| OSVDB ID | Disclosure Date | Title |
|---|
|
55287
Description:
(Description Provided by CVE) : Absolute path traversal vulnerability in cvs.php in OCS Inventory NG before 1.02.1 on Unix allows remote attackers to read arbitrary files via a full pathname in the log parameter.
|
2009-06-02
|
OCS Inventory NG on Unix cvs.php log Parameter Absolute Path Arbitrary File Access
|
|
59044
Description:
Unknown / Incomplete
|
2009-06-02
|
Google Chrome SSL Renegotiation Remote DoS
|
|
60790
Description:
Flashlight contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'admin.php' script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'action' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.
|
2009-06-02
|
Flashlight admin.php action Parameter Traversal Local File Inclusion
|
|
60791
Description:
Flashlight contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'read.php' script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2009-06-02
|
Flashlight read.php id Parameter SQL Injection
|
|
66140
Description:
Unknown / Incomplete
|
2009-06-02
|
XMLNuke Multiple Unspecified Issues
|
|
61627
Description:
phpMyFAQ contains a flaw that allows a remote cross site scripting (XSS) attack. This flaw exists because the application does not validate the 'faqusername'' parameter upon submission to the 'admin/index.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2009-06-02
|
phpMyFAQ admin/index.php faqusername Parameter XSS
|
|
66141
Description:
Unknown / Incomplete
|
2009-06-02
|
XMLNuke File System Access Unspecified Issue
|
|
66142
Description:
Unknown / Incomplete
|
2009-06-02
|
XMLNuke ProcessPageState Object Unspecified Issue
|
|
67386
Description:
Unknown / Incomplete
|
2009-06-02
|
Podcast Generator core/admin/delete.php GLOBALS[absoluteurl] Parameter Remote File Inclusion
|
|
67387
Description:
Unknown / Incomplete
|
2009-06-02
|
Podcast Generator core/admin/admin.php GLOBALS[absoluteurl] Parameter Remote File Inclusion
|
|
67388
Description:
Unknown / Incomplete
|
2009-06-02
|
Podcast Generator core/admin/categories.php GLOBALS[absoluteurl] Parameter Remote File Inclusion
|
|
67389
Description:
Unknown / Incomplete
|
2009-06-02
|
Podcast Generator core/admin/categories_add.php GLOBALS[absoluteurl] Parameter Remote File Inclusion
|
|
67390
Description:
Unknown / Incomplete
|
2009-06-02
|
Podcast Generator core/admin/categories_remove.php GLOBALS[absoluteurl] Parameter Remote File Inclusion
|
|
67391
Description:
Unknown / Incomplete
|
2009-06-02
|
Podcast Generator core/admin/createconfig.php GLOBALS[absoluteurl] Parameter Remote File Inclusion
|
|
67392
Description:
Unknown / Incomplete
|
2009-06-02
|
Podcast Generator core/admin/edit.php GLOBALS[absoluteurl] Parameter Remote File Inclusion
|
|
67393
Description:
Unknown / Incomplete
|
2009-06-02
|
Podcast Generator core/admin/editdel.php GLOBALS[absoluteurl] Parameter Remote File Inclusion
|
|
67395
Description:
Unknown / Incomplete
|
2009-06-02
|
Podcast Generator core/admin/feedgenerate.php GLOBALS[absoluteurl] Parameter Remote File Inclusion
|
|
67396
Description:
Unknown / Incomplete
|
2009-06-02
|
Podcast Generator core/admin/ftpfeature.php GLOBALS[absoluteurl] Parameter Remote File Inclusion
|
|
67397
Description:
Unknown / Incomplete
|
2009-06-02
|
Podcast Generator core/admin/itunescategories.php GLOBALS[absoluteurl] Parameter Remote File Inclusion
|
|
67398
Description:
Unknown / Incomplete
|
2009-06-02
|
Podcast Generator core/admin/login.php GLOBALS[absoluteurl] Parameter Remote File Inclusion
|
|
67399
Description:
Unknown / Incomplete
|
2009-06-02
|
Podcast Generator core/admin/pgRSSnews.php GLOBALS[absoluteurl] Parameter Remote File Inclusion
|
|
67400
Description:
Unknown / Incomplete
|
2009-06-02
|
Podcast Generator core/admin/podcastdetails.php GLOBALS[absoluteurl] Parameter Remote File Inclusion
|
|
67401
Description:
Unknown / Incomplete
|
2009-06-02
|
Podcast Generator core/admin/upload.php GLOBALS[absoluteurl] Parameter Remote File Inclusion
|
|
67402
Description:
Podcast Generator contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'core/admin/showcat.php' script not properly sanitizing user input supplied to the 'GLOBALS[absoluteurl]' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.
|
2009-06-02
|
Podcast Generator core/admin/showcat.php GLOBALS[absoluteurl] Parameter Remote File Inclusion
|
|
67403
Description:
Podcast Generator contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'core/includes.php' script not properly sanitizing user input supplied to the 'GLOBALS[absoluteurl]' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.
