[CLOSE] OSVDB ID : 4404 - Disclosed: 2000-12-14

Description:

Watchguard Firebox SOHO firewall contains a flaw that may allow a remote attacker to bypass authentication for the Web administration interface. The issue is due to a flaw in the administration authentication that allows an attacker to directly access and modify the firewall's configuration options. By accessing the options directly, the attacker could modify settings or disable service.

[CLOSE] OSVDB ID : 4924 - Disclosed: 2002-09-27

Description:

A remote format strings vulnerability exists in Watchguard RapidStream and Firebox products. The RapidStream and Firebox appliances fail to validate user suplied input uppon the login process resulting in a format strings issue on the binary that handles authentication. With a specially crafted request, an attacker can cause the appliance to execute arbitrary code resulting in a loss of integrity, and/or availability.

[CLOSE] OSVDB ID : 4831 - Disclosed: 2002-09-27

Description:

Watchguard's Firebox and legacy RSSA appliances contain a flaw that may allow a malicious user to avoid being logged out on authentication failure. The issue is triggered due to improper validation on the login process. It is possible that the flaw may allow a remote attacker to obtain administrative privileges on the appliance, resulting in a loss of integrity.

[CLOSE] OSVDB ID : 6578 - Disclosed: 2003-07-17

Description:

Server Lock contains a flaw that may allow a malicious user to inject arbitrary DLLs. The issue is triggered when the OpenProcess() call is used and no sanity checks are performed. It is possible that the flaw may allow malicious DLL injection resulting in a loss of integrity.

[CLOSE] OSVDB ID : 6581 - Disclosed: 2003-07-17

Description:

(Description Provided by CVE) : WatchGuard ServerLock for Windows 2000 before SL 2.0.4 allows local users to access kernel memory via a symlink attack on \Device\PhysicalMemory.

[CLOSE] OSVDB ID : 73251 - Disclosed: 2011-04-14

Description:

WatchGuard XCS contains a flaw related to the TLS implementation failing to properly restrict I/O buffering and clearing transport layer buffers when changing from plaintext to ciphertext upon receipt of the 'STARTTLS' command. This may allow a remote, man-in-the-middle attacker to inject arbitrary plaintext data which will be executed upon transition to ciphertext.

[CLOSE] OSVDB ID : 41106 - Disclosed: 2007-02-26

Description:

(Description Provided by CVE) : Unspecified vulnerability in Watchtower (WT) before 0.12 has unknown impact and attack vectors, related to "unauthorized accounts."

[CLOSE] OSVDB ID : 37655 - Disclosed: 2007-05-05

Description:

(Description Provided by CVE) : PHP remote file inclusion vulnerability in watermark.php in the vm (aka Jean-Francois Laflamme) watermark 0.4.1 mod for Gallery allows remote attackers to execute arbitrary PHP code via a URL in the GALLERY_BASEDIR parameter.

[CLOSE] OSVDB ID : 69623 - Disclosed: 2010-12-06

Description:

WaveMax Sound Editor is prone to a flaw in the way it loads dynamic-link libraries (DLL). The program uses a fixed path to look for specific files or libraries. This path includes directories that may not be trusted or under user control. By placing a custom version of the file or library in the path, the program will load it before the legitimate version. This allows an attacker to inject custom code that will be run with the privilege of the program or user executing the program. This can be done by tricking a user into opening a WAV or CDA file from the local file system or a USB drive in some cases. This attack can be leveraged remotely in some cases by placing the malicious file or library on a network share or extracted archive downloaded from a remote source.

[CLOSE] OSVDB ID : 35319 - Disclosed: 2007-04-24

Description:

wavewoo contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'include/loading.php' script not properly sanitizing user input supplied to the 'path_include' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

[CLOSE] OSVDB ID : 31904 - Disclosed: 2006-12-10

Description:

(Description Provided by CVE) : Directory traversal vulnerability in the Browse function (/browse URI) in Winamp Web Interface (Wawi) 7.5.13 and earlier allows remote authenticated users to list arbitrary directories via URL encoded backslashes ("%2F") in the path parameter.

[CLOSE] OSVDB ID : 31908 - Disclosed: 2006-12-10

Description:

(Description Provided by CVE) : Multiple buffer overflows in Winamp Web Interface (Wawi) 7.5.13 and earlier (1) allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an (a) long username or a (b) crafted packet to the FindBasicAuth function in security.cpp, related to the /browse URI; and allow remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a long path string in the (2) Browse, (3) CControl::Download, and (4) CControl::Load functions, related to the file parameter in the /dl URI. NOTE: some of these details are obtained from third party information.

