[CLOSE] OSVDB ID : 16555 - Disclosed: 2005-05-11

Description:

yappa-ng contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the index_overview.inc.php script not properly sanitizing user input supplied to the 'config' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.

[CLOSE] OSVDB ID : 16556 - Disclosed: 2005-05-11

Description:

yappa-ng contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the index_leftnavbar.inc.php script not properly sanitizing user input supplied to the 'config' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.

[CLOSE] OSVDB ID : 16557 - Disclosed: 2005-05-11

Description:

yappa-ng contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the index_image.inc.php script not properly sanitizing user input supplied to the 'config' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.

[CLOSE] OSVDB ID : 16558 - Disclosed: 2005-05-11

Description:

yappa-ng contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the image-gd.class.php script not properly sanitizing user input supplied to the 'config' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.

[CLOSE] OSVDB ID : 16559 - Disclosed: 2005-05-11

Description:

yappa-ng contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the image.class.php script not properly sanitizing user input supplied to the 'config' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.

[CLOSE] OSVDB ID : 16560 - Disclosed: 2005-05-11

Description:

yappa-ng contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the album.class.php script not properly sanitizing user input supplied to the 'config' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.

[CLOSE] OSVDB ID : 16561 - Disclosed: 2005-05-11

Description:

yappa-ng contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the show_random.inc.php script not properly sanitizing user input supplied to the 'config' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.

[CLOSE] OSVDB ID : 16562 - Disclosed: 2005-05-11

Description:

yappa-ng contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the main.inc.php script not properly sanitizing user input supplied to the 'config' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.

[CLOSE] OSVDB ID : 16563 - Disclosed: 2005-05-11

Description:

yappa-ng contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the index_passwd-admin.inc.php script not properly sanitizing user input supplied to the 'config' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.

[CLOSE] OSVDB ID : 16297 - Disclosed: 2005-05-05

Description:

Invision Power Board contains a flaw that may allow a remote attacker to inject arbitrary SQL queries. This flaw exists because the 'login.php' script does not validate user-supplied input in certain login methods and may allow a remote attacker to inject or manipulate SQL queries.

[CLOSE] OSVDB ID : 16298 - Disclosed: 2005-05-05

Description:

Invision Power Board contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'highlite' variable upon submission to the 'topics.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 16270 - Disclosed: 2005-05-02

Description:

osTicket contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 't' variable upon submission to the view.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 16271 - Disclosed: 2005-05-02

Description:

osTicket contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'osticket_title' variable upon submission to the header.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 16272 - Disclosed: 2005-05-02

Description:

osTicket contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'em' variable upon submission to the admin_login.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 16273 - Disclosed: 2005-05-02

Description:

osTicket contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'e' variable upon submission to the user_login.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 16274 - Disclosed: 2005-05-02

Description:

osTicket contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'err' variable upon submission to the open_submit.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 16275 - Disclosed: 2005-05-02

Description:

osTicket contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'Name' or 'Subject' fields upon submission to the add ticket routine. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 16276 - Disclosed: 2005-05-02

Description:

osTicket contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the 'id' variable in the admin.php script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.

[CLOSE] OSVDB ID : 16277 - Disclosed: 2005-05-02

Description:

osTicket contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the 'cat' variable in the view.php script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.

[CLOSE] OSVDB ID : 16278 - Disclosed: 2005-05-02

Description:

osTicket contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the main.php script not properly sanitizing user input supplied to the 'include_dir' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.

[CLOSE] OSVDB ID : 16279 - Disclosed: 2005-05-02

Description:

osTicket contains a flaw that allows a remote attacker to view arbitrary files outside of the web path. The issue is due to the attachments.php script not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the 'file' variable.

