[CLOSE] OSVDB ID : 30400 - Disclosed: 2006-03-31

Description:

(Description Provided by CVE) : Unspecified vulnerability in index.php in Warcraft III Replay Parser for PHP 1.8c allows remote attackers to inject arbitrary web script or HTML via the page parameter, possibly related to fopen function calls or file uploads. NOTE: post-disclosure analysis by CVE suggests that the "page" parameter is not used in this product, and "id" might be the affected parameter.

[CLOSE] OSVDB ID : 30399 - Disclosed: 2006-03-31

Description:

(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in index.php in Warcraft III Replay Parser for PHP 1.8c allows remote attackers to inject arbitrary web script or HTML via the page parameter. NOTE: post-disclosure analysis by CVE suggests that the "page" parameter is not used in this product, and "id" might be the affected parameter.

[CLOSE] OSVDB ID : 24802 - Disclosed: 2006-03-31

Description:

Microsoft Window's winhlp32.exe contains a flaw that allows an attacker to embed an image within a .html file in order to trigger a buffer overflow. The overflow triggered by an embedded image in a winhlp32.exe .html file allows the malicious scripting contained within the image to execute. This can lead to privilege escalation, according to the author of the vulnerability.

[CLOSE] OSVDB ID : 24353 - Disclosed: 2006-03-31

Description:

(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in profile.php in phpBB 2.0.19 allows remote attackers to inject arbitrary web script or HTML via the cur_password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

[CLOSE] OSVDB ID : 24354 - Disclosed: 2006-03-31

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in phpBB 2.0.19 allow remote attackers to inject arbitrary web script or HTML via the (1) Site Description field in (a) admin_board.php, the (2) Group name and (3) Group description fields in (b) admin_groups.php and (c) groupcp.php, the (4) Theme Name field in (d) admin_styles.php, and the (5) Rank Title field in (e) admin_ranks.php. NOTE: the profile.php/Current password vector is already covered by CVE-2006-1603.

[CLOSE] OSVDB ID : 24355 - Disclosed: 2006-03-31

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in phpBB 2.0.19 allow remote attackers to inject arbitrary web script or HTML via the (1) Site Description field in (a) admin_board.php, the (2) Group name and (3) Group description fields in (b) admin_groups.php and (c) groupcp.php, the (4) Theme Name field in (d) admin_styles.php, and the (5) Rank Title field in (e) admin_ranks.php. NOTE: the profile.php/Current password vector is already covered by CVE-2006-1603.

[CLOSE] OSVDB ID : 24356 - Disclosed: 2006-03-31

Description:

phpBB contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'Theme Name' field upon submission to the admin_styles.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 24357 - Disclosed: 2006-03-31

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in phpBB 2.0.19 allow remote attackers to inject arbitrary web script or HTML via the (1) Site Description field in (a) admin_board.php, the (2) Group name and (3) Group description fields in (b) admin_groups.php and (c) groupcp.php, the (4) Theme Name field in (d) admin_styles.php, and the (5) Rank Title field in (e) admin_ranks.php. NOTE: the profile.php/Current password vector is already covered by CVE-2006-1603.

[CLOSE] OSVDB ID : 25080 - Disclosed: 2006-03-31

Description:

(Description Provided by CVE) : The "Add Sender to Address Book" operation (AddSenderToAddressBook.lss) and NameHelper.lss in IBM Lotus Notes 6.0 and 6.5 before 20060331 do not properly store information in the Personal Address Book when multiple messages are checked and a message uses AltFrom, which might allow user-assisted remote attackers to trick a user into sending e-mail to an unauthorized recipient.

[CLOSE] OSVDB ID : 24368 - Disclosed: 2006-03-31

Description:

Softbiz Image Gallery contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the image_desc.php script not properly sanitizing user-supplied input to the 'id' or 'msg' variables. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 24369 - Disclosed: 2006-03-31

Description:

Softbiz Image Gallery contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the template.php script not properly sanitizing user-supplied input to the 'provided' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 24370 - Disclosed: 2006-03-31

Description:

Softbiz Image Gallery contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the suggest_image.php script not properly sanitizing user-supplied input to the 'cid' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 24371 - Disclosed: 2006-03-31

Description:

Softbiz Image Gallery contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the insert_rating.php script not properly sanitizing user-supplied input to the 'img_id' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 24372 - Disclosed: 2006-03-31

Description:

Softbiz Image Gallery contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the images.php script not properly sanitizing user-supplied input to the 'cid' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 24488 - Disclosed: 2006-03-31

Description:

(Description Provided by CVE) : SQL injection vulnerability in topics.php in Dynamic Bulletin Board System (DbbS) 2.0-alpha and earlier allows remote attackers to execute arbitrary SQL commands via the limite parameter.

[CLOSE] OSVDB ID : 24309 - Disclosed: 2006-03-31

Description:

XFIT/S contains a flaw that may allow a remote denial of service. The issue is triggered when unspecified "unexpected" data is received by the server, and will result in loss of availability for the service.

[CLOSE] OSVDB ID : 24324 - Disclosed: 2006-03-31

Description:

(Description Provided by CVE) : Buffer overflow in the is_client_wad_ok function in w_wad.cpp for (1) Zdaemon 1.08.01 and (2) X-Doom allows remote attackers to execute arbitrary code via a long filename argument.

