| OSVDB ID | Disclosure Date | Title |
|---|
|
16944
Description:
X-Cart Gold contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the 'cat' and 'printable' variables in the home.php script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.
|
2005-05-30
|
X-Cart Gold home.php Multiple Parameter SQL Injection
|
|
16945
Description:
X-Cart Gold contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the 'productid' and 'mode' variables in the product.php script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.
|
2005-05-30
|
X-Cart Gold product.php Multiple Parameter SQL Injection
|
|
16946
Description:
X-Cart Gold contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the 'id' variable in the error_message.php script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.
|
2005-05-30
|
X-Cart Gold error_message.php id Parameter SQL Injection
|
|
16947
Description:
X-Cart Gold contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the 'section' variable in the help.php script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.
|
2005-05-30
|
X-Cart Gold help.php section Parameter SQL Injection
|
|
16948
Description:
X-Cart Gold contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the 'mode' variable in the orders.php script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.
|
2005-05-30
|
X-Cart Gold orders.php mode Parameter SQL Injection
|
|
16949
Description:
X-Cart Gold contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the 'mode' variable in the register.php script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.
|
2005-05-30
|
X-Cart Gold register.php mode Parameter SQL Injection
|
|
16950
Description:
X-Cart Gold contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the 'mode' variable in the search.php script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.
|
2005-05-30
|
X-Cart Gold search.php mode Parameter SQL Injection
|
|
16951
Description:
X-Cart Gold contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the 'gcid' and 'gcindex' variables in the giftcert.php script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.
|
2005-05-30
|
X-Cart Gold giftcert.php Multiple Parameter SQL Injection
|
|
16976
Description:
Unknown / Incomplete
|
2005-05-30
|
ezUserManager Unspecified SQL Injection
|
|
16934
Description:
MyBulletinBoard (MyBB) contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'website' field upon submission to the User Profile script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2005-05-30
|
MyBulletinBoard (MyBB) usercp.php User Profile website Field XSS
|
|
16935
Description:
(Description Provided by CVE) : The Data function in class.smtp.php in PHPMailer 1.7.2 and earlier allows remote attackers to cause a denial of service (infinite loop leading to memory and CPU consumption) via a long header field.
|
2005-05-30
|
PHPMailer Header Processing Data() Function DoS
|
|
16952
Description:
PowerDownload contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to downloads.php not properly sanitizing user input supplied to the incdir variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.
|
2005-05-30
|
PowerDownload downloads.php incdir Parameter Remote File Inclusion
|
|
91635
Description:
Libxslt contains a flaw in libxslt/extensions.c related to handling of xmlHashTable structures that is triggered when a stylesheet is concurrently loaded by multiple threads. This allows an attacker to crash an application linked against the library or potentially execute arbitrary code.
|
2005-05-30
|
Libxslt libxslt/extensions.c Concurrent XSLT Stylesheet Loading Missing Thread Safety Arbitrary Code Execution
|
|
17128
Description:
(Description Provided by CVE) : Directory traversal vulnerability in ServersCheck Monitoring Software 5.9.0 to 5.10.0 allows remote attackers to read arbitrary files via .. (dot dot) sequences in an HTTP request.
|
2005-05-29
|
ServersCheck Traversal Arbitrary File Access
|
|
17127
Description:
(Description Provided by CVE) : SQL injection vulnerability in SignIn.asp in India Software Solution shopping cart allows remote attackers to execute arbitrary SQL commands via the password.
|
2005-05-29
|
India Software Solution Shopping Cart signin.asp Password Field SQL Injection
|
|
17223
Description:
(Description Provided by CVE) : xmysqladmin 1.0 and earlier allows local users to delete arbitrary files via a symlink attack on a database backup file in /tmp.
|
2005-05-29
|
xMySQLadmin Symlink Arbitrary File Deletion
|
|
16909
Description:
JAWS Glossary Gadget contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'term' parameter upon submission to the 'index.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2005-05-29
|
JAWS Glossary Gadget index.php term Parameter XSS
|
|
16917
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in NikoSoft WebMail before 0.11.0 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
|
2005-05-29
|
NikoSoft WebMail Unspecified XSS
|
|
16960
Description:
(Description Provided by CVE) : Format string vulnerability in the curses_msg function in the Ncurses interface (ec_curses.c) for Ettercap before 0.7.3 allows remote attackers to execute arbitrary code.
|
2005-05-29
|
ettercap curses_msg() Format String
|
|
16907
Description:
(Description Provided by CVE) : The DbgMsg.sys driver in Compuware SoftICE DriverStudio 3.1 and 3.2 allows remote attackers to cause a denial of service (application crash) via an invalid Debug Message pointer.