[CLOSE] OSVDB ID : 16262 - Disclosed: 2005-05-02

Description:

SitePanel2 contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'v', 'show' or 'sec_name' variables upon submission to the main.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 16263 - Disclosed: 2005-05-02

Description:

SitePanel2 contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'inadmin', 'newsev' or 'postid' variables upon submission to the 5.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 16264 - Disclosed: 2005-05-02

Description:

SitePanel2 contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'id' variable upon submission to the 0.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 16265 - Disclosed: 2005-05-02

Description:

SitePanel2 contains a flaw that may allow a remote attacker to delete arbitrary files. The issue is due to the 5.php script not properly sanitizing input passed to the 'id' variable. By specifying arbitrary files to this script, the system will delete the file without proper authentication. Even if the server runs as user 'nobody', this can be used to delete arbitrary attachments.

[CLOSE] OSVDB ID : 16266 - Disclosed: 2005-05-02

Description:

SitePanel2 contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to index.php not properly sanitizing user input supplied to the 'lang' variable. This may allow an attacker to include a file from the local host that contains arbitrary commands which will be executed by the vulnerable script. An attacker could also specify an arbitrary file on the local host which would be disclosed in full.

[CLOSE] OSVDB ID : 16267 - Disclosed: 2005-05-02

Description:

SitePanel2 contains a flaw that may allow an attacker to execute arbitrary files. The issue is due to the system allowing users to upload any file as an attachment to a trouble ticket. Once uploaded, the file can be executed with the same privileges as the web server.

[CLOSE] OSVDB ID : 16268 - Disclosed: 2005-05-02

Description:

SitePanel2 contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to main.php not properly sanitizing user input supplied to the 'p' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.

[CLOSE] OSVDB ID : 15899 - Disclosed: 2005-04-27

Description:

phpBB contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the 'p' variable in the posting_notes.php script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.

[CLOSE] OSVDB ID : 15700 - Disclosed: 2005-04-19

Description:

AZ Bulletin Board contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to main_index.php not properly sanitizing user input supplied to the dir_src and abs_layer parameters. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.

[CLOSE] OSVDB ID : 15701 - Disclosed: 2005-04-19

Description:

AZ Bulletin Board contains a flaw that may allow a malicious admin to delete arbitrary files. The issue is triggered when an input validation error occurs in admin_avatar.php. It is possible that the flaw may allow arbitrary file deletion resulting in a loss of availability.

[CLOSE] OSVDB ID : 15702 - Disclosed: 2005-04-19

Description:

AZ Bulletin Board contains a flaw that may allow a malicious admin to delete arbitrary files. The issue is triggered when an input validation error occurs in admin_attachment.php. It is possible that the flaw may allow arbitrary file deletion resulting in a loss of availability.

[CLOSE] OSVDB ID : 15703 - Disclosed: 2005-04-19

Description:

AZ Bulletin Board contains a flaw related to the input validation errors in "admin_avatar.php" and "admin_attachment.php" that may allow an attacker to exploited to delete arbitrary files.Input passed to the "dir_src" and "abs_layer" parameters in "main_index.php" isn't properly verified, before it is used to include files. This may be exploited to include arbitrary files from external and local resources.An input validation error in "attachment.php" can be exploited to enumerate local files via the "attachment" parameter.

[CLOSE] OSVDB ID : 15649 - Disclosed: 2005-04-15

Description:

eGroupWare contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'ab_id', 'page', 'lang' or 'type' parameters upon submission to the index.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 15750 - Disclosed: 2005-04-15

Description:

eGroupWare contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'page' or 'lang' variables upon submission to the wiki/index.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 15751 - Disclosed: 2005-04-15

Description:

eGropuWare contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the category_id variable upon submission to the sitemgr-site/index.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 15752 - Disclosed: 2005-04-15

Description:

eGroupWare contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the 'filter' variable in the tts/index.php script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.

[CLOSE] OSVDB ID : 15753 - Disclosed: 2005-04-15

Description:

eGroupWare contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the 'cats_app' variable in the index.php script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.

[CLOSE] OSVDB ID : 15426 - Disclosed: 2005-04-10

Description:

ModernBill contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'c_code' or 'aid' variables upon submission to the orderwiz.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 15427 - Disclosed: 2005-04-10

Description:

ModernBill contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to news.php not properly sanitizing user input supplied to the 'DIR' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.