[CLOSE] OSVDB ID : 24325 - Disclosed: 2006-03-31

Description:

(Description Provided by CVE) : The (1) ZD_MissingPlayer, (2) ZD_UseItem, and (3) ZD_LoadNewClientLevel functions in sv_main.cpp for (a) Zdaemon 1.08.01 and (b) X-Doom allows remote attackers to cause a denial of service (crash) via an invalid player slot or item number, which causes an invalid memory access, possibly due to an invalid array index.

[CLOSE] OSVDB ID : 24594 - Disclosed: 2006-03-31

Description:

(Description Provided by CVE) : IBM WebSphere Application Server 4.0.1 through 4.0.3 allows remote attackers to cause a denial of service (application crash) via an HTTP request with a large header.

[CLOSE] OSVDB ID : 24295 - Disclosed: 2006-03-31

Description:

Groupmax World Wide Web contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate unknown or unspecified variables upon submission to the input form. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 24292 - Disclosed: 2006-03-31

Description:

Mantis contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'start_day', 'start_year', and 'start_month' variables upon submission to the view_all_set.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 24289 - Disclosed: 2006-03-31

Description:

SiteSearch Indexer contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'searchField' variable upon submission to the searchresults.asp script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 24607 - Disclosed: 2006-03-31

Description:

(Description Provided by CVE) : Multiple SQL injection vulnerabilities in Keystone Digital Library Suite (DLS) 1.5.4 and earlier allow remote attackers to execute arbitrary SQL commands via the subject_type_id parameter in (1) the index page and (2) the search module.

[CLOSE] OSVDB ID : 88808 - Disclosed: 2006-03-31

Description:

By default, various Kentrox Q series routers install with default user credentials (username/password combination). The 'admin' account has a blank password, which is publicly known and documented. This allows remote attackers to trivially access the router GUI and gain privileged access.

[CLOSE] OSVDB ID : 91090 - Disclosed: 2006-03-31

Description:

IBM WebSphere Application Server (WAS) contains a flaw that is due to the program insecurely setting mode 777 permissions on the componentmap.gskit.xml file. This may allow a local attacker to inject arbitrary XML content in to the file.

[CLOSE] OSVDB ID : 24360 - Disclosed: 2006-03-30

Description:

(Description Provided by CVE) : Multiple SQL injection vulnerabilities in MonAlbum 0.8.7 allow remote attackers to execute arbitrary SQL commands via (1) the pc parameter in (a) index.php and (2) pnom, (3) pcourriel, and (4) pcommentaire parameters in (b) image_agrandir.php.

[CLOSE] OSVDB ID : 24361 - Disclosed: 2006-03-30

Description:

(Description Provided by CVE) : Multiple SQL injection vulnerabilities in MonAlbum 0.8.7 allow remote attackers to execute arbitrary SQL commands via (1) the pc parameter in (a) index.php and (2) pnom, (3) pcourriel, and (4) pcommentaire parameters in (b) image_agrandir.php.

[CLOSE] OSVDB ID : 26513 - Disclosed: 2006-03-30

Description:

Horde contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'url' variable upon submission to the test.php script when the 'mode' variable is set to the value 'phpinfo' or 'filetest'. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 26514 - Disclosed: 2006-03-30

Description:

Horde contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'name', 'email', 'subject', and 'message' variables upon submission to the templates/problem/problem.inc script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 24301 - Disclosed: 2006-03-30

Description:

qliteNews contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the loginprocess.php script not properly sanitizing user-supplied input to the 'username' or 'password' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 24284 - Disclosed: 2006-03-30

Description:

Claroline contains a flaw that allows a remote attacker to view arbitrary files outside of the web path. The issue is due to the 'rqmkhtml.php' script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'file' variable.

[CLOSE] OSVDB ID : 24285 - Disclosed: 2006-03-30

Description:

Claroline contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'file' variable upon submission to the rqmkhtml.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity. Additionally, this can be used to disclose the software installation path. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.

[CLOSE] OSVDB ID : 24286 - Disclosed: 2006-03-30

Description:

Claroline contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to scormExport.inc.php not properly sanitizing user input supplied to the 'includePath' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.

[CLOSE] OSVDB ID : 24304 - Disclosed: 2006-03-30

Description:

v-creator contains a flaw that may allow a malicious user to execute arbitrary shell commands. The issue is triggered due to an input validation error in the 'enrypt()' and 'decrypt()' functions in VCEngine.php. It is possible that the flaw may allow arbitrary command execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 24300 - Disclosed: 2006-03-30

Description:

Esqlanelapse contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate unknown or unspecified variables upon submission to an unknown or unspecified script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 24296 - Disclosed: 2006-03-30

Description:

RedCMS contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'email', 'location', or 'website' fields upon submission to the register.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 24297 - Disclosed: 2006-03-30

Description:

RedCMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the login.php script not properly sanitizing user-supplied input to the 'username' and 'password' variables. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 24298 - Disclosed: 2006-03-30

Description:

RedCMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the profile.php script not properly sanitizing user-supplied input to the 'u' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 24299 - Disclosed: 2006-03-30

Description:

RedCMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the register.php script not properly sanitizing user-supplied input to unspecirfied variables. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 24287 - Disclosed: 2006-03-30

Description:

Oxygen contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the post.php script not properly sanitizing user-supplied input to the 'fid' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.