| OSVDB ID | Disclosure Date | Title |
|---|
|
77629
Description:
(Description Provided by CVE) : Heap-based buffer overflow in XChat 2.8.9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long response string.
|
2011-11-25
|
XChat Character Flooding Remote Overflow DoS
|
|
77323
Description:
(Description Provided by CVE) : Multiple SQL injection vulnerabilities in (1) cd-mapping-db.c and (2) cd-device-db.c in colord before 0.1.15 allow local users to execute arbitrary SQL commands via vectors related to color devices and (a) device id, (b) property, or (c) profile id.
|
2011-11-25
|
colord cd-mapping-db.c Unspecified SQL Injection
|
|
77324
Description:
(Description Provided by CVE) : Multiple SQL injection vulnerabilities in (1) cd-mapping-db.c and (2) cd-device-db.c in colord before 0.1.15 allow local users to execute arbitrary SQL commands via vectors related to color devices and (a) device id, (b) property, or (c) profile id.
|
2011-11-25
|
colord cd-device-db.c Unspecified SQL Injection
|
|
77363
Description:
(Description Provided by CVE) : Celery 2.1 and 2.2 before 2.2.8, 2.3 before 2.3.4, and 2.4 before 2.4.4 changes the effective id but not the real id during processing of the --uid and --gid arguments to celerybeat, celeryd_detach, celeryd-multi, and celeryev, which allows local users to gain privileges via vectors involving crafted code that is executed by the worker process.
|
2011-11-25
|
Celery Daemon Argument Parsing Local Privilege Escalation
|
|
77579
Description:
(Description Provided by CVE) : Unrestricted file upload vulnerability in editor/extensions/browser/file.php in the JCE component before 2.0.18 for Joomla! allows remote authenticated users with the author privileges to execute arbitrary PHP code by uploading a file with a double extension, as demonstrated by .php.gif. NOTE: some of these details are obtained from third party information.
|
2011-11-25
|
JCE Component for Joomla! editor/extensions/browser/file.php File Upload PHP Code Execution
|
|
77627
Description:
PHP Video Script contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.php script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2011-11-25
|
PHP Video Script index.php id Parameter SQL Injection
|
|
79866
Description:
(Description Provided by CVE) : icecast before 2.3.3 allows remote attackers to inject control characters such as newlines into the error loc (error.log) via a crafted URL.
|
2011-11-25
|
Icecast HTTP GET Request Parsing Log Message Injection
|
|
77321
Description:
MeeNews Plugin for WordPress contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the wp-content/plugins/meenews/inc/tpl/mee_editot_newsletter.php script does not validate the 'idnews' parameter upon submission to the wp-admin/admin.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2011-11-24
|
MeeNews Plugin for WordPress wp-admin/admin.php idnews Parameter XSS
|
|
77316
Description:
(Description Provided by CVE) : Stack-based buffer overflow in the xdrDecodeString function in XNFS.NLM in Novell NetWare 6.5 SP8 allows remote attackers to execute arbitrary code or cause a denial of service (abend or NFS outage) via long packets.
|
2011-11-24
|
Novell Netware XNFS.NLM xdrDecodeString() Function Datagram Parsing Remote Overflow
|
|
77650
Description:
(Description Provided by CVE) : crypto/bn/bn_nist.c in OpenSSL before 0.9.8h on 32-bit platforms, as used in stunnel and other products, in certain circumstances involving ECDH or ECDHE cipher suites, uses an incorrect modular reduction algorithm in its implementation of the P-256 and P-384 NIST elliptic curves, which allows remote attackers to obtain the private key of a TLS server via multiple handshake attempts.
|
2011-11-24
|
OpenSSL crypto/bn/bn_nist.c ECC TLS Server Private Key Disclosure
|
|
85225
Description:
Adminimize Plugin for WordPress contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'page' parameter upon submission to the inc-options/im_export_options.php script. This may allow a user to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2011-11-24
|
Adminimize Plugin for WordPress inc-options/im_export_options.php page Parameter XSS
|
|
85226
Description:
Adminimize Plugin for WordPress contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'post' and 'post_ID' parameters upon submission to the adminimize.php script. This may allow a user to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2011-11-24
|
Adminimize Plugin for WordPress adminimize.php Multiple Parameter XSS
|
|
77322
Description:
Koha contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the cgi-bin/opac/opac-main.pl script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the cgi-bin/koha/mainpage.pl script via the 'KohaOpacLanguage' cookie. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.
|
2011-11-24
|
Koha cgi-bin/koha/mainpage.pl KohaOpacLanguage Cookie Traversal Local File Inclusion
|
|
77509
Description:
Zabbix contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the popup.php script not properly sanitizing user-supplied input to the 'only_hostid' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2011-11-24
|
Zabbix popup.php only_hostid Parameter SQL Injection
|
|
85223
Description:
Adminimize Plugin for WordPress contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'page' parameter upon submission to the inc-options/deinstall_options.php script. This may allow a user to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2011-11-24
|
Adminimize Plugin for WordPress inc-options/deinstall_options.php page Parameter XSS
|
|
85224
Description:
Adminimize Plugin for WordPress contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'page' parameter upon submission to the inc-options/theme_options.php script. This may allow a user to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2011-11-24
|
Adminimize Plugin for WordPress inc-options/theme_options.php page Parameter XSS
|
|
77337
Description:
Featurific Plugin for WordPress contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'snum' parameter upon submission to the /wp-content/plugins/featurific-for-wordpress/cached_image.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2011-11-23
|
Featurific Plugin for WordPress /wp-content/plugins/featurific-for-wordpress/cached_image.php snum Parameter XSS
|
|
77261
Description:
(Description Provided by CVE) : The PageListSort function in scripts/pagelist.php in PmWiki 2.x before 2.2.35 allows remote attackers to execute arbitrary code via PHP sequences in a crafted order parameter in a pagelist directive, leading to unintended use of the PHP create_function function.
