| OSVDB ID | Disclosure Date | Title |
|---|
|
50788
Description:
Kerio MailServer WebMail contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the folder parameter upon submission to the mailCompose.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2008-12-16
|
Kerio MailServer WebMail mailCompose.php folder Parameter XSS
|
|
50789
Description:
Kerio MailServer WebMail contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate daytime parameter upon submission to the calendarEdit.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2008-12-16
|
Kerio MailServer WebMail calendarEdit.php daytime Parameter XSS
|
|
50790
Description:
Kerio MailServer WebMail contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate sent parameter upon submission to the error413.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2008-12-16
|
Kerio MailServer WebMail error413.php sent Parameter XSS
|
|
52905
Description:
(Description Provided by CVE) : Off-by-one error in the rfc822_output_char function in the RFC822BUFFER routines in the University of Washington (UW) c-client library, as used by the UW IMAP toolkit before imap-2007e and other applications, allows context-dependent attackers to cause a denial of service (crash) via an e-mail message that triggers a buffer overflow.
|
2008-12-16
|
UW-imapd c-client Library RFC822BUFFER Routines rfc822_output_char Function Off-by-one
|
|
50852
Description:
Unknown / Incomplete
|
2008-12-16
|
Aiyoota! CMS Unspecified SQL Injection
|
|
50780
Description:
Gnews Publisher contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the authors.asp script not properly sanitizing user-supplied input to the authorID parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-12-16
|
gNews Publisher authors.asp authorID Parameter SQL Injection
|
|
53204
Description:
(Description Provided by CVE) : Multiple buffer overflows in RealNetworks Helix Server and Helix Mobile Server 11.x before 11.1.8 and 12.x before 12.0.1 allow remote attackers to (1) cause a denial of service via three crafted RTSP SETUP commands, or execute arbitrary code via (2) an NTLM authentication request with malformed base64-encoded data, (3) an RTSP DESCRIBE command, or (4) a DataConvertBuffer request.
|
2008-12-16
|
RealNetworks Helix Server Crafted RTSP SETUP Commands Remote Overflow DoS
|
|
53205
Description:
(Description Provided by CVE) : Multiple buffer overflows in RealNetworks Helix Server and Helix Mobile Server 11.x before 11.1.8 and 12.x before 12.0.1 allow remote attackers to (1) cause a denial of service via three crafted RTSP SETUP commands, or execute arbitrary code via (2) an NTLM authentication request with malformed base64-encoded data, (3) an RTSP DESCRIBE command, or (4) a DataConvertBuffer request.
|
2008-12-16
|
RealNetworks Helix Server RTSP DESCRIBE Command Remote Overflow
|
|
53206
Description:
(Description Provided by CVE) : Multiple buffer overflows in RealNetworks Helix Server and Helix Mobile Server 11.x before 11.1.8 and 12.x before 12.0.1 allow remote attackers to (1) cause a denial of service via three crafted RTSP SETUP commands, or execute arbitrary code via (2) an NTLM authentication request with malformed base64-encoded data, (3) an RTSP DESCRIBE command, or (4) a DataConvertBuffer request.
|
2008-12-16
|
RealNetworks Helix Server NTLM Authentication Malformed Base64-encoded Data Handling Remote Overflow
|
|
53207
Description:
(Description Provided by CVE) : Multiple buffer overflows in RealNetworks Helix Server and Helix Mobile Server 11.x before 11.1.8 and 12.x before 12.0.1 allow remote attackers to (1) cause a denial of service via three crafted RTSP SETUP commands, or execute arbitrary code via (2) an NTLM authentication request with malformed base64-encoded data, (3) an RTSP DESCRIBE command, or (4) a DataConvertBuffer request.
