| OSVDB ID | Disclosure Date | Title |
|---|
|
31007
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in index.php in AnimeGenesis Gallery allows remote attackers to inject arbitrary web script or HTML via the cat parameter.
|
2006-04-17
|
AnimeGenesis Gallery index.php cat Parameter XSS
|
|
31442
Description:
(Description Provided by CVE) : SQL injection vulnerability in inc/start.php in FlexBB 0.5.5 and earlier allows remote attackers to execute arbitrary SQL commands via the flexbb_username COOKIE parameter.
|
2006-04-17
|
FlexBB inc/start.php flexbb_username Cookie Parameter SQL Injection
|
|
44722
Description:
Unknown / Incomplete
|
2006-04-17
|
IBM DB2 Universal Database File Creation Permission Inheritance Weakness
|
|
31432
Description:
(Description Provided by CVE) : fold_binary in fold-const.c in GNU Compiler Collection (gcc) 4.1 improperly handles pointer overflow when folding a certain expr comparison to a corresponding offset comparison in cases other than EQ_EXPR and NE_EXPR, which might introduce buffer overflow vulnerabilities into applications that could be exploited by context-dependent attackers.NOTE: the vendor states that the essence of the issue is "not correctly interpreting an offset to a pointer as a signed value."
|
2006-04-17
|
Gnu GCC fold-const.c fold_binary Function Overflow Weakness
|
|
24991
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in jax_guestbook.php in Jax Guestbook 3.1, 3.31, and 3.50 allows remote attackers to inject arbitrary web script or HTML via the page parameter.
|
2006-04-17
|
Jax Guestbook jax_guestbook.php page Parameter XSS
|
|
24999
Description:
(Description Provided by CVE) : Directory traversal vulnerability in WinAgents TFTP Server for Windows 3.1 and earlier allows remote attackers to read arbitrary files via "..." (triple dot) sequences in a GET request.
|
2006-04-17
|
WinAgents TFTP Server Traversal Arbitrary File Access
|
|
25424
Description:
Unknown / Incomplete
|
2006-04-17
|
IBM WebSphere Application Server (WAS) Web Container JSP Source Disclosure (PK20181,PK13792)
|
|
24760
Description:
(Description Provided by CVE) : Neon Responder 5.4 for LANsurveyor allows remote attackers to cause a denial of service (application outage) via a crafted Clock Synchronisation packet that triggers an access violation.
|
2006-04-17
|
Neon Responders Crafted Clock Synchronisation Packet DoS
|
|
24646
Description:
phpWebSite contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the index.php script not properly sanitizing user input supplied to the 'hub_dir' variable. This may allow an attacker to include a file from the local host that contains arbitrary commands which will be executed by the vulnerable script. It is also possible to include remote files, but only from accessable Windows shares when using PHP5.
|
2006-04-17
|
phpWebSite index.php hub_dir Arbitrary File Inclusion
|
|
25374
Description:
(Description Provided by CVE) : Unspecified vulnerability in WebSphere 5.1.1 (or any earlier cumulative fix) Common Configuration Mode + CommonArchive and J2EE Models might allow attackers to obtain sensitive information via the trace.
|
2006-04-17
|
IBM WebSphere Application Server (WAS) Multiple Model Trace Information Disclosure (PK14566)
|
|
24712
Description:
(Description Provided by CVE) : phpGraphy 0.9.11 and earlier allows remote attackers to bypass authentication and gain administrator privileges via a direct request to index.php with the editwelcome parameter set to 1, which can then be used to modify the main page to inject arbitrary HTML and web script. NOTE: XSS attacks are resultant from this issue, since normal functionality allows the admin to modify pages.
|
2006-04-17
|
phpGraphy index.php editwelcome Variable Authentication Bypass
|
|
24742
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in stats_view.php in LinPHA 1.1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) date_from, (2) date_to, and (3) date parameter.
|
2006-04-17
|
LinPHA stats_view.php Multiple Parameter XSS
|
|
24708
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in global.php in ShoutBOOK 1.1 allows remote attackers to inject arbitrary web script or HTML via the (1) NAME and (2) COMMENTS parameters.