|
2005-05-29
|
SoftICE DbgMsg.sys Driver Malformed Debug Message DoS
|
|
16970
Description:
Unknown / Incomplete
|
2005-05-29
|
Quick Cart Search Field Arbitrary Script Injection
|
|
21278
Description:
(Description Provided by CVE) : Linux kernel before 2.6.12 allows remote attackers to poison the bridge forwarding table using frames that have already been dropped by filtering, which can cause the bridge to forward spoofed packets.
|
2005-05-29
|
Linux Kernel Bridge Forwarding Table Poisoning
|
|
58830
Description:
The Includer contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the 'index.php' script not properly sanitizing user input supplied to the 'page' parameter. This may allow an attacker to include a file from an arbitrary remote host that contains commands which will be executed by the vulnerable script with the same privileges as the web server.
|
2005-05-29
|
The Includer index.php page Parameter Remote File Inclusion
|
|
63455
Description:
(Description Provided by CVE) : The match_component function in smtp-tls.c in libESMTP 1.0.3.r1, and possibly other versions including 1.0.4, treats two strings as equal if one is a substring of the other, which allows remote attackers to spoof trusted certificates via a crafted subjectAltName.
|
2005-05-29
|
libESMTP smtp-tls.c match_component Function Crafted subjectAltName Certificate Spoofing Weakness
|
|
16912
Description:
os4e contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the "Password" variable in the "login.asp" script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.
|
2005-05-28
|
os4e login.asp Password Field SQL Injection
|
|
20495
Description:
(Description Provided by CVE) : Invision Power Board (IPB) 1.0 through 1.3 allows remote attackers to edit arbitrary forum posts via a direct request to index.php with modified parameters.
|
2005-05-28
|
Invision Power Board index.php Arbitrary Post Modification
|
|
16991
Description:
Unknown / Incomplete
|
2005-05-28
|
Cygwin Bash Local Overflow
|
|
16910
Description:
A remote overflow exists in PicoWebServer. The application fails to perform proper bounds checking resulting in a buffer overflow. With an overly long HTTP GET request, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.
|
2005-05-28
|
PicoWebServer Unicode HTTP Request Remote Overflow
|
|
16911
Description:
(Description Provided by CVE) : Invision Power Board (IPB) 1.0 through 2.0.4 allows non-root admins to add themselves or other users to the root admin group via the "Move users in this group to" screen.
|
2005-05-28
|
Invision Power Board Group Delete Privilege Escalation
|
|
16916
Description:
Unknown / Incomplete
|
2005-05-28
|
Fast n Furious DtDNS Updater Command Line Argument Disclosure
|
|
17131
Description:
Microsoft Windows Remote Desktop Protocol contains a flaw that may lead to an unauthorized information disclosure. The issue is due to a private key used to sign the Terminal Server public key being hardcoded in a program library (mstlsapi.dll). This may allow an attacker to disclose the key and calculate a valid signature to carry out a man in the middle (MITM) attack.
|
2005-05-28
|
Microsoft Windows Remote Desktop Protocol (RDP) Private Key Disclosure
|
|
17968
Description:
A code execution flaw exists in multiple Mozilla-based web browsers. The InstallVersion.compare() method fails to validate input. With a specially crafted website, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.
|
2005-05-28
|
Mozilla Multiple Browsers InstallVersion.compareTo() Access Violation
|
|
16906
Description:
(Description Provided by CVE) : Format string vulnerability in PeerCast 0.1211 and earlier allows remote attackers to execute arbitrary code via format strings in the URL.
|
2005-05-28
|
PeerCast URL Error Message Format String
|
|
16919
Description:
NPDS contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'language' variables upon submission to the 'admin.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2005-05-28
|
NPDS admin.php language Parameter XSS
|
|
16920
Description:
NPDS contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'language' variable upon submission to the 'powerpack_f.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2005-05-28
|
NPDS powerpack_f.php language Parameter XSS
|
|
16921
Description:
NPDS contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'sitename' variable upon submission to the 'sdv_infos.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2005-05-28
|
NPDS sdv_infos.php sitename Parameter XSS
|
|
16922
Description:
NPDS contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'lettre' variable upon submission to the 'modules.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2005-05-28
|
NPDS Modules.php Lettre Parameter XSS
|
|
16923
Description:
NPDS contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'title' variable upon submission to the 'reviews.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2005-05-28
|
NPDS reviews.php title Parameter XSS
|
|
16924
Description:
NPDS contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'image_subject' variable upon submission to the reply.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2005-05-28
|
NPDS reply.php image_subject Parameter XSS
|
|
16925
Description:
NPDS contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the "terme" variable in the "modules.php" script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.
|
2005-05-28
|
NPDS Glossaire Module terme Parameter SQL Injection
|
