| OSVDB ID | Disclosure Date | Title |
|---|
|
55214
Description:
TorrentTrader contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'Title' field upon submission to the requests.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2009-06-15
|
TorrentTrader Classic Torrent requests.php Title Field XSS
|
|
55215
Description:
TorrentTrader contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'Torrent Name' field upon submission to the torrents-upload.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2009-06-15
|
TorrentTrader Classic torrents-upload.php Torrent Name Field XSS
|
|
55216
Description:
TorrentTrader Classic contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the 'back-end/admin-functions.php' script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied to the 'ss_uri' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands which will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In additin, this flaw can potentially be used to disclose the contents of any file on the system.
|
2009-06-15
|
TorrentTrader Classic backend/admin-functions.php ss_uri Parameter Traversal Local File Inclusion
|
|
55217
Description:
TorrentTrader Classic contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'ttversion' parameters upon submission to the 'themes/default/footer.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2009-06-15
|
TorrentTrader Classic themes/default/footer.php ttversion Parameter XSS
|
|
55218
Description:
TorrentTrader contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'CURUSER' and 'SITENAME' variables upon submission to the themes/default/header.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2009-06-15
|
TorrentTrader Classic themes/default/header.php Multiple Parameter XSS
|
|
55219
Description:
TorrentTrader Classic contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'todayactive' parameters upon submission to the 'visitorstoday.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2009-06-15
|
TorrentTrader Classic visitorstoday.php todayactive Parameter XSS
|
|
55220
Description:
TorrentTrader Classic contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'activepeople' parameters upon submission to the 'visitorsnow.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2009-06-15
|
TorrentTrader Classic visitorsnow.php activepeople Parameter XSS
|
|
55221
Description:
TorrentTrader Classic contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'faq_categ[][title]' parameters upon submission to the 'faq.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2009-06-15
|
TorrentTrader Classic faq.php faq_categ[][title] Parameter XSS
|
|
55227
Description:
(Description Provided by CVE) : The message engine in CA ARCserve Backup r12.0 and r12.0 SP1 for Windows allows remote attackers to cause a denial of service (crash) via (1) an invalid 0x13 message, which is not properly handled in the ASCORE module, or (2) a 0x3B message with invalid stub data that triggers an RPC marshalling error.
|
2009-06-15
|
CA ARCserve Backup for Windows Message Engine 0x3B Message Invalid Stub Data RPC Marshalling Error Remote DoS
|
|
55250
Description:
Elvin contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'show_bug.cgi' script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2009-06-15
|
Elvin show_bug.cgi id Parameter SQL Injection
|
|
55251
Description:
Elvin contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'id' parameters upon submission to the 'show_bug.cgi' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2009-06-15
|
Elvin show_bug.cgi id Parameter XSS
|
|
55252
Description:
Elvin contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'show_activity.cgi' script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2009-06-15
|
Elvin show_activity.cgi id Parameter SQL Injection
|
|
55253
Description:
Elvin contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'id' parameters upon submission to the 'show_activity.cgi' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2009-06-15
|
Elvin show_activity.cgi id Parameter XSS
|
|
55254
Description:
Elvin contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the 'page.php' script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied to the 'id' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands which will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system.
|
2009-06-15
|
Elvin page.php id Parameter Traversal Local File Inclusion
|
|
55271
Description:
(Description Provided by CVE) : Cross-site request forgery (CSRF) vulnerability in login.php in Elvin 1.2.0 allows remote attackers to hijack the authentication of arbitrary users via a logout action.
|
2009-06-15
|
Elvin login.php Arbitrary Authentication Hijack CSRF
|
|
55283
Description:
MyBB contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'inc/datahandlers/user.php' script not properly sanitizing user-supplied input to the 'birthdayprivacy' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2009-06-15
|
MyBB inc/datahandlers/user.php birthdayprivacy Parameter SQL Injection
|
|
55288
Description:
Impleo Music Collection contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'admin/login.php' script not properly sanitizing user-supplied input to the 'username' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2009-06-15
|
Impleo Music Collection admin/login.php username Parameter SQL Injection
|
|
55289
Description:
Impleo Music Collection contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'sort' variables upon submission to the 'index.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2009-06-15
|
Impleo Music Collection index.php sort Parameter XSS
|
|
55290
Description:
AdaptWeb contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'a_index.php' script not properly sanitizing user-supplied input to the 'CodigoDisciplina' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2009-06-15
|
AdaptWeb a_index.php CodigoDisciplina Parameter SQL Injection
|
|
55291
Description:
(Description Provided by CVE) : Directory traversal vulnerability in index.php in AdaptWeb 0.9.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the newlang parameter.
|
2009-06-15
|
AdaptWeb index.php newlang Parameter Traversal Arbitrary File Access
|
|
55318
Description:
Radio and TV Player Addon for vBulletin contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'station' parameters upon submission to the 'forum/radioandtv.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2009-06-15
|
Radio and TV Player Addon for vBulletin forum/radioandtv.php station Parameter XSS
|
|
55335
Description:
TorrentTrader Classic contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'take-deletepm.php' script not properly sanitizing user-supplied input to the 'delmp' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2009-06-15
|
TorrentTrader Classic take-deletepm.php delmp Parameter SQL Injection
|
|
55336
Description:
TorrentTrader Classic contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'takestaffmess.php' script not properly sanitizing user-supplied input to the 'clases' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2009-06-15
|
TorrentTrader Classic takestaffmess.php clases Parameter SQL Injection
|
|
55338
Description:
TorrentTrader contains a flaw that allows a remote cross site scripting attack.This flaw exists because the application does not validate the 'keepget' parameter upon submission to the 'torrents-details.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2009-06-15
|
TorrentTrader Classic torrents-details.php keepget Parameter XSS
|
|
55339
Description:
(Description Provided by CVE) : account-recover.php in TorrentTrader Classic 1.09 chooses random passwords from an insufficiently large set, which makes it easier for remote attackers to obtain a password via a brute-force attack.