|
2006-04-17
|
ShoutBOOK global.php Multiple Parameter XSS
|
|
24737
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in dev Neuron Blog 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) name and (2) website parameters.
|
2006-04-17
|
Neuron Blog pages/addcomment2.php Multiple Parameter XSS
|
|
41278
Description:
Unknown / Incomplete
|
2006-04-17
|
grsecurity "Return into libc" Security Bypass
|
|
24959
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in Ralph Capper Tiny PHP Forum (TPF) 3.6 allow remote attackers to inject arbitrary web script or HTML via (1) the uname parameter in a view action in profile.php and (2) a login name. NOTE: the "Access to hash password" issue is already covered by CVE-2006-0103.
|
2006-04-17
|
TinyPHPForum profile.php uname Parameter XSS
|
|
24960
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in Ralph Capper Tiny PHP Forum (TPF) 3.6 allow remote attackers to inject arbitrary web script or HTML via (1) the uname parameter in a view action in profile.php and (2) a login name. NOTE: the "Access to hash password" issue is already covered by CVE-2006-0103.
|
2006-04-17
|
TinyPHPForum Login Field Error Page XSS
|
|
25160
Description:
(Description Provided by CVE) : EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before 7.0.344, and 7.5 before 7.5.1.105 does not drop privileges before opening files, which allows local users to execute arbitrary code via the File>Open dialog.
|
2006-04-17
|
EMC Retrospect Backup Server Local Privilege Escalation
|
|
25161
Description:
(Description Provided by CVE) : EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before 7.0.344, and 7.5 before 7.5.1.105 allows local users to execute arbitrary code by replacing the Retrospect.exe file, possibly due to improper file permissions.
|
2006-04-17
|
EMC Retrospect Retrospect.exe Path Subversion Local Privilege Escalation
|
|
24639
Description:
The Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when control is returned using SYSRET. The way Intel EM64T handles exceptions with uncanonical addresses might cause a Denial of Service, and will result in loss of availability for the platform.
|
2006-04-17
|
Linux Kernel on Intel EM64T SYSRET Local DoS
|
|
25375
Description:
IBM WebSphere Application Server on Solaris contains a flaw related to the handling of tokens that may allow an attacker to gain unauthorised access using a corrupt token, resulting in a loss of integrity. No further details have been provided.
|
2006-04-17
|
IBM WebSphere Application Server (WAS) on Solaris Corrupt Token Authentication Bypass
|
|
55359
Description:
(Description Provided by CVE) : Mozilla Firefox 1.5.0.2 and possibly other versions before 1.5.0.4, Netscape 8.1, 8.0.4, and 7.2, and K-Meleon 0.9.13 allows user-assisted remote attackers to open local files via a web page with an IMG element containing a SRC attribute with a non-image file:// URL, then tricking the user into selecting View Image for the broken image, as demonstrated using a .wma file to launch Windows Media Player, or by referencing an "alternate web page."
|
2006-04-17
|
Netscape IMG Element Crafted file:// URL Arbitrary Local File Access
|
|
55360
Description:
(Description Provided by CVE) : Mozilla Firefox 1.5.0.2 and possibly other versions before 1.5.0.4, Netscape 8.1, 8.0.4, and 7.2, and K-Meleon 0.9.13 allows user-assisted remote attackers to open local files via a web page with an IMG element containing a SRC attribute with a non-image file:// URL, then tricking the user into selecting View Image for the broken image, as demonstrated using a .wma file to launch Windows Media Player, or by referencing an "alternate web page."
|
2006-04-17
|
K-Meleon IMG Element Crafted file:// URL Arbitrary Local File Access
|
|
24701
Description:
(Description Provided by CVE) : Untrusted search path vulnerability in unspecified components in Symantec LiveUpdate for Macintosh 3.0.0 through 3.5.0 do not set the execution path, which allows local users to gain privileges via a Trojan horse program.
