| OSVDB ID | Disclosure Date | Title |
|---|
|
73465
Description:
(Description Provided by CVE) : Monkey's Audio before 4.02 allows remote attackers to cause a denial of service (application crash) via a malformed APE file.
|
2009-01-19
|
Monkey's Audio APE File Corruption Decoder Crash DoS
|
|
51499
Description:
SCMS Simple Content Management System contains a flaw that allows a remote attacker to view files outside of the web path. The issue is due to the index.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the p parameter.
|
2009-01-18
|
SCMS Simple Content Management System index.php p Parameter Traversal Local File Inclusion
|
|
53551
Description:
(Description Provided by CVE) : Integer overflow in Ralink Technology USB wireless adapter (RT73) 3.08 for Windows, and other wireless card drivers including rt2400, rt2500, rt2570, and rt61, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Probe Request packet with a long SSID, possibly related to an integer signedness error.
|
2009-01-18
|
Ralink Technology USB Wireless Adapter (RT73) Probe Request Packet SSID Handling Remote Overflow
|
|
51611
Description:
(Description Provided by CVE) : listing.php in WebSVN 2.0 and possibly 1.7 beta, when using an SVN authz file, allows remote authenticated users to read changelogs or diffs for restricted projects via a modified repname parameter.
|
2009-01-18
|
WebSVN listing.php repname Parameter Remote File Access
|
|
51455
Description:
(Description Provided by CVE) : ROBS-PROJECTS Digital Sales IPN (aka DS-IPN.NET or DS-IPN Paypal Shop) stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing user credentials via a direct request for Database/Sales.mdb.
|
2009-01-18
|
Digital Sales IPN Database/Sales.mdb Direct Request Admin Credentials Disclosure
|
|
51473
Description:
Unknown / Incomplete
|
2009-01-18
|
PHPads ads.dat Direct Request Admin Credentials Hash Disclosure
|
|
51470
Description:
(Description Provided by CVE) : Directory traversal vulnerability in entries/index.php in Ninja Blog 4.8, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the cat parameter.
|
2009-01-18
|
Ninja Blog entries/index.php cat Parameter Traversal Arbitrary File Access
|
|
51474
Description:
PHPads contains a flaw that allows a remote cross site scripting (XSS) attack. This flaw exists because the application does not validate the 'ad_name' parameter upon submission to the 'admin.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2009-01-18
|
PHPads admin.php ad_name Parameter XSS
|
|
51671
Description:
(Description Provided by CVE) : Directory traversal vulnerability in gallery/comment.php in Enhanced Simple PHP Gallery (ESPG) 1.72 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. NOTE: the vulnerability may be in my little homepage Comment script. If so, then this should not be treated as a vulnerability in ESPG.
|
2009-01-18
|
Enhanced Simple PHP Gallery gallery/comment.php file Parameter Traversal Arbitrary File Access
|
|
57423
Description:
Expat contains a flaw in the handling of XML files that may allow a remote denial of service. The issue is due to an error within the updatePosition() function in lib/xmltok_impl.c. With a specially crafted XML file, a context-dependent attacker can cause the application that uses the library to crash.
|
2009-01-17
|
Expat XML Parser Malformed UTF-8 Sequence Handling DoS
|
|
59737
Description:
Expat contains a flaw in the handling XML files that may allow a remote denial of service. The issue is due to the 'updatePosition()' function in lib/xmltok_impl.c. With a specially crafted XML file containing malformed UTF-8 sequences, a context-dependent attacker can cause the service to crash.
|
2009-01-17
|
Expat libexpat lib/xmltok_impl.c updatePosition Function UTF-8 XML Document Handling Overflow DoS
|
|
57424
Description:
Unknown / Incomplete
|
2009-01-17
|
Python expat Module (xml.parsers.expat) Malformed UTF-8 Sequence Handling DoS
|
|
51501
Description:
(Description Provided by CVE) : Memory leak in the keyctl_join_session_keyring function (security/keys/keyctl.c) in Linux kernel 2.6.29-rc2 and earlier allows local users to cause a denial of service (kernel memory consumption) via unknown vectors related to a "missing kfree."
