[CLOSE] OSVDB ID : 37509 - Disclosed: 2006-12-31

Description:

(Description Provided by CVE) : Directory traversal vulnerability in includes/search/search_mdforum.php in MAXdev MDForum 2.0.1 and earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the PNSVlang cookie to error.php, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by error.php.

[CLOSE] OSVDB ID : 31025 - Disclosed: 2006-12-31

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 31026 - Disclosed: 2006-12-31

Description:

(Description Provided by CVE) : Multiple unspecified vulnerabilities in SPINE before 1.2 have unknown impact and attack vectors, related to (1) "Placeholders in database handler" and (2) "Macro admin security."

[CLOSE] OSVDB ID : 31027 - Disclosed: 2006-12-31

Description:

(Description Provided by CVE) : Multiple unspecified vulnerabilities in SPINE before 1.2 have unknown impact and attack vectors, related to (1) "Placeholders in database handler" and (2) "Macro admin security."

[CLOSE] OSVDB ID : 32551 - Disclosed: 2006-12-31

Description:

(Description Provided by CVE) : Miredo 0.9.8 through 1.0.5 does not properly authenticate a Teredo bubble during UDP hole punching with HMAC-MD5-64 hashing, which allows remote attackers to impersonate an arbitrary Teredo client.

[CLOSE] OSVDB ID : 32542 - Disclosed: 2006-12-31

Description:

(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in Vladimir Menshakov buratinable templator (aka bubla) 0.9.1 allow remote attackers to execute arbitrary PHP code via a URL in the bu_dir parameter to (1) bu/bu_claro.php, (2) bu/bu_cache.php, or (3) bu/bu_parse.php, different vectors and a different affected version than CVE-2006-6809.

[CLOSE] OSVDB ID : 32543 - Disclosed: 2006-12-31

Description:

(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in Vladimir Menshakov buratinable templator (aka bubla) 0.9.1 allow remote attackers to execute arbitrary PHP code via a URL in the bu_dir parameter to (1) bu/bu_claro.php, (2) bu/bu_cache.php, or (3) bu/bu_parse.php, different vectors and a different affected version than CVE-2006-6809.

[CLOSE] OSVDB ID : 32544 - Disclosed: 2006-12-31

Description:

(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in Vladimir Menshakov buratinable templator (aka bubla) 0.9.1 allow remote attackers to execute arbitrary PHP code via a URL in the bu_dir parameter to (1) bu/bu_claro.php, (2) bu/bu_cache.php, or (3) bu/bu_parse.php, different vectors and a different affected version than CVE-2006-6809.

[CLOSE] OSVDB ID : 33815 - Disclosed: 2006-12-31

Description:

(Description Provided by CVE) : Buffer overflow in the asmrp_eval function in the RealMedia RTSP stream handler (asmrp.c) for Real Media input plugin, as used in (1) xine/xine-lib, (2) MPlayer 1.0rc1 and earlier, and possibly others, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a rulebook with a large number of rulematches.

[CLOSE] OSVDB ID : 33362 - Disclosed: 2006-12-31

Description:

(Description Provided by CVE) : Buffer overflow in the Get_Wep function in cofvnet.c for ATMEL Linux PCI PCMCIA USB Drivers drivers 3.4.1.1 corruption allows attackers to execute arbitrary code via a long name argument.

[CLOSE] OSVDB ID : 33361 - Disclosed: 2006-12-31

Description:

(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in golden book allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

[CLOSE] OSVDB ID : 33358 - Disclosed: 2006-12-31

Description:

(Description Provided by CVE) : ** DISPUTED ** PHP remote file inclusion vulnerability in php4you.php in PHPIrc_bot 0.2 allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter. NOTE: this issue is disputed by CVE, since the dir variable is declared before being used.

[CLOSE] OSVDB ID : 33357 - Disclosed: 2006-12-31

Description:

(Description Provided by CVE) : Buffer overflow in the WZFILEVIEW.FileViewCtrl.61 ActiveX control (aka Sky Software "FileView" ActiveX control) for WinZip 10.0 Build 6667 allows remote attackers to execute arbitrary code via a long argument to the CreateNewFolderFromName method, a different vulnerability than CVE-2006-5198.

[CLOSE] OSVDB ID : 33351 - Disclosed: 2006-12-31

Description:

(Description Provided by CVE) : Stack-based buffer overflow in http.c in Karl Dahlke Edbrowse (aka Command line editor browser) 3.1.3 allows remote attackers to execute arbitrary code by operating an FTP server that sends directory listings with (1) long user names or (2) long group names.

[CLOSE] OSVDB ID : 33348 - Disclosed: 2006-12-31

Description:

(Description Provided by CVE) : Rediff Bol Downloader ActiveX (OCX) control allows remote attackers to execute arbitrary files, and obtain sensitive information (usernames and pathnames), via a URL in the url vbscript parameter.

[CLOSE] OSVDB ID : 37551 - Disclosed: 2006-12-30

Description:

(Description Provided by CVE) : Voodoo chat 1.0RC1b stores sensitive information under the web root with insufficient access control, which allows remote attackers to download passwords via a direct request for data/users.dat.

[CLOSE] OSVDB ID : 49493 - Disclosed: 2006-12-30

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 37552 - Disclosed: 2006-12-30

Description:

(Description Provided by CVE) : FreeStyle Wiki (fswiki) 3.6.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request for config/user.dat.

[CLOSE] OSVDB ID : 37556 - Disclosed: 2006-12-30

Description:

(Description Provided by CVE) : users_adm/start1.php in IMGallery 2.5 and earlier does not properly handle files with multiple extensions, which allows remote authenticated users to upload and execute arbitrary PHP scripts.

