OSVDB: The Open Source Vulnerability Database

Browse Database

Browsing Vulnerabilities Disclosed in September of 2008

<< Back to Browse

« Previous 1 2 3 4 5 6 7 8 9 ... 13 14 Next »

OSVDB ID	Disclosure Date	Title
48661 [CLOSE] OSVDB ID : 48661 - Disclosed: 2008-09-30 Description: Unknown / Incomplete	2008-09-30	Post Comments Script PostCommentsAdmin Cookie Admin Authentication Bypass
48634 [CLOSE] OSVDB ID : 48634 - Disclosed: 2008-09-30 Description: Unknown / Incomplete	2008-09-30	Autodesk Design Review AdView.AdViewer.1 ActiveX (AdView.dll) SaveAs Method Arbitrary File Overwrite
48643 [CLOSE] OSVDB ID : 48643 - Disclosed: 2008-09-30 Description: Unknown / Incomplete	2008-09-30	moziloCMS download.php file Variable Traversal Arbitrary File Download
48640 [CLOSE] OSVDB ID : 48640 - Disclosed: 2008-09-30 Description: Unknown / Incomplete	2008-09-30	hyBook Guestbook Script hyBook.mdb Direct Request Information Disclosure
48644 [CLOSE] OSVDB ID : 48644 - Disclosed: 2008-09-30 Description: Unknown / Incomplete	2008-09-30	moziloCMS index.php page Variable Traversal Arbitrary File Download
48645 [CLOSE] OSVDB ID : 48645 - Disclosed: 2008-09-30 Description: Unknown / Incomplete	2008-09-30	moziloCMS index.php Multiple Variable XSS
48646 [CLOSE] OSVDB ID : 48646 - Disclosed: 2008-09-30 Description: Unknown / Incomplete	2008-09-30	moziloCMS download.php Multiple Variable XSS
48647 [CLOSE] OSVDB ID : 48647 - Disclosed: 2008-09-30 Description: Unknown / Incomplete	2008-09-30	moziloCMS gallery.php gal Variable XSS
48648 [CLOSE] OSVDB ID : 48648 - Disclosed: 2008-09-30 Description: Unknown / Incomplete	2008-09-30	moziloCMS admin/login.php URL XSS
48649 [CLOSE] OSVDB ID : 48649 - Disclosed: 2008-09-30 Description: Unknown / Incomplete	2008-09-30	moziloCMS Unspecified CSRF
48655 [CLOSE] OSVDB ID : 48655 - Disclosed: 2008-09-30 Description: Unknown / Incomplete	2008-09-30	Pritlog index.php filename Variable Traversal Remote File Access
48656 [CLOSE] OSVDB ID : 48656 - Disclosed: 2008-09-30 Description: Unknown / Incomplete	2008-09-30	GdPicture Pro Imaging SDK GdPicturePro5S.Imaging ActiveX (gdpicturepro5s.ocx) SaveAsPDF Method Arbitrary File Overwrite
48659 [CLOSE] OSVDB ID : 48659 - Disclosed: 2008-09-30 Description: FAQ Management Script contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'catid' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.	2008-09-30	FAQ Management Script index.php catid Variable SQL Injection
48657 [CLOSE] OSVDB ID : 48657 - Disclosed: 2008-09-30 Description: Unknown / Incomplete	2008-09-30	GdPicture Light Imaging Toolkit GdPicture4S.Imaging ActiveX (gdpicture4s.ocx) SaveAsPDF Method Arbitrary File Overwrite
48687 [CLOSE] OSVDB ID : 48687 - Disclosed: 2008-09-30 Description: Unknown / Incomplete	2008-09-30	Celoxis user.do ni.smessage Variable XSS
48730 [CLOSE] OSVDB ID : 48730 - Disclosed: 2008-09-30 Description: (Description Provided by CVE) : RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.	2008-09-30	Trend Micro OfficeScan OfficeScanNT Listener Traversal Arbitrary File Access
48774 [CLOSE] OSVDB ID : 48774 - Disclosed: 2008-09-30 Description: (Description Provided by CVE) : Unspecified vulnerability in the UFS module in Sun Solaris 8 through 10 and OpenSolaris allows local users to cause a denial of service (NULL pointer dereference and kernel panic) via unknown vectors related to the Solaris Access Control List (ACL) implementation.	2008-09-30	Avaya CMS Solaris ACL for UFS File Systems NULL Deference Local DoS
48755 [CLOSE] OSVDB ID : 48755 - Disclosed: 2008-09-29 Description: Unknown / Incomplete	2008-09-29	XAMPP adodb.php Multiple Variable XSS
48633 [CLOSE] OSVDB ID : 48633 - Disclosed: 2008-09-29 Description: Unknown / Incomplete	2008-09-29	PG MatchMaking Script news_read.php id Variable SQL Injection
48642 [CLOSE] OSVDB ID : 48642 - Disclosed: 2008-09-29 Description: Unknown / Incomplete	2008-09-29	Citrix Presentation Server Unspecified Local Privilege Escalation
