[CLOSE] OSVDB ID : 52200 - Disclosed: 2008-11-30

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 50333 - Disclosed: 2008-11-30

Description:

(Description Provided by CVE) : Integer overflow in the ReadRealIndex function in real.c in the Real demuxer plugin in VideoLAN VLC media player 0.9.0 through 0.9.7 allows remote attackers to execute arbitrary code via a malformed RealMedia (.rm) file that triggers a heap-based buffer overflow.

[CLOSE] OSVDB ID : 50349 - Disclosed: 2008-11-30

Description:

Minimal Ablog contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'id' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 50400 - Disclosed: 2008-11-30

Description:

Active Web Helpdesk contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'default.aspx' script not properly sanitizing user-supplied input to the 'CategoryID' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 50402 - Disclosed: 2008-11-30

Description:

Active Business Directory contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'default.asp' script not properly sanitizing user-supplied input to the 'catid' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 50344 - Disclosed: 2008-11-30

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 50350 - Disclosed: 2008-11-30

Description:

(Description Provided by CVE) : uploader.php in minimal-ablog 0.4 does not properly restrict access, which allows remote attackers to gain administrative privileges via a direct request.

[CLOSE] OSVDB ID : 50633 - Disclosed: 2008-11-30

Description:

(Description Provided by CVE) : Stack-based buffer overflow in National Instruments Electronics Workbench allows user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted .ewb file.

[CLOSE] OSVDB ID : 50641 - Disclosed: 2008-11-30

Description:

(Description Provided by CVE) : The ClearQuest Maintenance Tool in IBM Rational ClearQuest before 7 stores the database password in cleartext in an object in a ClearQuest connection profile or export file, which allows remote authenticated users to obtain sensitive information by locating the password object within the object tree during an import process.

[CLOSE] OSVDB ID : 50642 - Disclosed: 2008-11-30

Description:

(Description Provided by CVE) : The ClearQuest Maintenance Tool in IBM Rational ClearQuest 7.0.0 before 7.0.0.4 and 7.0.1 before 7.0.1.3 on Windows allows local users to obtain (1) user and (2) database passwords by using a password revealer utility on a field containing a series of asterisks.

[CLOSE] OSVDB ID : 50719 - Disclosed: 2008-11-30

Description:

(Description Provided by CVE) : Multiple directory traversal vulnerabilities in geekigeeki.py in GeekiGeeki before 3.0 allow remote attackers to read arbitrary files via directory traversal sequences in a pagename argument in the (1) handle_edit and (2) handle_raw functions.

[CLOSE] OSVDB ID : 51407 - Disclosed: 2008-11-30

Description:

(Description Provided by CVE) : Buffer overflow in the xrdp_bitmap_invalidate function in xrdp/xrdp_bitmap.c in xrdp 0.4.1 and earlier allows remote attackers to execute arbitrary code via a crafted request.

[CLOSE] OSVDB ID : 51558 - Disclosed: 2008-11-30

Description:

(Description Provided by CVE) : Array index error in the xrdp_bitmap_def_proc function in xrdp/funcs.c in xrdp 0.4.1 and earlier allows remote attackers to execute arbitrary code via vectors that manipulate the value of the edit_pos structure member.

[CLOSE] OSVDB ID : 52264 - Disclosed: 2008-11-30

Description:

Broadcast Machine contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'MySQLController.php' script not properly sanitizing user input supplied to the 'controllers/baseDir' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

[CLOSE] OSVDB ID : 52265 - Disclosed: 2008-11-30

Description:

Broadcast Machine contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'SQLController.php' script not properly sanitizing user input supplied to the 'controllers/baseDir' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

[CLOSE] OSVDB ID : 52266 - Disclosed: 2008-11-30

Description:

Broadcast Machine contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'SetupController.php' script not properly sanitizing user input supplied to the 'controllers/baseDir' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

[CLOSE] OSVDB ID : 52267 - Disclosed: 2008-11-30

Description:

Broadcast Machine contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'VideoController.php' script not properly sanitizing user input supplied to the 'controllers/baseDir' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

[CLOSE] OSVDB ID : 52268 - Disclosed: 2008-11-30

Description:

Broadcast Machine contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'ViewController.php' script not properly sanitizing user input supplied to the 'controllers/baseDir' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

[CLOSE] OSVDB ID : 52307 - Disclosed: 2008-11-30

Description:

(Description Provided by CVE) : Quick Tree View .NET 3.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to qtv.mdb.

