[CLOSE] OSVDB ID : 77518 - Disclosed: 2011-11-22

Description:

osCommerce contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the OM/Core/Site/Admin/Application/modules_geoip/pages/uninstall.php script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'module' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 77519 - Disclosed: 2011-11-22

Description:

osCommerce contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the OM/Core/Site/Admin/Application/images/pages/main.php script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'module' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 77520 - Disclosed: 2011-11-22

Description:

osCommerce contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the OM/Core/Site/Admin/Application/modules_shipping/pages/edit.php script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'module' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 77521 - Disclosed: 2011-11-22

Description:

osCommerce contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the OM/Core/Site/Admin/Application/modules_shipping/pages/uninstall.php script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'module' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 77522 - Disclosed: 2011-11-22

Description:

osCommerce contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the OM/Core/Site/Admin/Application/templates_modules_layout/pages/main.php script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'filter' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 77523 - Disclosed: 2011-11-22

Description:

osCommerce contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the OM/Core/Site/Admin/Application/templates_modules_layout/pages/new.php script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'filter' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 77524 - Disclosed: 2011-11-22

Description:

osCommerce contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the OM/Core/Site/Admin/Application/templates_modules_layout/pages/edit.php script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'filter' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 77525 - Disclosed: 2011-11-22

Description:

osCommerce contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the OM/Core/Site/Admin/Application/templates/pages/info.php script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'template' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 77526 - Disclosed: 2011-11-22

Description:

osCommerce contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the OM/Core/Site/Admin/Application/templates/pages/edit.php script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'template' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 77527 - Disclosed: 2011-11-22

Description:

osCommerce contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the OM/Core/Site/Admin/Application/templates/pages/uninstall.php script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'template' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 77242 - Disclosed: 2011-11-21

Description:

Zenprise Device Manager's web console contains a flaw that allows a remote Cross-site Request Forgery (CSRF / XSRF) attack. The flaw exists because the application does not require multiple steps or explicit confirmation for sensitive transactions for the execution of commands. By using a crafted URL (e.g., a crafted GET request inside an "img" tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into executing arbitrary commands in the context of their session with the application, without further prompting or verification.

[CLOSE] OSVDB ID : 77430 - Disclosed: 2011-11-21

Description:

(Description Provided by CVE) : Software Center in Ubuntu 11.10, 11.04 10.10 does not properly validate server certificates, which allows remote attackers to execute arbitrary code or obtain sensitive information via a man-in-the-middle (MITM) attack.

[CLOSE] OSVDB ID : 77249 - Disclosed: 2011-11-21

Description:

WP e-Commerce Plugin for WordPress contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'custom_text' parameter upon submission to the index.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 77290 - Disclosed: 2011-11-21

Description:

(Description Provided by CVE) : Integer overflow in the vp3_dequant function in the VP3 decoder (vp3.c) in libavcodec in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9, and 0.8.x before 0.8.8; and in Libav 0.5.x before 0.5.6, 0.6.x before 0.6.4, and 0.7.x before 0.7.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted VP3 stream, which triggers a buffer overflow.

[CLOSE] OSVDB ID : 77291 - Disclosed: 2011-11-21

Description:

(Description Provided by CVE) : The (1) av_image_fill_pointers, (2) vp5_parse_coeff, and (3) vp6_parse_coeff functions in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9, and 0.8.x before 0.8.8; and in Libav 0.5.x before 0.5.6, 0.6.x before 0.6.4, and 0.7.x before 0.7.3 allow remote attackers to cause a denial of service (out-of-bounds read) via a crafted VP5 or VP6 stream.

[CLOSE] OSVDB ID : 77474 - Disclosed: 2011-11-21

Description:

Advanced Text Widget Plugin for WordPress contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'page' parameter upon submission to the advancedtext.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 77475 - Disclosed: 2011-11-21

Description:

Alert Before Your Post Plugin for WordPress contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'name' parameter upon submission to the trunk/post_alert.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 77623 - Disclosed: 2011-11-21

Description:

Balitbang CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.php script not properly sanitizing user-supplied input to the 'hal' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 77624 - Disclosed: 2011-11-21

Description:

Balitbang CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the alumni.php script not properly sanitizing user-supplied input to the 'hal' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 78300 - Disclosed: 2011-11-21

Description:

(Description Provided by CVE) : The svq1_decode_frame function in the SVQ1 decoder (svq1dec.c) in libavcodec in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9, and 0.8.x before 0.8.8; and in Libav 0.5.x before 0.5.6, 0.6.x before 0.6.4, and 0.7.x before 0.7.3 allows remote attackers to cause a denial of service (memory corruption) via a crafted SVQ1 stream, related to "dimensions changed."