|
2011-11-23
|
PmWiki pagelist Directive order Parameter create_function() Remote PHP Code Execution
|
|
77310
Description:
(Description Provided by CVE) : The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an @ (at sign) character and a : (colon) character in invalid positions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368.
|
2011-11-23
|
Apache HTTP Server mod_proxy Reverse Proxy Mode Security Bypass Weakness (2011-4317)
|
|
77622
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in config.php in AdaptCMS 2.0.0 and 2.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
2011-11-23
|
AdaptCMS article/ Page ID Parameter SQL Injection
|
|
77338
Description:
ClickDesk Live Support Plugin for WordPress contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'cdwidgetid' parameter upon submission to the /wp-content/plugins/clickdesk-live-support-chat/clickdesk.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2011-11-23
|
ClickDesk Live Support Plugin for WordPress /clickdesk-live-support-chat/clickdesk.php cdwidgetid Parameter XSS
|
|
77687
Description:
(Description Provided by CVE) : IBM Tivoli Federated Identity Manager (TFIM) and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.1.1, 6.2.0, and 6.2.1 do not properly handle signature validations based on SAML 1.0, 1.1, and 2.0, which allows remote attackers to bypass intended authentication or authorization requirements via a non-conforming SAML signature.
|
2011-11-23
|
IBM Tivoli Federated Identity Manager SAML Signature Validation Bypass
|
|
82126
Description:
LogicalDOC contains a flaw that is triggered when a user with read-only privileges is able to delete folder tags from documents.
|
2011-11-23
|
LogicalDOC Unprivileged Folder Tag Deletion
|
|
77357
Description:
Unknown / Incomplete
|
2011-11-23
|
Pro Clan Manager Login Page Username SQL Injection
|
|
77339
Description:
Dolibarr contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate certain input passed via the URL upon submission to multiple scripts. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2011-11-23
|
Dolibarr Multiple Script URI XSS
|
|
77340
Description:
Dolibarr contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the /user/index.php script not properly sanitizing user-supplied input to the 'sortfield', 'sortorder' and 'sall' parameters. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2011-11-23
|
Dolibarr /user/index.php Multiple Parameter SQL Injection
|
|
77341
Description:
Dolibarr contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the /user/info.php script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2011-11-23
|
Dolibarr /user/info.php id Parameter SQL Injection
|
|
77342
Description:
Dolibarr contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the /user/perms.php script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2011-11-23
|
Dolibarr /user/perms.php id Parameter SQL Injection
|
|
77343
Description:
Dolibarr contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the /user/param_ihm.php script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2011-11-23
|
Dolibarr /user/param_ihm.php id Parameter SQL Injection
|
|
77344
Description:
Dolibarr contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the /user/note.php script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2011-11-23
|
Dolibarr /user/note.php id Parameter SQL Injection
|
|
77345
Description:
Dolibarr contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the /user/fiche.php script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2011-11-23
|
Dolibarr /user/fiche.php id Parameter SQL Injection
|
|
77346
Description:
Dolibarr contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the /admin/boxes.php script not properly sanitizing user-supplied input to the 'rowid' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2011-11-23
|
Dolibarr /admin/boxes.php rowid Parameter SQL Injection
|
|
77347
Description:
Dolibarr contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the /user/group/index.php script not properly sanitizing user-supplied input to the 'sortfield', 'sortorder' and 'sall' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2011-11-23
|
Dolibarr /user/group/index.php Multiple Parameter SQL Injection
|
|
77349
Description:
Unknown / Incomplete
|
2011-11-23
|
PHP-Nuke URI SQL Injection
|
|
77352
Description:
Unknown / Incomplete
|
2011-11-23
|
TA.CMS (TeachArabia) index.php id Parameter SQL Injection
|
|
77353
Description:
Unknown / Incomplete
|
2011-11-23
|
TA.CMS (TeachArabia) lang Parameter Traversal Local File Inclusion
|
|
77358
Description:
Unknown / Incomplete
|
2011-11-23
|
Pro Clan Manager includes/user.php Password Generation Entropy Weakness
|
|
77396
Description:
HP Network Node Manager i contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'node' parameter upon submission to the nnm/mibdiscover script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2011-11-23
|
HP Network Node Manager i nnm/mibdiscover node Parameter XSS
|
|
77397
Description:
HP Network Node Manager i contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'nodename' parameter upon submission to the nnm/protected/configurationpoll.jsp script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2011-11-23
|
HP Network Node Manager i nnm/protected/configurationpoll.jsp nodename Parameter XSS
|
|
77398
Description:
HP Network Node Manager i contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'nodename' parameter upon submission to the nnm/protected/ping.jsp script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2011-11-23
|
HP Network Node Manager i nnm/protected/ping.jsp nodename Parameter XSS
|
