| OSVDB ID | Disclosure Date | Title |
|---|
|
37799
Description:
Ripe Website Manager contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'admin/includes/author_panel_header.php' script not properly sanitizing user input supplied to the 'level' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.
|
2007-06-30
|
Ripe Website Manager admin/includes/author_panel_header.php level Parameter Remote File Inclusion
|
|
37800
Description:
Ripe Website Manager contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'admin/includes/admin_header.php' script not properly sanitizing user input supplied to the 'level' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.
|
2007-06-30
|
Ripe Website Manager admin/includes/admin_header.php level Parameter Remote File Inclusion
|
|
37994
Description:
(Description Provided by CVE) : The focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12, 2.0.0.4 and other versions before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to change field focus and copy keystrokes via the "for" attribute in a label, which bypasses the focus prevention, as demonstrated by changing focus from a textarea to a file upload field.
|
2007-06-30
|
Mozilla Multiple Browsers onkeydown Event Window Focus Manipulation
|
|
36337
Description:
TotalCalendar contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'view_event.php' script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2007-06-30
|
TotalCalendar view_event.php id Parameter SQL Injection
|
|
38960
Description:
(Description Provided by CVE) : Multiple SQL injection vulnerabilities in Buddy Zone 1.5 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the news_id parameter to view_news.php, (2) the cat_id parameter to view_events.php, or (3) the member_id parameter to video_gallery.php.
|
2007-06-30
|
Buddy Zone view_news.php news_id Parameter SQL Injection
|
|
38961
Description:
(Description Provided by CVE) : Multiple SQL injection vulnerabilities in Buddy Zone 1.5 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the news_id parameter to view_news.php, (2) the cat_id parameter to view_events.php, or (3) the member_id parameter to video_gallery.php.
|
2007-06-30
|
Buddy Zone view_events.php cat_id Parameter SQL Injection
|
|
38962
Description:
(Description Provided by CVE) : Multiple SQL injection vulnerabilities in Buddy Zone 1.5 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the news_id parameter to view_news.php, (2) the cat_id parameter to view_events.php, or (3) the member_id parameter to video_gallery.php.
|
2007-06-30
|
Buddy Zone video_gallery.php member_id Parameter SQL Injection
|
|
38963
Description:
(Description Provided by CVE) : Multiple directory traversal vulnerabilities in Module/Galerie.php in XCMS 1.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) Ent or (2) Lang parameter.
|
2007-06-30
|
XCMS Module/Galerie.php Multiple Parameter Traversal Arbitrary File Access
|
|
38964
Description:
(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in sPHPell 1.01 allow remote attackers to execute arbitrary PHP code via a URL in the SpellIncPath parameter to (1) spellcheckpageinc.php, (2) spellchecktext.php, (3) spellcheckwindow.php, or (4) spellcheckwindowframeset.php.
|
2007-06-30
|
sPHPell spellcheckpageinc.php SpellIncPath Parameter Remote File Inclusion
|
|
38965
Description:
(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in sPHPell 1.01 allow remote attackers to execute arbitrary PHP code via a URL in the SpellIncPath parameter to (1) spellcheckpageinc.php, (2) spellchecktext.php, (3) spellcheckwindow.php, or (4) spellcheckwindowframeset.php.
|
2007-06-30
|
sPHPell spellchecktext.php SpellIncPath Parameter Remote File Inclusion
|
|
38966
Description:
(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in sPHPell 1.01 allow remote attackers to execute arbitrary PHP code via a URL in the SpellIncPath parameter to (1) spellcheckpageinc.php, (2) spellchecktext.php, (3) spellcheckwindow.php, or (4) spellcheckwindowframeset.php.
|
2007-06-30
|
sPHPell spellcheckwindow.php SpellIncPath Parameter Remote File Inclusion
|
|
38967
Description:
(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in sPHPell 1.01 allow remote attackers to execute arbitrary PHP code via a URL in the SpellIncPath parameter to (1) spellcheckpageinc.php, (2) spellchecktext.php, (3) spellcheckwindow.php, or (4) spellcheckwindowframeset.php.
|
2007-06-30
|
sPHPell spellcheckwindowframeset.php SpellIncPath Parameter Remote File Inclusion
|
|
45745
Description:
(Description Provided by CVE) : Stack-based buffer overflow in W3Filer 2.1.3 allows remote FTP servers to cause a denial of service (application hang or crash) and possibly execute arbitrary code by sending a large banner to a client that is sending a file.
|
2007-06-29
|
W3Filer File Sending Banner Reply Handling Overflow
|
|
38955
Description:
(Description Provided by CVE) : Microsoft Internet Explorer 7 allows remote attackers to determine the existence of page history via the history.length JavaScript variable.
|
2007-06-29
|
Microsoft IE history.length Variable History Disclosure
|
|
37791
Description:
(Description Provided by CVE) : The 3Com IntelliJack Switch NJ220 before 2.0.23 allows remote attackers to cause a denial of service (reboot and reporting outage) via a loopback packet with zero in the length field.
|
2007-06-29
|
3Com IntelliJack Switch NJ220 Crafted Loopback Packet Remote DoS
|
|
40524
Description:
(Description Provided by CVE) : Stack-based buffer overflow in the local__vcentry_parse_value function in vorbiscomment.c in flac123 (aka flac-tools or flac) before 0.0.10 allows user-assisted remote attackers to execute arbitrary code via a large comment value_length.
