| OSVDB ID | Disclosure Date | Title |
|---|
|
55387
Description:
(Description Provided by CVE) : import_wbb1.php in Unclassified NewsBoard (UNB) 1.6.4 allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message.
|
2009-05-31
|
Unclassified NewsBoard (UNB) import_wbb1.php Direct Request Error Message Path Disclosure
|
|
55388
Description:
(Description Provided by CVE) : Multiple directory traversal vulnerabilities in forum.php in Unclassified NewsBoard (UNB) 1.6.4, when register_globals is enabled and magic_quotes_gpc is disabled, allow remote attackers to (1) read arbitrary recently-modified files via a .. (dot dot) in the GLOBALS[filename] parameter or (2) include and execute arbitrary local files via a .. (dot dot) in the GLOBALS[UTE][__tplCollection][a][file] parameter.
|
2009-05-31
|
Unclassified NewsBoard (UNB) forum.php GLOBALS[filename] Parameter Traversal Arbitrary File Access
|
|
55389
Description:
(Description Provided by CVE) : Multiple directory traversal vulnerabilities in forum.php in Unclassified NewsBoard (UNB) 1.6.4, when register_globals is enabled and magic_quotes_gpc is disabled, allow remote attackers to (1) read arbitrary recently-modified files via a .. (dot dot) in the GLOBALS[filename] parameter or (2) include and execute arbitrary local files via a .. (dot dot) in the GLOBALS[UTE][__tplCollection][a][file] parameter.
|
2009-05-31
|
Unclassified NewsBoard (UNB) forum.php GLOBALS[UTE][__tplCollection] Parameter Traversal Local File Inclusion
|
|
55390
Description:
Unclassified NewsBoard (UNB) contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the forum.php script not properly sanitizing user-supplied input to the 'Query' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2009-05-31
|
Unclassified NewsBoard (UNB) forum.php Query Parameter SQL Injection
|
|
61689
Description:
(Description Provided by CVE) : Unspecified vulnerability in posting.php in phpBB before 3.0.5 has unknown impact and attack vectors related to the use of a "forum id" in circumstances related to a "global announcement."
|
2009-05-31
|
phpBB forum.php Forum ID Access Restriction Bypass
|
|
72681
Description:
Unknown / Incomplete
|
2009-05-31
|
Mozilla Firefox Space Saturation URL Spoofing
|
|
54829
Description:
OCS Inventory NG contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the download.php script not properly sanitizing user-supplied input to the 'N', 'DL', 'O', and 'V' parameters. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2009-05-30
|
OCS Inventory NG download.php Multiple Parameter SQL Injection
|
|
54830
Description:
OCS Inventory NG contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'group_show.php' script not properly sanitizing user-supplied input to the 'systemid' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2009-05-30
|
OCS Inventory NG group_show.php systemid Parameter SQL Injection
|
|
54893
Description:
(Description Provided by CVE) : Stack-based buffer overflow in the URL Search Hook (ICQToolBar.dll) in ICQ 6.5 allows remote attackers to cause a denial of service (persistent crash) and possibly execute arbitrary code via an Internet shortcut .URL file containing a long URL parameter, which triggers a crash when browsing a folder that contains this file.
|
2009-05-30
|
ICQ URL Search Hook (ICQToolBar.dll) URL File Handling Overflow
|
|
62021
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in Basic Analysis and Security Engine (BASE), possibly 1.4.4 and earlier, allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) admin/base_roleadmin.php, (2) admin/base_useradmin.php, (3) base_conf_contents.php, (4) base_qry_sqlcalls.php, and (5) base_ag_main.php.
|
2009-05-30
|
Basic Analysis And Security Engine (BASE) /admin/base_useradmin.php Full Name Field XSS
|
|
62022
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in Basic Analysis and Security Engine (BASE), possibly 1.4.4 and earlier, allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) admin/base_roleadmin.php, (2) admin/base_useradmin.php, (3) base_conf_contents.php, (4) base_qry_sqlcalls.php, and (5) base_ag_main.php.
|
2009-05-30
|
Basic Analysis And Security Engine (BASE) base_ag_main.php Name Field XSS
|
|
62023
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in Basic Analysis and Security Engine (BASE), possibly 1.4.4 and earlier, allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) admin/base_roleadmin.php, (2) admin/base_useradmin.php, (3) base_conf_contents.php, (4) base_qry_sqlcalls.php, and (5) base_ag_main.php.