|
2006-04-17
|
Symantec LiveUpdate for Macintosh Path Subversion Local Privilege Escalation
|
|
58733
Description:
Unknown / Incomplete
|
2006-04-17
|
Apache Axis2 doGet Implementation Authentication Bypass Service State Manipulation
|
|
30585
Description:
(Description Provided by CVE) : phpWebFTP 3.2 and earlier stores script.js under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information.
|
2006-04-16
|
phpWebFTP script.js Information Disclosure
|
|
24651
Description:
(Description Provided by CVE) : SQL injection vulnerability in archiv2.php in Fuju News 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter.
|
2006-04-16
|
Fuju News archiv2.php ID Parameter SQL Injection
|
|
24652
Description:
(Description Provided by CVE) : edit_kategorie.php in Fuju News 1.0 allows remote attackers to bypass authentication by setting the authorized cookie.
|
2006-04-16
|
Fuju News Crafted Cookie Authentication Bypass
|
|
24635
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in index.php in Musicbox 2.3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the term parameter in a search action.
|
2006-04-16
|
MusicBox index.php term Parameter XSS
|
|
24636
Description:
(Description Provided by CVE) : Multiple SQL injection vulnerabilities in index.php in Musicbox 2.3.3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) start parameter in a search action or (2) type parameter in a top action.
|
2006-04-16
|
MusicBox index.php start Parameter SQL Injection
|
|
24740
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in Martin Scheffler betaboard 0.1 allows remote attackers to inject arbitrary web script or HTML via a user's profile, possibly using the FormVal_profile parameter. NOTE: it is not clear whether this is a distributable product or a site-specific vulnerability. If it is site-specific, then it should not be included in CVE.
|
2006-04-16
|
betaboard editprofile.php FormVal_profile Parameter XSS
|
|
24722
Description:
myEvent contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to initialize.php not properly sanitizing user input supplied to the 'myevent_path' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.
|
2006-04-16
|
myEvent initialize.php myevent_path Parameter Remote File Inclusion
|
|
24723
Description:
myEvent contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to event.php not properly sanitizing user input supplied to the 'myevent_path' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.
|
2006-04-16
|
myEvent event.php myevent_path Parameter Remote File Inclusion
|
|
24973
Description:
Unknown / Incomplete
|
2006-04-16
|
Mozilla Multiple Products legend object Tag DoS
|
|
24707
Description:
(Description Provided by CVE) : Directory traversal vulnerability in index.php in phpWebFTP 3.2 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the language parameter.
|
2006-04-16
|
phpWebFTP index.php language Parameter Traversal Arbitrary File Access
|
|
24955
Description:
(Description Provided by CVE) : DbbS 2.0-alpha and earlier allows remote attackers to obtain sensitive information via an invalid (1) fcategoryid parameter to topics.php or (2) unavariabile, (3) GLOBALS, or (4) _SERVER[] parameters to script.php. NOTE: this information leak might be resultant from a global variable overwrite issue.
|
2006-04-16
|
DbbS topics.php fcategoryid Variable Path Disclosure
|
|
24956
Description:
(Description Provided by CVE) : DbbS 2.0-alpha and earlier allows remote attackers to obtain sensitive information via an invalid (1) fcategoryid parameter to topics.php or (2) unavariabile, (3) GLOBALS, or (4) _SERVER[] parameters to script.php. NOTE: this information leak might be resultant from a global variable overwrite issue.
|
2006-04-16
|
DbbS script.php Multiple Variable Path Disclosure
|
|
24957
Description:
(Description Provided by CVE) : SQL injection vulnerability in topics.php in DbbS 2.0-alpha and earlier allows remote attackers to execute arbitrary SQL commands via the fcategoryid parameter.
|
2006-04-16
|
DbbS topics.php fcategoryid Parameter SQL Injection
|
|
24958
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in profile.php in DbbS 2.0-alpha and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) ulocation or (2) uhobbies parameters.
|
2006-04-16
|
DbbS profile.php Multiple Parameter XSS
|
|
24953
Description:
Snipe Gallery contains a flaw that allows a remote cross site scripting (XSS) attack. This flaw exists because the application does not validate the 'gallery_id' parameter upon submission to the 'view.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2006-04-16
|
Snipe Gallery view.php gallery_id Parameter XSS
|
