[CLOSE] OSVDB ID : 37419 - Disclosed: 2007-09-30

Description:

(Description Provided by CVE) : PHP remote file inclusion vulnerability in includes/openid/Auth/OpenID/BBStore.php in phpBB Openid 0.2.0 allows remote attackers to execute arbitrary PHP code via a URL in the openid_root_path parameter.

[CLOSE] OSVDB ID : 37427 - Disclosed: 2007-09-30

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in messaging/course/composeMessage.jsp in BlackBoard Learning System 6.3.1.593 and earlier in BlackBoard Academic Suite allow remote attackers to inject arbitrary web script or HTML via the (1) subject_t and (2) body_text parameters. NOTE: vector 2 requires bypassing a client-side security mechanism that attempts to block XSS sequences.

[CLOSE] OSVDB ID : 38555 - Disclosed: 2007-09-30

Description:

(Description Provided by CVE) : SQL injection vulnerability in catalog.asp in ASP Product Catalog allows remote attackers to execute arbitrary SQL commands via the cid parameter and possibly other parameters.

[CLOSE] OSVDB ID : 45519 - Disclosed: 2007-09-29

Description:

(Description Provided by CVE) : PHP remote file inclusion vulnerability in log.php in phpFreeLog alpha 0.2.0 allows remote attackers to include and execute arbitrary files via unspecified vectors. NOTE: the original disclosure is likely erroneous.

[CLOSE] OSVDB ID : 37400 - Disclosed: 2007-09-29

Description:

(Description Provided by CVE) : contrib/mx_glance_sdesc.php in the mx_glance 2.3.3 module for mxBB places a critical security check within a comment because of a missing comment delimiter, which allows remote attackers to conduct remote file inclusion attacks and execute arbitrary PHP code via a URL in the mx_root_path parameter. NOTE: some sources incorrectly state that phpbb_root_path is the affected parameter.

[CLOSE] OSVDB ID : 38507 - Disclosed: 2007-09-29

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in eGov Manager allow remote attackers to inject arbitrary web script or HTML via unspecified "user-supplied input" to (1) center.exe or (2) Index.exe.

[CLOSE] OSVDB ID : 38508 - Disclosed: 2007-09-29

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in eGov Manager allow remote attackers to inject arbitrary web script or HTML via unspecified "user-supplied input" to (1) center.exe or (2) Index.exe.

[CLOSE] OSVDB ID : 38556 - Disclosed: 2007-09-29

Description:

(Description Provided by CVE) : SQL injection vulnerability in index.php in MAXdev MDPro (MD-Pro) 1.0.76 allows remote attackers to execute arbitrary SQL commands via a "Firefox ID=" substring in a Referer HTTP header.

[CLOSE] OSVDB ID : 38590 - Disclosed: 2007-09-29

Description:

(Description Provided by CVE) : SQL injection vulnerability in index.php in the MambAds (com_mambads) 1.5 and earlier component for Mambo allows remote attackers to execute arbitrary SQL commands via the caid parameter.

[CLOSE] OSVDB ID : 42342 - Disclosed: 2007-09-29

Description:

(Description Provided by CVE) : Multiple unspecified vulnerabilities in AlstraSoft Affiliate Network Pro allow remote attackers to include local files and have other unspecified impact, related to incorrect input validation or other defects involving (1) admin/backupstart.php, (2) a .sql filename under admin/admin/dump/, (3) a .sql filename in the fl parameter to admin/downloadbackup.php, and (4) a .. (dot dot) in the fl parameter to admin/downloadbackup.php.

[CLOSE] OSVDB ID : 42343 - Disclosed: 2007-09-29

Description:

(Description Provided by CVE) : Multiple unspecified vulnerabilities in AlstraSoft Affiliate Network Pro allow remote attackers to include local files and have other unspecified impact, related to incorrect input validation or other defects involving (1) admin/backupstart.php, (2) a .sql filename under admin/admin/dump/, (3) a .sql filename in the fl parameter to admin/downloadbackup.php, and (4) a .. (dot dot) in the fl parameter to admin/downloadbackup.php.

[CLOSE] OSVDB ID : 42344 - Disclosed: 2007-09-29

Description:

(Description Provided by CVE) : Multiple unspecified vulnerabilities in AlstraSoft Affiliate Network Pro allow remote attackers to include local files and have other unspecified impact, related to incorrect input validation or other defects involving (1) admin/backupstart.php, (2) a .sql filename under admin/admin/dump/, (3) a .sql filename in the fl parameter to admin/downloadbackup.php, and (4) a .. (dot dot) in the fl parameter to admin/downloadbackup.php.

[CLOSE] OSVDB ID : 42308 - Disclosed: 2007-09-28

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 41409 - Disclosed: 2007-09-28

Description:

(Description Provided by CVE) : admin/upload_files.php in Zomplog 3.8.1 and earlier does not check for administrative credentials, which allows remote attackers to perform administrative actions via a direct request. NOTE: this can be leveraged for code execution by exploiting CVE-2007-5231.