48662 [CLOSE] OSVDB ID : 48662 - Disclosed: 2008-09-29 Description: (Description Provided by CVE) : Multiple integer underflows in MPlayer 1.0_rc2 and earlier allow remote attackers to cause a denial of service (process termination) and possibly execute arbitrary code via a crafted video file that causes the stream_read function to read or write arbitrary memory.	2008-09-29	MPlayer stream_read Function Crafted Video File Handling Multiple Underflows
48641 [CLOSE] OSVDB ID : 48641 - Disclosed: 2008-09-29 Description: (Description Provided by CVE) : Unspecified vulnerability in HP Insight Diagnostics before 7.9.1.2402 allows remote attackers to read arbitrary files via unknown vectors.	2008-09-29	HP Insight Diagnostics Unspecified Remote File Access
48635 [CLOSE] OSVDB ID : 48635 - Disclosed: 2008-09-29 Description: Unknown / Incomplete	2008-09-29	WordPress MU wp-admin/wpmu-blogs.php Multiple Variable XSS
48637 [CLOSE] OSVDB ID : 48637 - Disclosed: 2008-09-29 Description: Unknown / Incomplete	2008-09-29	tnftpd FTP Command Handling CSRF
48632 [CLOSE] OSVDB ID : 48632 - Disclosed: 2008-09-29 Description: Unknown / Incomplete	2008-09-29	PG MatchMaking Script gifts_show.php id Variable SQL Injection
48653 [CLOSE] OSVDB ID : 48653 - Disclosed: 2008-09-29 Description: Unknown / Incomplete	2008-09-29	A4Desk PHP Event Calendar index.php v Variable Remote File Inclusion
48753 [CLOSE] OSVDB ID : 48753 - Disclosed: 2008-09-29 Description: Unknown / Incomplete	2008-09-29	Blue Coat Security Gateway OS ICAP Patience Page URL XSS
48783 [CLOSE] OSVDB ID : 48783 - Disclosed: 2008-09-28 Description: (Description Provided by CVE) : The user interface event dispatcher in Mozilla Firefox 3.0.3 on Windows XP SP2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a series of keypress, click, onkeydown, onkeyup, onmousedown, and onmouseup events. NOTE: it was later reported that Firefox 3.0.2 on Mac OS X 10.5 is also affected.	2008-09-28	Mozilla Firefox keypress User Interface Event Dispatcher DoS
48629 [CLOSE] OSVDB ID : 48629 - Disclosed: 2008-09-28 Description: Unknown / Incomplete	2008-09-28	Pilot Group eTraining news_read.php id Variable SQL Injection
48728 [CLOSE] OSVDB ID : 48728 - Disclosed: 2008-09-28 Description: Unknown / Incomplete	2008-09-28	ZEELYRICS bannerclick.php adid Variable SQL Injection
48727 [CLOSE] OSVDB ID : 48727 - Disclosed: 2008-09-28 Description: Unknown / Incomplete	2008-09-28	Adult Banner Exchange Website click.php targetid Variable SQL Injection
48608 [CLOSE] OSVDB ID : 48608 - Disclosed: 2008-09-28 Description: Unknown / Incomplete	2008-09-28	Pro Chat Rooms profiles/index.php gud Variable SQL Injection
48609 [CLOSE] OSVDB ID : 48609 - Disclosed: 2008-09-28 Description: Unknown / Incomplete	2008-09-28	Pro Chat Rooms profiles/admin.php gud Variable SQL Injection
48664 [CLOSE] OSVDB ID : 48664 - Disclosed: 2008-09-28 Description: (Description Provided by CVE) : SQL injection vulnerability in default.aspx in ParsaGostar ParsaWeb CMS allows remote attackers to execute arbitrary SQL commands via the (1) id parameter in the "page" page and (2) txtSearch parameter in the "Search" page.	2008-09-28	ParsaWeb CMS default.aspx Multiple Variable SQL Injection
48628 [CLOSE] OSVDB ID : 48628 - Disclosed: 2008-09-27 Description: Unknown / Incomplete	2008-09-27	PlugSpace index.php navi Variable Traversal Local File Inclusion
48630 [CLOSE] OSVDB ID : 48630 - Disclosed: 2008-09-27 Description: Unknown / Incomplete	2008-09-27	WhoDomLite wholite.cgi dom Variable XSS
48729 [CLOSE] OSVDB ID : 48729 - Disclosed: 2008-09-27 Description: Unknown / Incomplete	2008-09-27	ASPapp Knowledge Base content_by_cat.asp catid Variable SQL Injection
48611 [CLOSE] OSVDB ID : 48611 - Disclosed: 2008-09-27 Description: Unknown / Incomplete	2008-09-27	VBGooglemap Module for vBulletin vbgooglemaphse.php mapid Variable SQL Injection
48615 [CLOSE] OSVDB ID : 48615 - Disclosed: 2008-09-27 Description: Unknown / Incomplete	2008-09-27	PHP-Lance show.php catid Variable SQL Injection
48614 [CLOSE] OSVDB ID : 48614 - Disclosed: 2008-09-27 Description: Unknown / Incomplete	2008-09-27	CoAST header.php sections_file Variable Remote File Inclusion

« Previous 1 2 3 4 5 6 7 8 9 ... 13 14 Next »

DONATE NOW!

User Status

Account
- Login
- Sign-Up

Quick Searches