|
2009-06-02
|
Podcast Generator core/includes.php GLOBALS[absoluteurl] Parameter Remote File Inclusion
|
|
58009
Description:
(Description Provided by CVE) : Unspecified vulnerability in OpenOffice.org (OOo) has unspecified impact and remote attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.9. NOTE: as of 20091005, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
|
2009-06-01
|
OpenOffice.org (OOo) on Windows Unspecified Client-side Issue
|
|
57876
Description:
(Description Provided by CVE) : Unspecified vulnerability in McAfee Email and Web Security Appliance 5.1 VMtrial allows remote attackers to read arbitrary files via unknown vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.9 through 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
|
2009-06-01
|
McAfee Email and Web Security Appliance Unspecified Arbitrary File Access
|
|
54843
Description:
Online Grades contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the parents/parents.php script not properly sanitizing user-supplied input to the ADD parameter (when the func parameter is set to mailto), and the cc parameter (when the func parameter is set to showteachermemo). This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2009-06-01
|
Online Grades parents/parents.php Multiple Parameter SQL Injection
|
|
54844
Description:
Online Grades contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.php script not properly sanitizing user-supplied input to the key parameter (when 'action' is set to 'resetpass'). This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2009-06-01
|
Online Grades index.php key Parameter SQL Injection
|
|
54846
Description:
Online Grades & Attendance contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the admin/admin.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied to the skin parameter. This may allow an attacker with a valid Admin account to include a file from the targeted host that contains arbitrary commands which will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system.
|
2009-06-01
|
Online Grades & Attendance admin/admin.php skin Parameter Traversal Local File Inclusion
|
|
55780
Description:
(Description Provided by CVE) : Multiple heap-based buffer overflows in xvidcore/src/decoder.c in the xvidcore library in Xvid before 1.2.2, as used by Windows Media Player and other applications, allow remote attackers to execute arbitrary code by providing a crafted macroblock (aka MBlock) number in a video stream in a crafted movie file that triggers heap memory corruption, related to a "missing resync marker range check" and the (1) decoder_iframe, (2) decoder_pframe, and (3) decoder_bframe functions.
|
2009-06-01
|
Xvid xvidcore Library xvidcore/src/decoder.c Movie Video Stream macroblock (MBlock) Handling Multiple Overflows
|
|
55057
Description:
(Description Provided by CVE) : The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, as demonstrated by a PROPFIND request, a similar issue to CVE-2003-1564.
|
2009-06-01
|
Apache APR-util xml/apr_xml.c apr_xml_* Interface Expat XML Parser Crafted XML Document Remote DoS
|
|
54831
Description:
A buffer exists in SoftRemote. The IKE VPN service fails to validate packets received on UDP port 62514 resulting in a stack overflow. With a specially crafted request, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.
|
2009-06-01
|
SafeNet SoftRemote IKE VPN Service (ireIke.exe) UDP Packet Handling Overflow
|
|
54879
Description:
Apple QuickTime is prone to an overflow condition. The program fails to properly sanitize user-supplied input when processing MS ADPCM encoded audio data, resulting in a heap-based buffer overflow. With a specially crafted AVI file, a context-dependent attacker can potentially execute arbitrary code on a user's system.
|
2009-06-01
|
Apple QuickTime AVI File MS ADPCM Audio Data Handling Overflow
|
|
77508
Description:
(Description Provided by CVE) : Integer overflow in the __tzfile_read function in glibc before 2.15 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted timezone (TZ) file, as demonstrated using vsftpd.
|
2009-06-01
|
GNU C Library (glibc) time/tzfile.c __tzfile_read() Function Timezone File Handling Remote Overflow
|
|
54810
Description:
MP3 Tag Assistant Professional 2.92 is vulnerable to a stack buffer overflow attack when loading a malicious mp3 file (or file that supports tags) filled with overly long A's in its metadata (id3v1, id3v2 apev2, etc.). To succesfully exploit this issue you have to change the hex values of the file and remove the null bytes in the metadata header. I'm being lazy this season..... so.... ;). You can take any mp3 file, edit its metadata with some mp3 tag editor (ironic, isen't it..) and fill every field with long string of bytes.
|
2009-06-01
|
Mp3 Tag Assistant Professional MP3 ID3 Tag Handling Overflow
|
|
54834
Description:
RadCLASSIFIEDS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'seller' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2009-06-01
|
RadCLASSIFIEDS index.php seller Parameter SQL Injection
|
|
54832
Description:
AdaptBB contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the 'latestposts.php' script not properly sanitizing user input supplied to the 'forumspath' parameter. This may allow an attacker to include a file from an arbitrary remote host that contains commands which will be executed by the vulnerable script with the same privileges as the web server.
|
2009-06-01
|
AdaptBB latestposts.php forumspath Parameter Remote File Inclusion
|
|
54828
Description:
(Description Provided by CVE) : ASP Football Pool 2.3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for NFL.mdb.
|
2009-06-01
|
ASP Football Pool NFL.mdb Direct Request Database Disclosure
|
|
54835
Description:
(Description Provided by CVE) : R2 Newsletter Lite, Pro, and Stats stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for admin.mdb.
|
2009-06-01
|
R2 Newsletter Stats admin.mdb Direct Request Database Disclosure
|