[CLOSE] OSVDB ID : 41410 - Disclosed: 2007-09-28

Description:

(Description Provided by CVE) : Unrestricted file upload vulnerability in admin/upload_files.php in Zomplog 3.8.1 and earlier allows remote authenticated administrators to upload and execute arbitrary .php files by sending a modified MIME type. NOTE: this can be exploited by unauthenticated attackers by leveraging CVE-2007-5230.

[CLOSE] OSVDB ID : 41411 - Disclosed: 2007-09-28

Description:

(Description Provided by CVE) : Zomplog 3.8.1 and earlier stores potentially sensitive information under the web root with insufficient access control, which allows remote attackers to download files that were uploaded by users, as demonstrated by obtaining a directory listing via a direct request to /upload and then retrieving individual files. NOTE: in a non-default configuration, the directory listing is denied, but filenames may be predicable.

[CLOSE] OSVDB ID : 39492 - Disclosed: 2007-09-28

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware 2.43 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO to the default URI associated with a directory, as demonstrated by (a) the root directory and (b) the view/ directory; (2) parameters associated with saved settings, as demonstrated by (c) the conf_Network_HostName parameter on the Network page and (d) the conf_Layout_OwnTitle parameter to ServerManager.srv; and (3) the query string to ServerManager.srv, which is displayed on the logs page. NOTE: an attacker can leverage a CSRF vulnerability to modify saved settings.

[CLOSE] OSVDB ID : 39493 - Disclosed: 2007-09-28

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware 2.43 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO to the default URI associated with a directory, as demonstrated by (a) the root directory and (b) the view/ directory; (2) parameters associated with saved settings, as demonstrated by (c) the conf_Network_HostName parameter on the Network page and (d) the conf_Layout_OwnTitle parameter to ServerManager.srv; and (3) the query string to ServerManager.srv, which is displayed on the logs page. NOTE: an attacker can leverage a CSRF vulnerability to modify saved settings.

[CLOSE] OSVDB ID : 39494 - Disclosed: 2007-09-28

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware 2.43 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO to the default URI associated with a directory, as demonstrated by (a) the root directory and (b) the view/ directory; (2) parameters associated with saved settings, as demonstrated by (c) the conf_Network_HostName parameter on the Network page and (d) the conf_Layout_OwnTitle parameter to ServerManager.srv; and (3) the query string to ServerManager.srv, which is displayed on the logs page. NOTE: an attacker can leverage a CSRF vulnerability to modify saved settings.

[CLOSE] OSVDB ID : 39495 - Disclosed: 2007-09-28

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware 2.43 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO to the default URI associated with a directory, as demonstrated by (a) the root directory and (b) the view/ directory; (2) parameters associated with saved settings, as demonstrated by (c) the conf_Network_HostName parameter on the Network page and (d) the conf_Layout_OwnTitle parameter to ServerManager.srv; and (3) the query string to ServerManager.srv, which is displayed on the logs page. NOTE: an attacker can leverage a CSRF vulnerability to modify saved settings.

[CLOSE] OSVDB ID : 41639 - Disclosed: 2007-09-28

Description:

(Description Provided by CVE) : Buffer overflow in the redir function in check_http.c in Nagios Plugins before 1.4.10, when running with the -f (follow) option, allows remote web servers to execute arbitrary code via Location header responses (redirects) with a large number of leading "L" characters.

[CLOSE] OSVDB ID : 41382 - Disclosed: 2007-09-28

Description:

(Description Provided by CVE) : The focus handling for the onkeydown event in Microsoft Internet Explorer 6.0 allows remote attackers to change field focus and copy keystrokes via a certain use of a JavaScript htmlFor attribute, as demonstrated by changing focus from a textarea to a file upload field, a related issue to CVE-2007-3511.

[CLOSE] OSVDB ID : 41381 - Disclosed: 2007-09-28

Description:

(Description Provided by CVE) : IceGUI.DLL in ICEOWS 4.20b invokes a function with incorrect arguments, which allows user-assisted remote attackers to execute arbitrary code via a long filename in the header of an ACE archive, which triggers a stack-based buffer overflow.

[CLOSE] OSVDB ID : 40832 - Disclosed: 2007-09-28

Description:

(Description Provided by CVE) : Unspecified vulnerability in the embedded service processor (SP) before 3.09 in Sun Fire X2100 M2 and X2200 M2 Embedded Lights Out Manager (ELOM) allows remote attackers to send arbitrary network traffic and use ELOM as a spam proxy.

[CLOSE] OSVDB ID : 41380 - Disclosed: 2007-09-28

Description:

(Description Provided by CVE) : Session fixation vulnerability in Aipo and Aipo ASP 3.0.1.0 and earlier allows remote attackers to hijack web sessions via unspecified vectors.