|
2009-05-30
|
Basic Analysis And Security Engine (BASE) /admin/base_roleadmin.php Description Field XSS
|
|
64451
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in Basic Analysis and Security Engine (BASE), possibly 1.4.4 and earlier, allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) admin/base_roleadmin.php, (2) admin/base_useradmin.php, (3) base_conf_contents.php, (4) base_qry_sqlcalls.php, and (5) base_ag_main.php.
|
2009-05-30
|
Basic Analysis And Security Engine (BASE) base_conf_contents.php Unspecified Parameter XSS
|
|
64452
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in Basic Analysis and Security Engine (BASE), possibly 1.4.4 and earlier, allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) admin/base_roleadmin.php, (2) admin/base_useradmin.php, (3) base_conf_contents.php, (4) base_qry_sqlcalls.php, and (5) base_ag_main.php.
|
2009-05-30
|
Basic Analysis And Security Engine (BASE) base_qry_sqlcalls.php Unspecified XSS
|
|
58146
Description:
Unknown / Incomplete
|
2009-05-29
|
Advanced Encryption Standard (AES-196 / AES-256) Algorithm Related-key Boomerang Attack Weakness
|
|
55078
Description:
Unknown / Incomplete
|
2009-05-29
|
IBM WebSphere Application Server (WAS) Security Component LTPA Token Timeout Policy Bypass
|
|
55061
Description:
(Description Provided by CVE) : Buffer overflow in the queue manager in IBM WebSphere MQ 6.x before 6.0.2.7 and 7.x before 7.0.1.0 allows remote attackers to execute arbitrary code via a crafted request.
|
2009-05-29
|
IBM WebSphere MQ Queue Manager Crafted Request Remote Overflow
|
|
55781
Description:
(Description Provided by CVE) : Heap-based buffer overflow in the decoder_create function in the initialization functionality in xvidcore/src/decoder.c in Xvid before 1.2.2, as used by Windows Media Player and other applications, allows remote attackers to execute arbitrary code via vectors involving the DirectShow (aka DShow) frontend and improper handling of the XVID_ERR_MEMORY return code during processing of a crafted movie file. NOTE: some of these details are obtained from third party information.
|
2009-05-29
|
Xvid xvidcore/src/decoder.c decoder_create Function Movie File Handling Overflow
|
|
54781
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in MT312 REP-BBS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) model.php and (2) config.php with timestamps before 20090521.
|
2009-05-29
|
REP-BBS Unspecified XSS
|
|
54782
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in MT312 IMG-BBS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to model.php with a timestamp before 20090521.
|
2009-05-29
|
IMG-BBS Unspecified XSS
|
|
54809
Description:
Traidnt Up contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the uploadcp/index.php script not properly sanitizing user-supplied input to the 'trupuser' and 'truppassword' cookies. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2009-05-29
|
Traidnt Up uploadcp/index.php Multiple Parameter SQL Injection
|
|
54811
Description:
(Description Provided by CVE) : Multiple SQL injection vulnerabilities in admin/aclass/admin_func.php in Arab Portal 2.2 allow remote attackers to execute arbitrary SQL commands via the (1) X-Forwarded-For or (2) Client-IP HTTP header in a request to the default URI under admin/.
|
2009-05-29
|
Arab Portal admin/index.php Multiple Header SQL Injection
|
|
54812
Description:
AIMP version 2.51 build 330 suffers from a stack based buffer overflow vulnerability that can be exploited via malicious media file that supports ID3 tags (mp3). EIP and ECX registers gets overwritten, including the SE handler and the pointer to the next SEH record. The issue is trigered by playing the file (crashes within 5 seconds) or by viewing the file's metadata or by pressing the F4 key and selecting the ID3v1 or ID3v2 tab.
|
2009-05-29
|
AIMP MP3 ID3 Tag Handling Overflow
|
|
54824
Description:
ZeusCart contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'maincatid' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2009-05-29
|
ZeusCart index.php maincatid Parameter SQL Injection
|
|
54851
Description:
(Description Provided by CVE) : Unspecified vulnerability in the Finnish Bank Payment module 2.2 for osCommerce has unknown impact and attack vectors related to bank charges.
|
2009-05-29
|
Luottokunta Module for osCommerce Order Processing Security Restriction Bypass
|
|
54881
Description:
SonicWALL SSL-VPN 200, 2000 and 4000 appliances contain a flaw that may allow a malicious user to inject format string specifiers. The issue is triggered when manipulating the 'err' parameter of the /cgi-bin/welcome/VirtualOffice CGI. It is possible that the flaw may allow aribtrary memory read and write operations, resulting in a loss of integrity.