[CLOSE] OSVDB ID : 77289 - Disclosed: 2011-11-21

Description:

(Description Provided by CVE) : ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

[CLOSE] OSVDB ID : 77262 - Disclosed: 2011-11-21

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 77266 - Disclosed: 2011-11-21

Description:

(Description Provided by CVE) : Stack-based buffer overflow in QQPlayer 3.2.845 allows remote attackers to execute arbitrary code via a crafted PnSize value in a MOV file.

[CLOSE] OSVDB ID : 77472 - Disclosed: 2011-11-21

Description:

Adminimize Plugin for WordPress contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'page' parameter upon submission to the adminimize_page.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 91924 - Disclosed: 2011-11-21

Description:

Instructure Canvas contains a flaw that is due to the 'stay logged in' cookie value persisting. This may make it easier for a remote attacker to sniff the local network and replay the authentication data, potentially gaining access to the user's account.

[CLOSE] OSVDB ID : 77243 - Disclosed: 2011-11-20

Description:

(Description Provided by CVE) : plugin/npapi/plugin.cpp in Gnash before 0.8.10 uses weak permissions (word readable) for cookie files with predictable names in /tmp, which allows local users to obtain sensitive information.

[CLOSE] OSVDB ID : 77902 - Disclosed: 2011-11-20

Description:

(Description Provided by CVE) : The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 generates a password form field without disabling the autocomplete feature, which makes it easier for remote attackers to bypass authentication by leveraging an unattended workstation, as demonstrated by forms in server/google-tools/ and certain other files.

[CLOSE] OSVDB ID : 77885 - Disclosed: 2011-11-20

Description:

Parallels Plesk Panel Control Panel contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'start_page' parameter upon submission to the root directory. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 77898 - Disclosed: 2011-11-20

Description:

Parallels Plesk Panel Control Panel contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the notification@/ script not properly sanitizing user-supplied input to the 'certificateslist' cookie. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 77899 - Disclosed: 2011-11-20

Description:

(Description Provided by CVE) : The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 includes a submitted password within an HTTP response body, which allows remote attackers to obtain sensitive information by sniffing the network, as demonstrated by password handling in certain files under client@1/domain@1/backup/local-repository/.

[CLOSE] OSVDB ID : 77900 - Disclosed: 2011-11-20

Description:

(Description Provided by CVE) : The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 does not set the secure flag for a cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session, as demonstrated by cookies used by help.php and certain other files.

[CLOSE] OSVDB ID : 77886 - Disclosed: 2011-11-20

Description:

Parallels Plesk Panel Control Panel contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'branch' parameter upon submission to the /admin/update/settings/ script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 77887 - Disclosed: 2011-11-20

Description:

Parallels Plesk Panel Control Panel contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'cmd' parameter upon submission to the /plesk/client@3/domain@2/hosting/file-manager/ script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 77888 - Disclosed: 2011-11-20

Description:

Parallels Plesk Panel Control Panel contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'cmd' parameter upon submission to the /plesk/client@3/domain@2/hosting/file-manager/create-dir/ script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 77889 - Disclosed: 2011-11-20

Description:

Parallels Plesk Panel Control Panel contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'cmd' and 'file' parameters upon submission to the /plesk/client@3/domain@2/hosting/file-manager/edit/ script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 77890 - Disclosed: 2011-11-20

Description:

Parallels Plesk Panel Control Panel contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'fname' parameter upon submission to the /plesk/client@3/domain@2/hosting/file-manager/permissions/ script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 77891 - Disclosed: 2011-11-20

Description:

Parallels Plesk Panel Control Panel contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'cmd' and 'file' parameters upon submission to the /plesk/client@3/domain@2/hosting/file-manager/rename/ script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 77892 - Disclosed: 2011-11-20

Description:

Parallels Plesk Panel Control Panel contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'cmd' parameter upon submission to the /plesk/client@3/domain@2/hosting/file-manager/view/ script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 77893 - Disclosed: 2011-11-20

Description:

Parallels Plesk Panel Control Panel contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'RefererHost', 'RefererPort', 'RefererScheme', 'RelayState' and 'response_url' parameters upon submission to the /relay script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 77894 - Disclosed: 2011-11-20

Description:

Parallels Plesk Panel Control Panel contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'category' parameter upon submission to the /smb/app/applications-list-data/catalogId/apscatalog script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.