|
2007-06-29
|
flac123 vorbiscomment.c local__vcentry_parse_value Function Comment Parsing Overflow
|
|
37064
Description:
(Description Provided by CVE) : SQL injection vulnerability in Coppermine Photo Gallery (CPG) before 1.4.11 allows remote attackers to execute arbitrary SQL commands via an album password cookie to an unspecified component.
|
2007-06-29
|
Coppermine Photo Gallery album Password Cookie SQL Injection
|
|
37065
Description:
(Description Provided by CVE) : SQL injection vulnerability in Coppermine Photo Gallery (CPG) before 1.4.11 allows remote attackers to execute arbitrary SQL commands via an album password cookie to an unspecified component.
|
2007-06-29
|
Coppermine Photo Gallery albmgr.php cat Parameter SQL Injection
|
|
42434
Description:
Unknown / Incomplete
|
2007-06-29
|
eTicket user_login.php XSS
|
|
42435
Description:
Unknown / Incomplete
|
2007-06-29
|
eTicket admin_login.php XSS
|
|
42436
Description:
Unknown / Incomplete
|
2007-06-29
|
eTicket user_group.php XSS
|
|
42437
Description:
Unknown / Incomplete
|
2007-06-29
|
eTicket rep.php XSS
|
|
42438
Description:
Unknown / Incomplete
|
2007-06-29
|
eTicket pref.php XSS
|
|
42439
Description:
Unknown / Incomplete
|
2007-06-29
|
eTicket my.php XSS
|
|
42440
Description:
Unknown / Incomplete
|
2007-06-29
|
eTicket main.php XSS
|
|
42441
Description:
Unknown / Incomplete
|
2007-06-29
|
eTicket mail.php XSS
|
|
42442
Description:
Unknown / Incomplete
|
2007-06-29
|
eTicket cat.php XSS
|
|
42443
Description:
Unknown / Incomplete
|
2007-06-29
|
eTicket banlist_delete.php XSS
|
|
42444
Description:
Unknown / Incomplete
|
2007-06-29
|
eTicket banlist_addedit.php XSS
|
|
42445
Description:
Unknown / Incomplete
|
2007-06-29
|
eTicket banlist.php XSS
|
|
42446
Description:
Unknown / Incomplete
|
2007-06-29
|
eTicket searc_form.php XSS
|
|
38914
Description:
(Description Provided by CVE) : Multiple SQL injection vulnerabilities in akocomment allow remote attackers to execute arbitrary SQL commands via the (1) acparentid or (2) acitemid parameter to an unspecified component, different vectors than CVE-2006-1421.
|
2007-06-29
|
AkoComment Unspecified Component Multiple Parameter SQL Injection
|
|
38936
Description:
(Description Provided by CVE) : SQL injection vulnerability in view_sub_cat.php in Buddy Zone 1.5 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
|
2007-06-29
|
Buddy Zone view_sub_cat.php cat_id Parameter SQL Injection
|
|
38860
Description:
Safari for Windows contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a malicious user uses JavaScript to overwrite the document variable and statically sets the document.domain attribute, which will disclose information from other domains resulting in a loss of confidentiality.
|
2007-06-28
|
Apple Safari document.domain Attribute Cross Domain Information Disclosure
|
|
37792
Description:
(Description Provided by CVE) : IBM OS/400 (aka i5/OS) V4R2M0 through V5R3M0 on iSeries machines sends responses to TCP SYN-FIN packets, which allows remote attackers to obtain system information and possibly bypass firewall rules.
|
2007-06-28
|
IBM OS/400 on iSeries TCP SYN-FIN Packet Handling Security Bypass
|
|
48696
Description:
Unknown / Incomplete
|
2007-06-28
|
VLC Media Player RSS Module Filter String Overflow
|
|
37755
Description:
(Description Provided by CVE) : Directory traversal vulnerability in the PersistenceService in Sun Java Web Start in JDK and JRE 5.0 Update 11 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, for Windows allows remote attackers to perform unauthorized actions via an application that grants file overwrite privileges to itself. NOTE: this can be leveraged to execute arbitrary code by overwriting a .java.policy file.
|
2007-06-28
|
Sun Java Web Start PersistenceService Application Traversal Arbitrary File Overwrite
|
|
39847
Description:
(Description Provided by CVE) : Xeweb XEForum allows remote attackers to gain privileges via a modified xeforum cookie.
|
2007-06-28
|
XEForum xeforum Cookie Manipulation Remote Privilege Escalation
|
|
37672
Description:
(Description Provided by CVE) : Multiple buffer overflows in the AMX NetLinx VNC (AmxVnc) ActiveX control in AmxVnc.dll 1.0.13.0 allow remote attackers to execute arbitrary code via long (1) Host, (2) Password, or (3) LogFile property values.
|
2007-06-28
|
AMX NetLinx VNC (AmxVnc) ActiveX (AmxVnc.dll) Multiple Property Overflows
|
|
40177
Description:
(Description Provided by CVE) : NVIDIA drivers (nvidia-drivers) before 1.0.7185, 1.0.9639, and 100.14.11, as used in Gentoo Linux and possibly other distributions, creates /dev/nvidia* device files with insecure permissions, which allows local users to modify video card settings, cause a denial of service (crash or physical video card damage), and obtain sensitive information.
|
2007-06-28
|
Gentoo Linux NVIDIA Drivers (nvidia-drivers) /dev/nvidia* Device Permission Weakness
|
