[CLOSE] OSVDB ID : 37466 - Disclosed: 2007-05-28

Description:

(Description Provided by CVE) : Multiple SQL injection vulnerabilities in W2B Online Banking allow remote attackers to execute arbitrary SQL commands via (1) the draft parameter to mailer.w2b or (2) the listDocPay parameter to DocPay.w2b.

[CLOSE] OSVDB ID : 36830 - Disclosed: 2007-05-14

Description:

(Description Provided by CVE) : Unrestricted file upload vulnerability in labs.beffa.org w2box 4.0.0 Beta4 allows remote attackers to upload arbitrary PHP code via a filename with a double extension such as .php.jpg.

[CLOSE] OSVDB ID : 73311 - Disclosed: 2011-06-21

Description:

W3 Total Cache Plugin for WordPress has a compromised download which contains a trojaned backdoor with may allow an attacker to execute arbitrary PHP code.

[CLOSE] OSVDB ID : 40204 - Disclosed: 2008-01-03

Description:

(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in the error page in W3-mSQL allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the top-level URI.

[CLOSE] OSVDB ID : 51235 - Disclosed: 2008-01-03

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 510 - Disclosed: 2001-02-12

Description:

(Description Provided by CVE) : Directory traversal vulnerability in sendtemp.pl in W3.org Anaya Web development server allows remote attackers to read arbitrary files via a .. (dot dot) attack in the templ parameter.

[CLOSE] OSVDB ID : 52023 - Disclosed: 2009-02-17

Description:

(Description Provided by CVE) : Multiple unspecified vulnerabilities in the admin backend in w3b>cms (aka w3blabor CMS) before 3.2.0 have unknown impact and remote attack vectors.

[CLOSE] OSVDB ID : 51108 - Disclosed: 2009-01-01

Description:

w3blabor CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'admin/index.php' script not properly sanitizing user-supplied input to the 'benutzername' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 52239 - Disclosed: 2009-01-24

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 19952 - Disclosed: 2005-10-07

Description:

(Description Provided by CVE) : The HTBoundary_put_block function in HTBound.c for W3C libwww (w3c-libwww) allows remote servers to cause a denial of service (segmentation fault) via a crafted multipart/byteranges MIME message that triggers an out-of-bounds read.

[CLOSE] OSVDB ID : 56243 - Disclosed: 2009-07-14

Description:

(Description Provided by CVE) : The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6; (3) Mono before 2.4.2.2; (4) XML Security Library before 1.2.12; (5) IBM WebSphere Application Server Versions 6.0 through 6.0.2.33, 6.1 through 6.1.0.23, and 7.0 through 7.0.0.1; (6) Sun JDK and JRE Update 14 and earlier; (7) Microsoft .NET Framework 3.0 through 3.0 SP2, 3.5, and 4.0; and other products uses a parameter that defines an HMAC truncation length (HMACOutputLength) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits.

[CLOSE] OSVDB ID : 45745 - Disclosed: 2007-06-29

Description:

(Description Provided by CVE) : Stack-based buffer overflow in W3Filer 2.1.3 allows remote FTP servers to cause a denial of service (application hang or crash) and possibly execute arbitrary code by sending a large banner to a client that is sending a file.

[CLOSE] OSVDB ID : 1876 - Disclosed: 2001-06-21

Description:

(Description Provided by CVE) : Buffer overflow in w3m 0.2.1 and earlier allows a remote attacker to execute arbitrary code via a long base64 encoded MIME header.

[CLOSE] OSVDB ID : 65538 - Disclosed: 2010-06-14

Description:

(Description Provided by CVE) : istream.c in w3m 0.5.2 and possibly other versions, when ssl_verify_server is enabled, does not properly handle a '\0' character in a domain name in the (1) subject's Common Name or (2) Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.

[CLOSE] OSVDB ID : 14526 - Disclosed: 2002-12-04

Description:

(Description Provided by CVE) : w3m before 0.3.2.2 does not properly escape HTML tags in the ALT attribute of an IMG tag, which could allow remote attackers to access files or cookies.