|
2009-01-17
|
Linux Kernel security/keys/keyctl.c keyctl_join_session_keyring Function Local DoS
|
|
55650
Description:
Unknown / Incomplete
|
2009-01-16
|
Excel Viewer OCX ActiveX Unspecified Overflow DoS
|
|
51500
Description:
ActionCalendar contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the admin.asp script not properly sanitizing user-supplied input to the pass parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2009-01-16
|
ActionCalendar admin.asp pass Parameter SQL Injection
|
|
51562
Description:
BibCiter contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'reports/projects.php' script not properly sanitizing user-supplied input to the 'idp' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2009-01-16
|
BibCiter reports/projects.php idp Parameter SQL Injection
|
|
51563
Description:
BibCiter contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'reports/contacts.php' script not properly sanitizing user-supplied input to the 'idc' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2009-01-16
|
BibCiter reports/contacts.php idc Parameter SQL Injection
|
|
51564
Description:
BibCiter contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'reports/users.php' script not properly sanitizing user-supplied input to the 'idu' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2009-01-16
|
BibCiter reports/users.php idu Parameter SQL Injection
|
|
51620
Description:
eFAQ contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the default.asp script not properly sanitizing user-supplied input to the str_Login and str_Password parameters. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2009-01-16
|
eFAQ default.asp Multiple Parameter SQL Injection
|
|
51617
Description:
Blog Manager contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the inc_webblogmanager.asp script not properly sanitizing user-supplied input to the ItemID parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2009-01-16
|
Blog Manager inc_webblogmanager.asp ItemID Parameter SQL Injection
|
|
51618
Description:
Blog Manager contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the CategoryID parameter upon submission to the inc_webblogmanager.asp script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2009-01-16
|
Blog Manager inc_webblogmanager.asp CategoryID Parameter XSS
|
|
51493
Description:
Unknown / Incomplete
|
2009-01-16
|
AJ Classifieds Real Estate Image Upload Feature Unrestricted File Upload Arbitrary PHP Code Execution
|
|
51494
Description:
Unknown / Incomplete
|
2009-01-16
|
AJ Classifieds Personals Image Upload Feature Unrestricted File Upload Arbitrary PHP Code Execution
|
|
51495
Description:
Unknown / Incomplete
|
2009-01-16
|
AJ Classifieds Merchandise Image Upload Feature Unrestricted File Upload Arbitrary PHP Code Execution
|
|
52197
Description:
(Description Provided by CVE) : The inotify_read function in the Linux kernel 2.6.27 to 2.6.27.13, 2.6.28 to 2.6.28.2, and 2.6.29-rc3 allows local users to cause a denial of service (OOPS) via a read with an invalid address to an inotify instance, which causes the device's event list mutex to be unlocked twice and prevents proper synchronization of a data structure for the inotify instance.
|
2009-01-16
|
Linux Kernel fs/notify/inotify/inotify_user.c inotify_read() List Mutex Unlocking DoS
|
|
51401
Description:
Visuplay CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'news_article.php' script not properly sanitizing user-supplied input to the 'press_id' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2009-01-16
|
Visuplay CMS news_article.php press_id Parameter SQL Injection
|
|
51456
Description:
eReservations contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the default.asp script not properly sanitizing user-supplied input to the 'Login' and 'Password' parameters. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2009-01-16
|
eReservations default.asp Multiple Parameter SQL Injection
|
|
51457
Description:
(Description Provided by CVE) : SQL injection vulnerability in index.asp in Katy Whitton BlogIt! allows remote attackers to execute arbitrary SQL commands via the day parameter in an archive action.
|
2009-01-16
|
BlogIt! index.asp Multiple Parameter SQL Injection
|
|
51453
Description:
Ping IP contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the login.aspx script not properly sanitizing user-supplied input to the 'txtUserName' and 'txtPassword' parameters. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2009-01-16
|
Ping IP login.aspx Multiple Parameter SQL Injection
|
|
51454
Description:
Unknown / Incomplete
|
2009-01-16
|
MetaProducts MetaTreeX SaveToBMP.MetaTreeX ActiveX (MTXControl.OCX) Multiple Method Arbitrary File Overwrite
|
|
53509
Description:
(Description Provided by CVE) : ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
|
2009-01-16
|
Sophos Anti-Virus Remote Management System (RMS) TAO GIOP Message Handling DoS
|
|
51458
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in index.asp in Katy Whitton BlogIt! allows remote attackers to inject arbitrary web script or HTML via the view parameter.
|
2009-01-16
|
BlogIt! index.asp view Parameter XSS
|
|
51533
Description:
RankEm contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'siteID' parameters upon submission to the 'rankup.asp' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2009-01-16
|
RankEm rankup.asp siteID Parameter XSS
|
|
51534
Description:
(Description Provided by CVE) : Katy Whitton RankEm stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing credentials via a direct request for database/topsites.mdb.
|
2009-01-16
|
RankEm database/topsites.mdb Direct Request Credentials Disclosure
|
|
51640
Description:
Walking Club contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the login.aspx script not properly sanitizing user-supplied input to the 'username' and 'password' parameters. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2009-01-16
|
Walking Club login.aspx Multiple Parameter SQL Injection
|
|
51668
Description:
(Description Provided by CVE) : Multiple directory traversal vulnerabilities in Simple PHP Newsletter 1.5 allow remote attackers to read arbitrary files via a .. (dot dot) in the olang parameter to (1) mail.php and (2) mailbar.php.
|
2009-01-16
|
Simple PHP Newsletter mail.php olang Parameter Traversal Arbitrary File Access
|
|
51669
Description:
(Description Provided by CVE) : Multiple directory traversal vulnerabilities in Simple PHP Newsletter 1.5 allow remote attackers to read arbitrary files via a .. (dot dot) in the olang parameter to (1) mail.php and (2) mailbar.php.
|
2009-01-16
|
Simple PHP Newsletter mailbar.php olang Parameter Traversal Arbitrary File Access
|
|
51670
Description:
(Description Provided by CVE) : Katy Whitton BlogIt! stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing user credentials via a direct request for database/Blog.mdb. NOTE: some of these details are obtained from third party information.
|
2009-01-16
|
BlogIt! database/Blog.mdb Direct Request Credentials Disclosure
|
|
51764
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in Active Bids allow remote attackers to inject arbitrary web script or HTML via the (1) search parameter to search.asp and the (2) URL parameter to tellafriend.asp.
|
2009-01-16
|
Active Bids search.asp search Parameter XSS
|
|
51765
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in Active Bids allow remote attackers to inject arbitrary web script or HTML via the (1) search parameter to search.asp and the (2) URL parameter to tellafriend.asp.
|
2009-01-16
|
Active Bids tellafriend.asp URL Parameter XSS
|