[CLOSE] OSVDB ID : 31905 - Disclosed: 2006-12-10

Description:

(Description Provided by CVE) : The CControl::Download function (/dl URI) in Winamp Web Interface (Wawi) 7.5.13 and earlier allows remote authenticated users to download arbitrary file types under the root via a trailing "." (dot) in a filename in the file parameter, related to erroneous behavior of the IsWinampFile function.

[CLOSE] OSVDB ID : 31906 - Disclosed: 2006-12-10

Description:

(Description Provided by CVE) : Winamp Web Interface (Wawi) 7.5.13 and earlier uses an insufficient comparison to determine whether a directory is located below the application's root directory, which allows remote authenticated users to access certain other directories if the name of the root directory is a substring of the name of the target directory, as demonstrated by accessing C:\folder2 when the root directory is C:\folder.

[CLOSE] OSVDB ID : 31907 - Disclosed: 2006-12-10

Description:

(Description Provided by CVE) : Multiple buffer overflows in Winamp Web Interface (Wawi) 7.5.13 and earlier (1) allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an (a) long username or a (b) crafted packet to the FindBasicAuth function in security.cpp, related to the /browse URI; and allow remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a long path string in the (2) Browse, (3) CControl::Download, and (4) CControl::Load functions, related to the file parameter in the /dl URI. NOTE: some of these details are obtained from third party information.

[CLOSE] OSVDB ID : 22046 - Disclosed: 2005-12-22

Description:

WAXTRAPP contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate variables upon submission to the search module. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 49544 - Disclosed: 2008-11-04

Description:

Way Of The Warrior contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to 'crea.php' not properly sanitizing user input supplied to the 'plancia' parameter. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.

[CLOSE] OSVDB ID : 49543 - Disclosed: 2008-11-04

Description:

Way Of The Warrior contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'visualizza.php' script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'plancia' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 7715 - Disclosed: 2001-04-09

Description:

(Description Provided by CVE) : Directory traversal vulnerability in talkback.cgi program allows remote attackers to read arbitrary files via a .. (dot dot) in the article parameter.

[CLOSE] OSVDB ID : 506 - Disclosed: 2001-02-12

Description:

(Description Provided by CVE) : Way-board CGI program allows remote attackers to read arbitrary files by specifying the filename in the db parameter and terminating the filename with a null byte.

[CLOSE] OSVDB ID : 51625 - Disclosed: 2009-01-26

Description:

Wazzum Dating Software contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the profile_view.php script not properly sanitizing user-supplied input to the userid parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 34954 - Disclosed: 2007-03-01

Description:

(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in Webmobo WB News 1.4.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the config[installdir] parameter to (1) comment.php, (2) themes.php, (3) directory.php, and (4) sendmsg.php in admin/.

[CLOSE] OSVDB ID : 34952 - Disclosed: 2007-03-01

Description:

(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in Webmobo WB News 1.4.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the config[installdir] parameter to (1) comment.php, (2) themes.php, (3) directory.php, and (4) sendmsg.php in admin/.

[CLOSE] OSVDB ID : 34951 - Disclosed: 2007-03-01

Description:

(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in Webmobo WB News 1.4.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the config[installdir] parameter to (1) comment.php, (2) themes.php, (3) directory.php, and (4) sendmsg.php in admin/.

[CLOSE] OSVDB ID : 34953 - Disclosed: 2007-03-01

Description:

(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in Webmobo WB News 1.4.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the config[installdir] parameter to (1) comment.php, (2) themes.php, (3) directory.php, and (4) sendmsg.php in admin/.

[CLOSE] OSVDB ID : 51583 - Disclosed: 2009-01-25

Description:

WB News contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'archive.php' script not properly sanitizing user input supplied to the 'config[installdir]' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

[CLOSE] OSVDB ID : 51588 - Disclosed: 2009-01-25

Description:

WB News contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'base/Archive.php' script not properly sanitizing user input supplied to the 'config[installdir]' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

[CLOSE] OSVDB ID : 51589 - Disclosed: 2009-01-25

Description:

WB News contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'base/Comments.php' script not properly sanitizing user input supplied to the 'config[installdir]' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

[CLOSE] OSVDB ID : 51586 - Disclosed: 2009-01-25

Description:

WB News contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'base/News.php' script not properly sanitizing user input supplied to the 'config[installdir]' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

[CLOSE] OSVDB ID : 51587 - Disclosed: 2009-01-25

Description:

WB News contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'base/SendFriend.php' script not properly sanitizing user input supplied to the 'config[installdir]' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.