[CLOSE] OSVDB ID : 45822 - Disclosed: 2007-09-28

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 38795 - Disclosed: 2007-09-28

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware before 2.43 allow remote attackers to inject arbitrary web script or HTML via (1) parameters associated with saved settings, as demonstrated by the conf_SMTP_MailServer1 parameter to ServerManager.srv; or (2) the subpage parameter to wizard/first/wizard_main_first.shtml. NOTE: an attacker can leverage a CSRF vulnerability to modify saved settings.

[CLOSE] OSVDB ID : 38796 - Disclosed: 2007-09-28

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware before 2.43 allow remote attackers to inject arbitrary web script or HTML via (1) parameters associated with saved settings, as demonstrated by the conf_SMTP_MailServer1 parameter to ServerManager.srv; or (2) the subpage parameter to wizard/first/wizard_main_first.shtml. NOTE: an attacker can leverage a CSRF vulnerability to modify saved settings.

[CLOSE] OSVDB ID : 42303 - Disclosed: 2007-09-27

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 41365 - Disclosed: 2007-09-27

Description:

(Description Provided by CVE) : Multiple SQL injection vulnerabilities in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary SQL commands via CsAgent service commands with opcodes (1) 0x07, (2) 0x08, (3) 0x09, (4) 0x1E, (5) 0x32, (6) 0x36, (7) 0x40, and possibly others.

[CLOSE] OSVDB ID : 39138 - Disclosed: 2007-09-27

Description:

(Description Provided by CVE) : Incomplete blacklist vulnerability in editor/filemanager/upload/php/upload.php in FCKeditor, as used in SiteX CMS 0.7.3.beta, La-Nai CMS, Syntax CMS, Cardinal Cms, and probably other products, allows remote attackers to upload and execute arbitrary PHP code via a file whose name contains ".php." and has an unknown extension, which is recognized as a .php file by the Apache HTTP server, a different vulnerability than CVE-2006-0658 and CVE-2006-2529.

[CLOSE] OSVDB ID : 38694 - Disclosed: 2007-09-27

Description:

(Description Provided by CVE) : libpurple in Pidgin before 2.2.1 does not properly handle MSN nudge messages from users who are not on the receiver's buddy list, which allows remote attackers to cause a denial of service (crash) via a nudge message that triggers an access of "an invalid memory location."

[CLOSE] OSVDB ID : 37504 - Disclosed: 2007-09-27

Description:

(Description Provided by CVE) : Cisco Catalyst 6500 and Cisco 7600 series devices use 127/8 IP addresses for Ethernet Out-of-Band Channel (EOBC) internal communication, which might allow remote attackers to send packets to an interface for which network exposure was unintended.

[CLOSE] OSVDB ID : 37712 - Disclosed: 2007-09-27

Description:

(Description Provided by CVE) : Race condition in the kernel in Sun Solaris 8 through 10 allows local users to cause a denial of service (panic) via unspecified vectors related to "the handling of thread contexts."

[CLOSE] OSVDB ID : 37757 - Disclosed: 2007-09-27

Description:

(Description Provided by CVE) : Unspecified vulnerability in Sun Java System Access Manager 7.1, when installed in a Sun Java System Application Server 8.x container, allows remote attackers to execute arbitrary code via unspecified vectors.

[CLOSE] OSVDB ID : 37758 - Disclosed: 2007-09-27

Description:

(Description Provided by CVE) : Sun Java System Access Manager 7.1, when installed in a Sun Java System Application Server 9.1 container, does not demand authentication after a container restart, which allows remote attackers to perform administrative tasks.

[CLOSE] OSVDB ID : 41377 - Disclosed: 2007-09-27

Description:

(Description Provided by CVE) : F-Secure Anti-Virus for Windows Servers 7.0 64-bit edition allows local users to bypass virus scanning by using the system32 directory to store a crafted (1) archive or (2) packed executable. NOTE: in many environments, this does not cross privilege boundaries because any process able to write to system32 could also shut off F-Secure Anti-Virus.

[CLOSE] OSVDB ID : 41363 - Disclosed: 2007-09-27

Description:

(Description Provided by CVE) : Multiple stack-based buffer overflows in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary code via unspecified CsAgent service commands with certain opcodes, related to missing validation of a length parameter.

[CLOSE] OSVDB ID : 41364 - Disclosed: 2007-09-27

Description:

(Description Provided by CVE) : Multiple integer overflows in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary code via unspecified CsAgent service commands that trigger a heap-based buffer overflow.

[CLOSE] OSVDB ID : 37404 - Disclosed: 2007-09-27

Description:

(Description Provided by CVE) : SQL injection vulnerability in the abget_admin function in includes/nukesentinel.php in NukeSentinel 2.5.12 allows remote attackers to execute arbitrary SQL commands via base64-encoded data in an admin cookie.