|
2009-06-15
|
TorrentTrader Classic account-recover.php Random Password Assignment Weakness
|
|
55486
Description:
(Description Provided by CVE) : Directory traversal vulnerability in cgi-bin/webcm in the administrative web interface on the Netgear DG632 with firmware 3.4.0_ap allows remote attackers to list arbitrary directories via a .. (dot dot) in the nextpage parameter.
|
2009-06-15
|
NETGEAR DG632 cgi-bin/webcm nextpage Parameter Traversal Arbitrary Directory Listing
|
|
55500
Description:
(Description Provided by CVE) : The administrative web interface on the Netgear DG632 with firmware 3.4.0_ap allows remote attackers to cause a denial of service (web outage) via an HTTP POST request to cgi-bin/firmwarecfg.
|
2009-06-15
|
NETGEAR DG632 cgi-bin/firmwarecfg HTTP POST Request DoS
|
|
55508
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in includes/functions.php in 4images 1.7 through 1.7.7 allows remote attackers to inject arbitrary web script or HTML via vectors related to the url variable.
|
2009-06-15
|
4images includes/functions.php Unspecified Parameter XSS
|
|
55617
Description:
(Description Provided by CVE) : The administrative web interface on the Netgear DG632 with firmware 3.4.0_ap allows remote attackers to bypass authentication via a direct request to (1) gateway/commands/saveconfig.html, and (2) stattbl.htm, (3) modemmenu.htm, (4) onload.htm, (5) form.css, (6) utility.js, and possibly (7) indextop.htm in html/.
|
2009-06-15
|
NETGEAR DG632 Admin Web Interface html/ Multiple Script Direct Request Authentication Bypass
|
|
56455
Description:
(Description Provided by CVE) : Elvin 1.2.0 allows remote attackers to read the PHP source code of (1) login.ei, (2) jump_bug.ei, or (3) create_account.ei in inc/ via a direct request.
|
2009-06-15
|
Elvin Multiple Script Direct Request PHP Source Disclosure
|
|
61782
Description:
Unknown / Incomplete
|
2009-06-14
|
Frisk F-PROT Antivirus Crafted TAR Archive Scan Bypass
|
|
61780
Description:
Unknown / Incomplete
|
2009-06-14
|
Apple Safari CFRelease() Function NULL Pointer Dereference DoS
|
|
89367
Description:
Jenkins contains multiple flaws that allow multiple remote cross-site scripting (XSS) attacks. These flaws exists because the application does not validate certain unspecified input before returning it to the user. This may allow an attacker to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2009-06-14
|
Jenkins Multiple Unspecified XSS
|
|
89366
Description:
Jenkins contains multiple flaws that allow multiple remote Cross-site Request Forgery (CSRF / XSRF) attacks. These flaws exists because the application does not require multiple steps or explicit confirmation for sensitive transactions. By using a crafted URL (e.g., a crafted GET request inside an "img" tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into performing an unspecified action in the context of their session with the application, without further prompting or verification.
|
2009-06-14
|
Jenkins Multiple Unspecified CSRF
|
|
61798
Description:
Unknown / Incomplete
|
2009-06-13
|
Link Logger syslogd Saturated Spoofed Traffic Handling Remote DoS
|
|
55164
Description:
Mozilla Firefox contains a race condition error. The NPObjWrapper_NewResolve function (nsJSNPRuntime.cpp) in xul.dll may dereference already freed memory when navigating away from a web page while loading a Java applet. This may allow a context-dependent attacker to potentially execute arbitrary code on a user's system.
|
2009-06-13
|
Mozilla Firefox xul.dll nsJSNPRuntime.cpp NPObjWrapper_NewResolve Function Race Condition Arbitrary Code Execution
|
|
55087
Description:
FireStats Plugin for Wordpress contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to unspecified script(s) not properly sanitizing user-supplied input to unspecified parameter(s). This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2009-06-13
|
FireStats Plugin for Wordpress Unspecified SQL Injection
|
|
55089
Description:
(Description Provided by CVE) : Unrestricted file upload vulnerability in the Compose Email feature in the Emails module in Sugar Community Edition (aka SugarCRM) before 5.2f allows remote authenticated users to execute arbitrary code by uploading a file with only an extension in its name, then accessing the file via a direct request to a modified filename under cache/modules/Emails/, as demonstrated using .php as the entire original name.
|
2009-06-13
|
SugarCRM Emails Module File Upload Arbitrary PHP Code Execution
|
|
55088
Description:
FireStats Plugin for Wordpress contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'wp-content/plugins/firestats/firestats-wordpress.php' script not properly sanitizing user input supplied to the 'fs_javascript' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.
|
2009-06-13
|
FireStats Plugin for Wordpress wp-content/plugins/firestats/firestats-wordpress.php fs_javascript Parameter Remote File Inclusion
|
|
61781
Description:
Unknown / Incomplete
|
2009-06-13
|
Ikraus Multiple Products Parsing Engine Multiple Method Scanning Bypass
|
