| OSVDB ID | Disclosure Date | Title |
|
22916
Description:
(Description Provided by CVE) : Adobe Macromedia MX 2004 products, Captivate, Contribute 2, Contribute 3, and eLicensing client install the Macromedia Licensing Service with the Users group permitted to configure the service, including the path to executable, which allows local users to execute arbitrary code as Local System.
|
2006-01-31
|
Macromedia Multiple Products Licensing Service Path Subversion Local Privilege Escalation
|
|
22818
Description:
phpBB Rlink Module contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'url' variables upon submission to the 'rlink.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2006-01-31
|
phpBB Rlink Module rlink.php url Parameter XSS
|
|
22814
Description:
(Description Provided by CVE) : Mail::Audit module in libmail-audit-perl 2.1-5, when logging is enabled without a default log file specified, uses predictable log filenames, which allows local users to overwrite arbitrary files via a symlink attack on the [PID]-audit.log temporary file.
|
2006-01-31
|
Mail::Audit Log File Symlink Arbitrary File Overwrite
|
|
22844
Description:
SPIP contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the administrative area not properly sanitizing user-supplied input to unspecified variable(s). This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2006-01-31
|
SPIP Administrative Area Multiple Unspecified SQL Injection
|
|
22845
Description:
SPIP contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to forum.php3 not properly sanitizing user input supplied to the 'id_article' and 'id_forum' variables. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.
|
2006-01-31
|
SPIP forum.php3 Multiple Parameter SQL Injection
|
|
22846
Description:
(Description Provided by CVE) : SPIP 1.8.2-e and earlier and 1.9 Alpha 2 (5539) and earlier allows remote attackers to obtain sensitive information via a direct request to inc-messforum.php3, which reveals the path in an error message.
|
2006-01-31
|
SPIP inc-messforum.php3 Direct Access Path Disclosure
|
|
22847
Description:
Unknown / Incomplete
|
2006-01-31
|
SPIP IMG Directory Permission Weakness Privilege Escalation
|
|
22848
Description:
SPIP contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the session handling not properly sanitizing user-supplied input to unspecified variable(s) during petition posting. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2006-01-31
|
SPIP Session Handling Petition Posting Multiple Unspecified SQL Injection
|
|
22849
Description:
SPIP contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'lang' variable upon submission to the 'index.php3' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2006-01-31
|
SPIP index.php3 lang Parameter XSS
|
|
22850
Description:
(Description Provided by CVE) : Heap-based buffer overflow in the alpha strip capability in libpng 1.2.7 allows context-dependent attackers to cause a denial of service (crash) when the png_do_strip_filler function is used to strip alpha channels out of the image.
|
2006-01-31
|
libpng PNG Processing png_set_strip_alpha() Function Overflow
|
|
23291
Description:
Unknown / Incomplete
|
2006-01-31
|
RW: Download index.php Multiple Parameter SQL Injection
|
|
23292
Description:
Unknown / Incomplete
|
2006-01-31
|
RW: Download index.php ACT Variable Path Disclosure
|
|
23290
Description:
Unknown / Incomplete
|
2006-01-31
|
CuteSystem Comment Body img BBCode Tag XSS
|
|
23230
Description:
Unknown / Incomplete
|
2006-01-31
|
CommuniGate Pro Server Unspecified SIP Processing DoS
|
|
22878
Description:
FarsiNews contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to loginout.php not properly sanitizing user input supplied to the 'cutepath' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.
|
2006-01-31
|
FarsiNews loginout.php cutepath Parameter Remote File Inclusion
|
|
22832
Description:
(Description Provided by CVE) : Unspecified vulnerability in the kernel processing in Solaris 10 64 bit platform, when running in 64-bit mode, allows local users to cause a denial of service (system panic) via unknown attack vectors.
|
2006-01-31
|
Solaris x64 Kernel Processing setcontext() Local DoS
|
|
25672
Description:
(Description Provided by CVE) : SQL injection vulnerability in index.php in MyBB (MyBulletinBoard) before 1.04 allows remote attackers to execute arbitrary SQL commands via the referrer parameter.
|
2006-01-31
|
MyBulletinBoard (MyBB) index.php referrer Parameter SQL Injection
|
|
22918
Description:
Unknown / Incomplete
|
2006-01-31
|
ComputeMode Multiple Unspecified Issues
|
|
23069
Description:
(Description Provided by CVE) : MyCO Guestbook 1.0 stores the admin directory under the web document root with insufficient access control, which allows remote attackers to perform unspecified privileged actions by directly accessing files via a URL.
|
2006-01-31
|
MyCO Guestbook /admin Directory Unauthenticated Access
|
|
23070
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in MyCO Guestbook 1.0 allows remote attackers to inject arbitrary web script or HTML via the Name field, when registering a user.
|
2006-01-31
|
MyCO Guestbook New User Registration Name Field XSS
|
|
23250
Description:
The MSAnalysis module for CPG Dragonfly CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.php script not properly sanitizing user-supplied input to the 'profile' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database. Additionally, if a failed SQL query is made, the program will disclose the full installation path. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.