[CLOSE] OSVDB ID : 32549 - Disclosed: 2006-12-30

Description:

(Description Provided by CVE) : Buffer overflow in the sendToMythTV function in MythControlServer.c in MythControl 1.0 and earlier allows remote attackers to execute arbitrary code via a crafted sendStr string to the Bluetooth interface. NOTE: some of these details are obtained from third party information.

[CLOSE] OSVDB ID : 32548 - Disclosed: 2006-12-30

Description:

(Description Provided by CVE) : Multiple stack-based buffer overflows in the (1) LoadTree, (2) ReadHeader, and (3) LoadXBOXTree functions in the ISO (iso_wincmd) plugin 1.7.3.3 and earlier for Total Commander allow user-assisted remote attackers to execute arbitrary code via a long pathname in an ISO image.

[CLOSE] OSVDB ID : 33349 - Disclosed: 2006-12-30

Description:

(Description Provided by CVE) : ** DISPUTED ** PHP remote file inclusion vulnerability in the Enigma2 plugin (Enigma2.php) in Enigma WordPress Bridge allows remote attackers to execute arbitrary PHP code via a URL in the boarddir parameter. NOTE: CVE disputes this issue, since $boarddir is set to a fixed value.

[CLOSE] OSVDB ID : 31024 - Disclosed: 2006-12-30

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in Zen Cart Web Shopping Cart before 1.3.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

[CLOSE] OSVDB ID : 33017 - Disclosed: 2006-12-30

Description:

(Description Provided by CVE) : download.php in the MuddyDogPaws FileDownload snippet before 2.5 for MODx allows remote attackers to download arbitrary files, as demonstrated by downloading config.inc.php to obtain database credentials.

[CLOSE] OSVDB ID : 33350 - Disclosed: 2006-12-30

Description:

(Description Provided by CVE) : PHP remote file inclusion vulnerability in E2_header.inc.php in Enigma2 Coppermine Bridge 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the boarddir parameter.

[CLOSE] OSVDB ID : 33347 - Disclosed: 2006-12-30

Description:

(Description Provided by CVE) : Directory traversal vulnerability in SAFileUpSamples/util/viewsrc.asp in SoftArtisans FileUp (SAFileUp) 5.0.14 allows remote attackers to read arbitrary files via a %c0%ae. (Unicode dot dot) in the path parameter, which bypasses the checks for ".." sequences.

[CLOSE] OSVDB ID : 33442 - Disclosed: 2006-12-29

Description:

(Description Provided by CVE) : Buffer overflow in Durian Web Application Server 3.02 freeware on Windows allows remote attackers to execute arbitrary code via a long string in a crafted packet to TCP port 4002.

[CLOSE] OSVDB ID : 33382 - Disclosed: 2006-12-29

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 37510 - Disclosed: 2006-12-29

Description:

(Description Provided by CVE) : An ActiveX control in SwDir.dll in Macromedia Shockwave 10 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long string in the swURL attribute.

[CLOSE] OSVDB ID : 36648 - Disclosed: 2006-12-29

Description:

(Description Provided by CVE) : Flash8b.ocx in Macromedia Flash 8 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long string in the Flash8b.AllowScriptAccess method.

[CLOSE] OSVDB ID : 32507 - Disclosed: 2006-12-29

Description:

(Description Provided by CVE) : Eval injection vulnerability in tDiary 2.0.3 and 2.1.4.200 61127 allows remote authenticated users to execute arbitrary Ruby code via unspecified vectors, possibly related to incorrect input validation by (1) conf.rhtml and (2) i.conf.rhtml. NOTE: some of these details are obtained from third party information.

[CLOSE] OSVDB ID : 32540 - Disclosed: 2006-12-29

Description:

(Description Provided by CVE) : STphp EasyNews PRO 4.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain usernames, email addresses, and password hashes via a direct request for data/users.txt.

[CLOSE] OSVDB ID : 32596 - Disclosed: 2006-12-29

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 32597 - Disclosed: 2006-12-29

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 33352 - Disclosed: 2006-12-29

Description:

(Description Provided by CVE) : Multiple SQL injection vulnerabilities in Outfront Spooky Login 2.7 allow remote attackers to execute arbitrary SQL commands via (1) the UserUpdate parameter to login/register.asp or (2) unspecified parameters to includes/a_register.asp.

[CLOSE] OSVDB ID : 33353 - Disclosed: 2006-12-29

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in Outfront Spooky Login 2.7 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) login/login.asp or (2) login/register.asp.

[CLOSE] OSVDB ID : 33354 - Disclosed: 2006-12-29

Description:

(Description Provided by CVE) : Multiple SQL injection vulnerabilities in Outfront Spooky Login 2.7 allow remote attackers to execute arbitrary SQL commands via (1) the UserUpdate parameter to login/register.asp or (2) unspecified parameters to includes/a_register.asp.

[CLOSE] OSVDB ID : 33355 - Disclosed: 2006-12-29

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in Outfront Spooky Login 2.7 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) login/login.asp or (2) login/register.asp.

[CLOSE] OSVDB ID : 33345 - Disclosed: 2006-12-29

Description:

DoceboLMS contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'lang' parameter upon submission to the 'modules/credits/credits.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 33344 - Disclosed: 2006-12-29

Description:

(Description Provided by CVE) : SQL injection vulnerability in Journal.inc.php in Neocrome Land Down Under (LDU) 8.x and earlier allows remote attackers to execute arbitrary SQL commands via the w parameter to journal.php.