[CLOSE] OSVDB ID : 73695 - Disclosed: 2011-01-15

Description:

w3m contains multiple unspecified flaws that may allow an attacker to have an unspecified impact. No further details have been provided.

[CLOSE] OSVDB ID : 31581 - Disclosed: 2006-12-25

Description:

(Description Provided by CVE) : Format string vulnerability in the inputAnswer function in file.c in w3m before 0.5.2, when run with the dump or backend option, allows remote attackers to execute arbitrary code via format string specifiers in the Common Name (CN) field of an SSL certificate associated with an https URL.

[CLOSE] OSVDB ID : 35523 - Disclosed: 2007-06-04

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 6981 - Disclosed: 2002-11-27

Description:

w3m contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not escape an html tag in a frame. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 59547 - Disclosed: 2002-07-25

Description:

Unless indexing for the MIME attachments directory is disabled it is possible to browse the MIME attachments directory and read arbitrary attachments. Prior to release 1.0.3, W3Mail did not correctly clean up the MIME directory, leaving the attachments there even after the user whom they belonged to has logged out. In versions 1.0.3 and more recent, providing the user correctly logs out their attachments will be removed. Note that the attachments will remain as with 1.0.3 and lower releases if the user simply closes the window rather than using the correct logout link. By sending a MIME attachment executable by the web server from the MIME attachments directory to an POP3 account accessed from the W3Mail web based POP3 client remote access as the webserver user can in theory be achieved, if the user to whom the mail is sent opens the malicious email (and thus creates the attachments within the MIME attachments directory for the lifetime explained in part 1). Whilst the attachment exists, the potential intruder can request it via their browser and therefore have it exected by the web server. The attachment must be sent as a none text MIME type in order for the malicious code to correctly be created. This part of the vulnerability will work even when directory indexing is turned off for the MIME attachments directory since attachments are created with their original name. This vulnerability can also be exploited on attachments being sent from W3Mail, although in this case the affect is reduced in versions from 1.0.3 onwards which clean the attachments directory after the mail has been sent minimizing the potential time for any attack.

[CLOSE] OSVDB ID : 2002 - Disclosed: 2001-10-07

Description:

sendmessage.cgi in W3Mail, and possibly other CGI programs, allows remote attackers to execute arbitrary commands via shell metacharacters in any field of the 'Compose Message' page.

[CLOSE] OSVDB ID : 59173 - Disclosed: 2002-11-12

Description:

W3Mail contains a flaw that allows a REMOTE attacker to traverse outside of a restricted path. The issue is due to the SCRIPT not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied via the file parameter. This directory traversal attack would allow the attacker to retrive arbitrary files.

[CLOSE] OSVDB ID : 49986 - Disclosed: 2008-11-19

Description:

W3matter Multiple Products contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.php script not properly sanitizing user-supplied input to the 'f[password]' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 45072 - Disclosed: 2007-06-12

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 30574 - Disclosed: 2006-11-19

Description:

(Description Provided by CVE) : Directory traversal vulnerability in script.php in Wabbit PHP Gallery 0.9 allows remote attackers to read arbitrary files via a .. (dot dot) in the dir parameter to index.php.

[CLOSE] OSVDB ID : 34994 - Disclosed: 2007-04-16

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in showpic.php in Wabbit PHP Gallery 0.9 allow remote attackers to inject arbitrary web script or HTML via the (1) pic and (2) gal parameters.

[CLOSE] OSVDB ID : 36698 - Disclosed: 2007-05-25

Description:

(Description Provided by CVE) : WabCMS 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/wabcmsn.mdb. NOTE: this issue was originally reported for "webCMS," but this was an error by an unreliable researcher.

[CLOSE] OSVDB ID : 8377 - Disclosed: 2003-04-30

Description:

WackoWiki contains a flaw related to double-double quotes that may allows a remote cross site scripting attack. No further details have been provided.

[CLOSE] OSVDB ID : 15073 - Disclosed: 2005-03-27

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in WackoWiki R4 allow remote attackers to inject arbitrary web script or HTML via unknown vectors.

[CLOSE] OSVDB ID : 8295 - Disclosed: 2004-08-04

Description:

WackoWiki contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'phrase' variable upon submission to the 'TextSearch' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.