/downloads/index.inc.php id Parameter SQL Injection
|
|
52241
Description:
News Module for w3b|cms contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'includes/module/news/index.inc.php' script not properly sanitizing user-supplied input to the 'action' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2009-01-24
|
News Module for w3b|cms includes/module/news/index.inc.php action Parameter SQL Injection
|
|
52242
Description:
Portfolio Module for w3b|cms contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'includes/module/portfolio/index.inc.php' script not properly sanitizing user-supplied input to the 'action' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2009-01-24
|
Portfolio Module for w3b|cms includes/module/portfolio/index.inc.php action Parameter SQL Injection
|
|
52243
Description:
Partner Module for w3b|cms contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'includes/module/partner/index.inc.php' script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2009-01-24
|
Partner Module for w3b|cms includes/module/partner/index.inc.php id Parameter SQL Injection
|
|
52244
Description:
Mediathek Module for w3b|cms contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'includes/module/mediathek/index.inc.php' script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2009-01-24
|
Mediathek Module for w3b|cms includes/module/mediathek/index.inc.php id Parameter SQL Injection
|
|
52245
Description:
Sitemap Module for w3b|cms contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'includes/module/sitemap/index.inc.php' script not properly sanitizing user-supplied input to the 'seite' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2009-01-24
|
Sitemap Module for w3b|cms includes/module/sitemap/index.inc.php seite Parameter SQL Injection
|
|
52246
Description:
Links Module for w3b|cms contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'includes/module/links/index.inc.php' script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2009-01-24
|
Links Module for w3b|cms includes/module/links/index.inc.php id Parameter SQL Injection
|
|
52247
Description:
Blog Module for w3b|cms contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'includes/module/blog/index.inc.php' script not properly sanitizing user-supplied input to the 'action' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2009-01-24
|
Blog Module for w3b|cms includes/module/blog/index.inc.php action Parameter SQL Injection
|
|
52248
Description:
Suche Module for w3b|cms contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'includes/module/suche/index.inc.php' script not properly sanitizing user-supplied input to the 'suchbegriff' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2009-01-24
|
Suche Module for w3b|cms includes/module/suche/index.inc.php suchbegriff Parameter SQL Injection
|
|
52249
Description:
Gallery Module for w3b|cms contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'includes/module/gallery/index.inc.php' script not properly sanitizing user-supplied input to the 'action' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2009-01-24
|
Gallery Module for w3b|cms includes/module/gallery/index.inc.php action Parameter SQL Injection
|
|
52078
Description:
VirtueMart contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.php script (when "option" is set to "com_virtuemart" and "page" is set to "shop.browse") not properly sanitizing user-supplied input to the DescOrderBy parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2009-01-24
|
VirtueMart index.php DescOrderBy Parameter SQL Injection
|
|
52079
Description:
VirtueMart contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.php script (when "option" is set to "com_virtuemart", "page" is set to "shipping.carrier_form", and "pshop_mode" is set to "admin") not properly sanitizing user-supplied input to the shipping_carrier_name and shipping_carrier_list_order parameters. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2009-01-24
|
VirtueMart index.php Multiple Parameter SQL Injection
|
|
52080
Description:
VirtueMart contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.php script (when "page" is set to "shipping.carrier_list", "func" is set to "carrierDelete", "option" is set to "com_virtuemart", and "vmtoken" is set to a valid value) not properly sanitizing user-supplied input to the shipping_carrier_id parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2009-01-24
|
VirtueMart index.php shipping_carrier_id Parameter SQL Injection
|
|
51653
Description:
(Description Provided by CVE) : drivers/firmware/dell_rbu.c in the Linux kernel before 2.6.27.13, and 2.6.28.x before 2.6.28.2, allows local users to cause a denial of service (system crash) via a read system call that specifies zero bytes from the (1) image_type or (2) packet_size file in /sys/devices/platform/dell_rbu/.