|
2009-05-29
|
SonicWALL SSL-VPN cgi-bin/welcome/VirtualOffice err Parameter Remote Format String
|
|
54917
Description:
(Description Provided by CVE) : The inode double locking code in fs/ocfs2/file.c in the Linux kernel 2.6.30 before 2.6.30-rc3, 2.6.27 before 2.6.27.24, 2.6.29 before 2.6.29.4, and possibly other versions down to 2.6.19 allows local users to cause a denial of service (prevention of file creation and removal) via a series of splice system calls that trigger a deadlock between the generic_file_splice_write, splice_from_pipe, and ocfs2_file_splice_write functions.
|
2009-05-29
|
Linux Kernel fs/ocfs2/file.c Inode Double Locking Code Splice System Calls Local DoS
|
|
55102
Description:
(Description Provided by CVE) : Unspecified vulnerability in the Luottokunta module before 1.3 for osCommerce has unknown impact and attack vectors related to orders.
|
2009-05-29
|
Luottokunta Module for osCommerce Unspecified Orders Issue
|
|
56590
Description:
Zen Help Desk contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the admin.asp script not properly sanitizing user-supplied input to the 'userid' and 'PassWord' parameters. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2009-05-29
|
Zen Help Desk admin.asp Multiple Parameter SQL Injection Authentication Bypass
|
|
56600
Description:
(Description Provided by CVE) : Multiple directory traversal vulnerabilities in view.php in Webboard 2.90 beta and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the topic parameter.
|
2009-05-29
|
Webboard view.php topic Parameter Traversal Arbitrary File Access
|
|
58415
Description:
Adobe Acrobat contains a flaw that may allow a remote denial of service. The issue is triggered when Acrobat opens a PDF file with a large number of "[" (square bracket) characters to the alert method, and will result in loss of availability for the service.
|
2009-05-29
|
Adobe Acrobat Alert Method Square Bracket Character DoS
|
|
60787
Description:
Million Dollar Text Links contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'admin.link.modify.php' script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2009-05-29
|
Million Dollar Text Links admin.link.modify.php id Parameter SQL Injection
|
|
61572
Description:
Unknown / Incomplete
|
2009-05-29
|
Avira AntiVir Antivirus Embedded Archive Handling Scan Bypass
|
|
64448
Description:
(Description Provided by CVE) : Heap-based buffer overflow in the SonicMediaPlayer ActiveX control in SonicMediaPlayer.dll in Roxio CinePlayer 3.2 allows remote attackers to execute arbitrary code via a long argument to the DiskType method. NOTE: this might overlap CVE-2007-1559.
|
2009-05-29
|
Roxio CinePlayer SonicMediaPlayer.dll SonicMediaPlayer ActiveX DiskType Method Overflow
|
|
66477
Description:
JVideo! Component for Joomla! contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'user_id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2009-05-29
|
JVideo! Component for Joomla! index.php user_id Parameter SQL Injection
|
|
55588
Description:
(Description Provided by CVE) : The OSCAR protocol implementation in Pidgin before 2.5.8 misinterprets the ICQWebMessage message type as the ICQSMS message type, which allows remote attackers to cause a denial of service (application crash) via a crafted ICQ web message that triggers allocation of a large amount of memory.
|
2009-05-28
|
Pidgin OSCAR Protocol Implementation Crafted ICQWebMessage Remote DoS
|
|
59000
Description:
Unknown / Incomplete
|
2009-05-28
|
Apache CXF Unsigned Message Policy Bypass
|
|
56275
Description:
(Description Provided by CVE) : The (1) htk_read_header, (2) alaw_init, (3) ulaw_init, (4) pcm_init, (5) float32_init, and (6) sds_read_header functions in libsndfile 1.0.20 allow context-dependent attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted audio file.
|
2009-05-28
|
libsndfile Audio Data Handling Multiple Function Divide by Zero DoS
|
|
54773
Description:
Simple Machines Forum contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application uses the incorrect MIME type 'image/bmp'. The unknown header triggers MIME sniffing in Internet Explorer, allowing an image to be falsely identified as text/html. This could allow a user to create a specially crafted image that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2009-05-28
|
Simple Machines Forum (SMF) Incorrect MIME type image/bmp XSS
|
|
54914
Description:
DB2 contains an unspecified error. If LDAP-based authentication is used and the LDAP server allows anonymous binds, this flaw can be exploited to connect to DB2 databases without a valid password. No further details have been provided.
|
2009-05-28
|
IBM DB2 Universal Database Common Code Infrastructure Component LDAP Password Authentication Bypass
|