[CLOSE] OSVDB ID : 53402 - Disclosed: 2008-11-30

Description:

(Description Provided by CVE) : Unrestricted file upload vulnerability in admin/uploader.php in Minimal ABlog 0.4 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in img/.

[CLOSE] OSVDB ID : 56781 - Disclosed: 2008-11-30

Description:

(Description Provided by CVE) : Stack-based buffer overflow in Apple QuickTime Player 7.5.5 and iTunes 8.0.2.20 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a MOV file with "long arguments," related to an "off by one overflow."

[CLOSE] OSVDB ID : 50382 - Disclosed: 2008-11-29

Description:

eWebquiz contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the start.asp script not properly sanitizing user-supplied input to the useremail and password parameters. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 50319 - Disclosed: 2008-11-29

Description:

Lito Lite CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the cate.php script not properly sanitizing user-supplied input to the cid parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 51546 - Disclosed: 2008-11-29

Description:

(Description Provided by CVE) : The Advantech ADAM-6000 module has 00000000 as its default password, which makes it easier for remote attackers to obtain access through an HTTP session, and (1) monitor or (2) control the module's Modbus/TCP I/O activity.

[CLOSE] OSVDB ID : 50329 - Disclosed: 2008-11-29

Description:

(Description Provided by CVE) : ASPThai.NET ASPThai Forums 8.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for database/aspthaiForum.mdb.

[CLOSE] OSVDB ID : 50414 - Disclosed: 2008-11-29

Description:

Active Price Comparison contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'login.aspx' script not properly sanitizing user-supplied input to the 'password' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 50399 - Disclosed: 2008-11-29

Description:

Active Bids contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'bidhistory.asp' script not properly sanitizing user-supplied input to the ItemID parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 50384 - Disclosed: 2008-11-29

Description:

CMS Made Simple contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'admin/login.php' script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'cms_language' cookie. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 50489 - Disclosed: 2008-11-29

Description:

(Description Provided by CVE) : SQL injection vulnerability in Account.asp in Active Time Billing 3.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters, possibly related to start.asp. NOTE: some of these details are obtained from third party information.

[CLOSE] OSVDB ID : 50385 - Disclosed: 2008-11-29

Description:

PHP TV Portal contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'mid' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 50415 - Disclosed: 2008-11-29

Description:

Active Web Mail contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'login.aspx' script not properly sanitizing user-supplied input to the 'password' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 50490 - Disclosed: 2008-11-29

Description:

Active Force Matrix contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the account.asp script not properly sanitizing user-supplied input to the 'username' and 'password' parameters. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 50491 - Disclosed: 2008-11-29

Description:

ActiveVotes contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the register.asp script not properly sanitizing user-supplied input to the 'username' and 'password' parameters. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 56416 - Disclosed: 2008-11-29

Description:

Active Web Mail contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'popaccounts.aspx' script not properly sanitizing user-supplied input to the 'TabOpenQuickTab1' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 56417 - Disclosed: 2008-11-29

Description:

Active Web Mail contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'addressbook.aspx' script not properly sanitizing user-supplied input to the 'TabOpenQuickTab1' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 56418 - Disclosed: 2008-11-29

Description:

Active Web Mail contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'emails.aspx' script not properly sanitizing user-supplied input to the 'TabOpenQuickTab1' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 56419 - Disclosed: 2008-11-29

Description:

(Description Provided by CVE) : Oramon Oracle Database Monitoring Tool 2.0.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing credentials via a direct request for config/oramon.ini.

[CLOSE] OSVDB ID : 57471 - Disclosed: 2008-11-29

Description:

OpenForum contains a flaw that may allow a malicious user to bypass authentication. The issue is triggered when a malicious makes a direct request of the profile.php script with update set to 1 and the modified username and passowrd. It is possible that the flaw may allow a malicious user to reset user passwords resulting in a loss of integrity.

[CLOSE] OSVDB ID : 50446 - Disclosed: 2008-11-28

Description:

(Description Provided by CVE) : Race condition in the rmtree function in File::Path 1.08 (lib/File/Path.pm) in Perl 5.8.8 allows local users to allows local users to delete arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5302 due to affected versions.

[CLOSE] OSVDB ID : 50273 - Disclosed: 2008-11-28

Description:

The RSA EnVision platform provides a web console which enables administration of the solution and analysis of security events. A vulnerability exists in this web application, allowing a remote anonymous attacker to retrieve the hash of the password used for authentication. Using a dictionary or a bruteforce attack against this hash, a remote attacker can gain administration privilege on the EnVision web console. This vulnerability is due to a lack of access control on the user profile functionality.