|
2008-12-16
|
RealNetworks Helix Server DataConvertBuffer Request Remote Overflow
|
|
50715
Description:
A remote/local overflow exists in Realtek Media Player (rtlrack.exe). The media player fails to properly bounds check '.pla' files resulting in a stack-based buffer overflow. With a specially crafted file, an attacker can cause arbitrary code execution resulting in a loss of confidentiality, integrity, and/or availability.
|
2008-12-16
|
Realtek Media Player rtlrack.exe Crafted PLA File Handling Overflow
|
|
50723
Description:
Free Links Directory Script contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'lpro.php' script not properly sanitizing user-supplied input to the 'id' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-12-16
|
Free Links Directory Script lpro.php id Parameter SQL Injection
|
|
50724
Description:
Free Links Directory Script contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'report.php' script not properly sanitizing user-supplied input to the 'linkid' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-12-16
|
Free Links Directory Script report.php linkid Parameter SQL Injection
|
|
50744
Description:
(Description Provided by CVE) : Nukedit 4.9.8 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing usernames and passwords via a direct request for database/dbsite.mdb.
|
2008-12-16
|
Nukedit dbsite.mdb Direct Request Database Disclosure
|
|
50777
Description:
(Description Provided by CVE) : Multiple cross-site request forgery (CSRF) vulnerabilities in TangoCMS before 2.2.0 allow remote attackers to hijack the authentication of administrators.
|
2008-12-16
|
TangoCMS Multiple Unspecified CSRF
|
|
50818
Description:
(Description Provided by CVE) : arb-kill in arb 0.0.20071207.1 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/arb_pids_*_* temporary file.
|
2008-12-16
|
arb /tmp/arb_bugreport_[username] Temporary File Symlink Arbitrary File Overwrite
|
|
50879
Description:
(Description Provided by CVE) : RoundCube Webmail (roundcubemail) before 0.2-beta allows remote attackers to cause a denial of service (memory consumption) via crafted size parameters that are used to create a large quota image.
|
2008-12-16
|
RoundCube Webmail Crafted Quota Image Size Parameter Memory Consumption DoS
|
|
50954
Description:
(Description Provided by CVE) : The HTML parsing engine in Opera before 9.63 allows remote attackers to execute arbitrary code via crafted web pages that trigger an invalid pointer calculation and heap corruption.
|
2008-12-16
|
Opera HTML Parsing Engine Crafted Web Page Arbitrary Code Execution
|
|
51048
Description:
(Description Provided by CVE) : Joomla! 1.5.8 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.
|
2008-12-16
|
Joomla! HTTPS Session Cookie Secure Flag Weakness
|
|
51072
Description:
Faupload contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'download.php' script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-12-16
|
Faupload download.php id Parameter SQL Injection
|
|
51778
Description:
(Description Provided by CVE) : Doug Luxem Liberum Help Desk 0.97.3 stores db/helpdesk2000.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request.
|
2008-12-16
|
Liberum Help Desk db/helpdesk2000.mdb Direct Request Password Disclosure
|
|
50784
Description:
Mediatheka contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the connection.php script not properly sanitizing user-supplied input to the user parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-12-15
|
Mediatheka connection.php user Parameter SQL Injection
|
|
50938
Description:
(Description Provided by CVE) : Multiple buffer overflows in Sun Java Wireless Toolkit (WTK) for CLDC 2.5.2 and earlier allow downloaded programs to execute arbitrary code via unknown vectors.
|
2008-12-15
|
Sun Java Wireless Toolkit (WTK) for CLDC Multiple Unspecified Overflows
|
|
50821
Description:
ClickAndEmail contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the admin_loginCheck.asp script not properly sanitizing user-supplied input to the adminid and PassWord parameters. This may allow an attacker to bypass authentication.