|
2009-01-24
|
Linux Kernel drivers/firmware/dell_rbu.c Zero-byte System Call Local DoS
|
|
51596
Description:
Unknown / Incomplete
|
2009-01-24
|
GLPI Unspecified SQL Injection
|
|
52937
Description:
(Description Provided by CVE) : CUPS on Mandriva Linux 2008.0, 2008.1, 2009.0, Corporate Server (CS) 3.0 and 4.0, and Multi Network Firewall (MNF) 2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pdf.log temporary file.
|
2009-01-24
|
CUPS on Mandriva Linux /tmp/pdf.log Temporary File Symlink Arbitrary File Overwrite
|
|
53533
Description:
(Description Provided by CVE) : Microsoft Windows XP, Server 2003 and 2008, and Vista exposes I/O activity measurements of all processes, which allows local users to obtain sensitive information, as demonstrated by reading the I/O Other Bytes column in Task Manager (aka taskmgr.exe) to estimate the number of characters that a different user entered at a runas.exe password prompt, related to a "benchmarking attack."
|
2009-01-24
|
Microsoft Windows Task Manager (taskmgr.exe) I/O Activity Local Information Disclosure
|
|
57107
Description:
Unknown / Incomplete
|
2009-01-23
|
Half-Life 2 SRCDS A2C_PRINT Remote Server Console Message Spoofing
|
|
52201
Description:
(Description Provided by CVE) : The audit_syscall_entry function in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass certain syscall audit configurations via crafted syscalls, a related issue to CVE-2009-0342 and CVE-2009-0343.
|
2009-01-23
|
Linux Kernel syscall Filtering 32/64-bit Switching Bypass
|
|
52641
Description:
(Description Provided by CVE) : Cross-domain vulnerability in the V8 JavaScript engine in Google Chrome before 1.0.154.46 allows remote attackers to bypass the Same Origin Policy via a crafted script that accesses another frame and reads its full URL and possibly other sensitive information, or modifies the URL of this frame.
|
2009-01-23
|
Google Chrome V8 JavaScript Engine Crafted Script Cross-domain Information Disclosure
|
|
51623
Description:
KEEP Toolkit contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the patUser.php script not properly sanitizing user-supplied input to the username and password parameters. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2009-01-23
|
KEEP Toolkit patUser.php Login Feature SQL Injection
|
|
53548
Description:
(Description Provided by CVE) : Unspecified vulnerability in futomi's CGI Cafe Fulltext search CGI 1.1.2 allows remote attackers to gain administrative privileges via unknown vectors.
|
2009-01-23
|
Futomis CGI Cafe Search CGI admin.cgi PasswdChange() Function Admin Password Reset Privilege Escalation
|
|
52027
Description:
LDF contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the login.asp script not properly sanitizing user-supplied input to the user parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2009-01-23
|
LDF login.asp user Parameter SQL Injection
|
|
52030
Description:
Lootan System contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the login.asp script not properly sanitizing user-supplied input to the username parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2009-01-23
|
Lootan System login.asp username Parameter SQL Injection
|
|
52003
Description:
Unknown / Incomplete
|
2009-01-23
|
Browser3D .sfs File Handling Local Overflow
|
|
51532
Description:
(Description Provided by CVE) : Heap-based buffer overflow in the CamImage.CamImage.1 ActiveX control in AxisCamControl.ocx in AXIS Camera Control 2.40.0.0 allows remote attackers to execute arbitrary code via a long image_pan_tilt property value.
|
2009-01-23
|
AXIS Camera Control CamImage.CamImage.1 ActiveX (AxisCamControl.ocx) image_pan_tilt Property Overflow
|
|
51566
Description:
EMC AutoStart contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when a specific DWORD value are sent to the Backbone service (ftbackbone.exe), which listens on TCP port 8042 by default. It is possible that the flaw may allow arbitrary execution of code with SYSTEM privileges, resulting in a loss of integrity.
|
2009-01-23
|
EMC AutoStart Backbone Engine (ftbackbone.exe) Arbitrary Code Execution
|
|
51571
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in Web Help Desk before 9.1.18 allows remote attackers to inject arbitrary web script or HTML via vectors related to "encoded JavaScript" and Helpdesk.woa.
|
2009-01-23
|
Web Help Desk Helpdesk.woa Encoded JavaScript XSS
|