|
2006-01-31
|
CPG Dragonfly CMS MSAnalysis Module index.php profile Parameter SQL Injection
|
|
28628
Description:
Unknown / Incomplete
|
2006-01-30
|
IBM Director Blade/Server Processor Crafted IP Connection Flood DoS
|
|
28629
Description:
Unknown / Incomplete
|
2006-01-30
|
IBM Director Malformed Packet Pegasus Provider Adapter DoS
|
|
28630
Description:
Unknown / Incomplete
|
2006-01-30
|
IBM Director Malformed SNMP Trap DoS
|
|
24320
Description:
(Description Provided by CVE) : Directory traversal vulnerability in Files Xaraya module before 0.5.1, when the Archive Directory field on the Modify Config page is blank, allows remote attackers to access files outside of the web root via ".." (dot dot) sequences.
|
2006-01-30
|
Xaraya Files Module Modify Config Page Traversal Arbitrary File Access
|
|
22789
Description:
A remote overflow exists in WinAmp. WinAmp fails to perform correct boundary checks on playlists resulting in a buffer overflow. With a specially crafted playlist, an attacker can execute arbitrary code resulting in a loss of integrity.
|
2006-01-30
|
Winamp Playlist Processing File Tag Overflow
|
|
22934
Description:
ashNews contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'id' variable upon submission to the 'ashnews.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2006-01-30
|
ashNews ashnews.php id Parameter XSS
|
|
22923
Description:
(Description Provided by CVE) : The cairo library (libcairo), as used in GNOME Evolution and possibly other products, allows remote attackers to cause a denial of service (persistent client crash) via an attached text file that contains "Content-Disposition: inline" in the header, and a very long line in the body, which causes the client to repeatedly crash until the e-mail message is manually removed, possibly due to a buffer overflow, as demonstrated using an XML attachment.
|
2006-01-30
|
GNOME Evolution Mail Client Inline Text File Content-Disposition DoS
|
|
22793
Description:
HTMLArea contains a flaw that may allow a malicious user to execute arbitrary commands. The '/admin/htmlarea/popups/file/files.php' script is accessible without authentication, allowing a remote attacker to use this script to upload malicious PHP files and execute arbitrary code on the system.
|
2006-01-30
|
HTMLArea files.php Unauthenticated Arbitrary File Upload
|
|
22843
Description:
Cerberus Helpdesk contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'contact_search' variable upon submission to the 'clients.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2006-01-30
|
Cerberus Helpdesk clients.php contact_search Parameter XSS
|
|
22805
Description:
Nuked-klaN contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'letter' variable upon submission to the Members module (via index.php). This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2006-01-30
|
Nuked-KlaN Members Module letter Parameter XSS
|
|
23876
Description:
Unknown / Incomplete
|
2006-01-30
|
Invision Power Board Unspecified XSS
|
|
22879
Description:
Daffodil CRM contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the userlogin.jsp script not properly sanitizing user-supplied input to the 'userLoginBox' and 'passwordBox' variables. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2006-01-30
|
Daffodil CRM userlogin.jsp Multiple Field SQL Injection
|
|
24060
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in webcheck before 1.9.6 allows remote attackers to inject arbitrary web script or HTML via the (1) url, (2) title, or (3) author name in a crawled page, which is not properly sanitized in the tooltips of a report.
|
2006-01-30
|
webcheck Generated Report Tooltip XSS
|
|
23000
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in MG2 (formerly known as Minigal) 0.5.1 allows remote attackers to inject arbitrary web script or HTML via the Name field in a comment associated with a picture.
|
2006-01-30
|
MiniGal v2 (MG2) Picture Comment Name Field XSS
|
|
23004
Description:
(Description Provided by CVE) : Directory traversal vulnerability in MyBB (aka MyBulletinBoard) 1.02 allows local users with MyBB administrative privileges to include and possibly execute arbitrary local files via directory traversal sequences and a nul (%00) character in the plugin parameter.
|
2006-01-30
|
MyBulletinBoard (MyBB) plugins.php Traversal Local File Inclusion
|
|
22809
Description:
SZUserMgnt contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the SZUserMgnt.class.php script not properly sanitizing user-supplied input to the 'username' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2006-01-30
|
SZUserMgnt SZUserMgnt.class.php username Parameter SQL Injection
|
|
22841
Description:
BrowserCRM contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'query' variable upon submission to the 'results.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2006-01-30
|
BrowserCRM Search Module results.php query Parameter XSS
|
|
27977
Description:
(Description Provided by CVE) : Easy CMS stores the images directory under the web document root with insufficient access control and browsing enabled, which allows remote attackers to list and possibly read images that are stored in that directory.
|
2006-01-29
|
Easy CMS Directory Permission Weakness Image Access
|
|
22806
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in the Articles module in sPaiz-Nuke allows remote attackers to inject arbitrary web script or HTML via the query parameter in the search file.
|
2006-01-29
|
sPaiz-Nuke Articles Module query Parameter XSS
|