|
2008-12-15
|
ClickAndEmail admin_loginCheck.asp Multiple Parameter SQL Injection
|
|
50822
Description:
ClickAndEmail contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the admin_dblayers.asp script not properly sanitizing user-supplied input to the ID parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-12-15
|
ClickAndEmail admin_dblayers.asp ID Parameter SQL Injection
|
|
50823
Description:
ClickAndEmail contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate tablename variables upon submission to the admin_dblayers.asp script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2008-12-15
|
ClickAndEmail admin_dblayers.asp tablename Parameter XSS
|
|
50815
Description:
Click&Rank contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the admin.asp script not properly sanitizing user-supplied input to the userid or password parameters. This may allow an attacker to bypass authentication.
|
2008-12-15
|
Click&Rank admin_login.asp Multiple Parameter SQL Injection
|
|
50817
Description:
Click&Rank contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the hitcounter.asp script not properly sanitizing user-supplied input to the id parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-12-15
|
Click&Rank hitcounter.asp id Parameter SQL Injection
|
|
50819
Description:
Click&Rank contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the user_delete.asp script not properly sanitizing user-supplied input to the id parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-12-15
|
Click&Rank user_delete.asp id Parameter SQL Injection
|
|
50816
Description:
Click&Rank contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the user_update.asp script not properly sanitizing user-supplied input to the id parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-12-15
|
Click&Rank user_update.asp id Parameter SQL Injection
|
|
50820
Description:
Click&Rank contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the action parameter upon submission to the user.asp script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2008-12-15
|
Click&Rank user.asp action Parameter XSS
|
|
51441
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in World Recipe 2.11 allow remote attackers to inject arbitrary web script or HTML via the (1) n parameter to emailrecipe.aspx, (2) id parameter to recipedetail.aspx, and the (3) catid parameter to validatefieldlength.aspx.
|
2008-12-15
|
World Recipe emailrecipe.aspx n Parameter XSS
|
|
51442
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in World Recipe 2.11 allow remote attackers to inject arbitrary web script or HTML via the (1) n parameter to emailrecipe.aspx, (2) id parameter to recipedetail.aspx, and the (3) catid parameter to validatefieldlength.aspx.
|
2008-12-15
|
World Recipe recipedetail.aspx id Parameter XSS
|
|
51443
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in World Recipe 2.11 allow remote attackers to inject arbitrary web script or HTML via the (1) n parameter to emailrecipe.aspx, (2) id parameter to recipedetail.aspx, and the (3) catid parameter to validatefieldlength.aspx.
|
2008-12-15
|
World Recipe validatefieldlength.aspx catid Parameter XSS
|
|
50890
Description:
KnowledgeTree contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate unspecified parameters upon submission to unspecified scripts. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2008-12-15
|
KnowledgeTree Multiple Unspecified XSS
|
|
50891
Description:
KnowledgeTree contains an unspecified flaw that may allow a malicious user to gain access to unauthorized privileges.
|
2008-12-15
|
KnowledgeTree DropDocuments Plugin Unspecified Privilege Escalation
|
|
51178
Description:
Unknown / Incomplete
|
2008-12-15
|
chuggnutt.com HTML to Plain Text Conversion PHP Class (class.html2text.inc) Arbitrary Code Execution
|
|
84081
Description:
Heartlab Encompass Web PACS contains a flaw that is triggered when an error occurs in SessionStart.asp. This may allow a remote attacker to bypass authentication. No further details have been provided.
|
2008-12-15
|
Heartlab Encompass Web PACS SessionStart.asp Authentication Bypass
|
|
53100
Description:
(Description Provided by CVE) : Managed Client in Apple Mac OS X before 10.5.6 sometimes misidentifies a system when installing per-host configuration settings, which allows context-dependent attackers to have an unspecified impact by leveraging unintended settings, as demonstrated by the screen saver lock setting.
|
2008-12-15
|
Apple Mac OS X Managed Client Per-host Configuration Setup Installation Unspecified Issue
|
|
50717
Description:
Injader contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'feeds.php' script not properly sanitizing user-supplied input to the 'id' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-12-15
|
Injader feeds.php id Parameter SQL Injection
|
