| OSVDB ID | Disclosure Date | Title |
|---|
|
62386
Description:
Unknown / Incomplete
|
2010-02-15
|
FTP On The Go on Apple iPhone / iPod Touch Crafted HTTP Request Handling Remote DoS
|
|
62473
Description:
Unknown / Incomplete
|
2010-02-15
|
Enomaly ECP vmfeed Update Mechanism MitM Remote Code Execution
|
|
62472
Description:
The vmfeed module, an insecure implementation of the insecure VMcasting protocol (http://www.vmcasting.org/) includes a silent update mechanism that downloads and executes Python code from Enomaly's corporate web server (http://enomaly.com/fileadmin/eggs/) over HTTP, without authentication or integrity checks. The code is triggered when the "application/python-egg" MIME type is encountered. The module also contains functionality for downloading workloads (virtual machines) from a feed which is itself retrieved over HTTP. While the VMcasting protocol (http://www.vmcasting.org/) describes a mechanism for digitally signing payloads, the mechanism is not implemented and there is no requirement to transfer feeds securely (e.g. over HTTPS). The implementation itself actively rejects URLs that do not start with "http" or "ftp" with an error. The module has the following feeds hardcoded: - Enomalism VMCasting Test Feed [http://enomalism.com/vmcast_appliances.php] - VMCasting Production Module Feed [http://enomalism.com/vmcast_modules.php]
|
2010-02-15
|
Enomaly ECP Community Edition vmfeed Module VMcasting Protcol VM Download Integrity Checking Weakness
|
|
62770
Description:
Unknown / Incomplete
|
2010-02-15
|
Twitter Module for Drupal Cleartext Authentication Credential Disclosure
|
|
91913
Description:
phpBB contains an unspecified flaw that may allow an attacker to bypass CAPTCHA testing. No further details have been provided by the researcher.
|
2010-02-15
|
phpBB Unspecified CAPTCHA Bypass Weakness
|
|
62329
Description:
JTL-Shop contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'druckansicht.php' script not properly sanitizing user-supplied input to the 's' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2010-02-14
|
JTL-Shop druckansicht.php s Parameter SQL Injection
|
|
62331
Description:
AllVideos Plugin for Joomla! contains a flaw that allows a remote attacker to traverse outside of a restricted path. The issue is due to the 'plugins/content/jw_allvideos/includes/download.php' script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied via the 'file' parameter. This directory traversal attack would allow the attacker to read arbitrary files from local resources.
|
2010-02-14
|
AllVideos Plugin for Joomla! plugins/content/jw_allvideos/includes/download.php file Parameter Traversal Arbitrary File Access
|
|
62457
Description:
Unknown / Incomplete
|
2010-02-14
|
Huawei HG510 Device Settings Manipulation CSRF
|
|
62458
Description:
Unknown / Incomplete
|
2010-02-14
|
Huawei HG510 rebootinfo.cgi Direct Request Remote DoS
|
|
62654
Description:
(Description Provided by CVE) : The default configuration of cfg.packagepages_actions_excluded in MoinMoin before 1.8.7 does not prevent unsafe package actions, which has unspecified impact and attack vectors.
|
2010-02-14
|
MoinMoin cfg.packagepages_actions_excluded Default Configuration Unspecified Issue
|
|
64827
Description:
Unknown / Incomplete
|
2010-02-14
|
Mozilla Firefox window.printer() Function Loop DoS
|
|
64828
Description:
Unknown / Incomplete
|
2010-02-14
|
Microsoft IE history go ActiveX Overflow DoS
|
|
64829
Description:
Unknown / Incomplete
|
2010-02-14
|
XOOPS system/admin/groupperm.php Unspecified Parameter XSS
|
|
64830
Description:
Unknown / Incomplete
|
2010-02-14
|
XOOPS x system/admin.php Unspecified Parameter XSS
|
|
62330
Description:
(Description Provided by CVE) : WordPress 2.9 before 2.9.2 allows remote authenticated users to read trash posts from other authors via a direct request with a modified p parameter.
|
2010-02-13
|
Wordpress Trashed Post Direct Request Access Restriction Bypass
|
|
62530
Description:
WSN Guest contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'orderlinks' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2010-02-13
|
WSN Guest index.php orderlinks Parameter SQL Injection
|
|
62531
Description:
(Description Provided by CVE) : StatCounteX 3.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for path/stats.mdb.
|
2010-02-13
|
StatCounteX path/stats.mdb Direct Request Database Disclosure
|
|
62532
Description:
ZeusCMS contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'index.php' script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'page' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.
|
2010-02-13
|
ZeusCMS index.php page Parameter Traversal Local File Inclusion
|
|
62533
Description:
ZeusCMS contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when accessing directly to admin/backup.sql, which will disclose sensitive information to a remote attacker.
|
2010-02-13
|
ZeusCMS admin/backup.sql Direct Request Database Disclosure
|
|
62899
Description:
Saskia's Shopsystem contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'content.php' script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'id' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.
|
2010-02-13
|
Saskia's Shopsystem content.php id Parameter Traversal Local File Inclusion
|
|
62288
Description:
Unknown / Incomplete
|
2010-02-12
|
RealNetworks Helix Server URI Traversal Arbitrary File Access
|
|
62297
Description:
(Description Provided by CVE) : The htcpHandleTstRequest function in htcp.c in Squid 2.x before 2.6.STABLE24 and 2.7 before 2.7.STABLE8, and htcp.cc in 3.0 before 3.0.STABLE24, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted packets to the HTCP port.
|
2010-02-12
|
Squid htcp.cc htcpHandleTstRequest Function Crafted HTCP Request NULL Dereference DoS
|
|
62294
Description:
Trade Manager contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'products.php' script not properly sanitizing user-supplied input to the 'cid' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2010-02-12
|
Trade Manager products.php cid Parameter SQL Injection
|
|
62295
Description:
Video Games Rentals Script contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'pfid' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2010-02-12
|
Video Games Rentals Script index.php pfid Parameter SQL Injection
|
|
62296
Description:
Vacation Rentals Script contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'rental_id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2010-02-12
|
Vacation Rentals Script index.php rental_id Parameter SQL Injection
|
|
62335
Description:
Unknown / Incomplete
|
2010-02-12
|
ImgBrowz0r imgbrowz0r::init() Function URI Traversal Arbitrary File Access
|
|
62382
Description:
(Description Provided by CVE) : Integer overflow in the XPMReader::ReadXPM function in filter.vcl/ixpm/svt_xpmread.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to execute arbitrary code via a crafted XPM file that triggers a heap-based buffer overflow.
|
2010-02-12
|
OpenOffice.org (OOo) filter.vcl/ixpm/svt_xpmread.cxx XPMReader::ReadXPM Function Overflow
|
|
62383
Description:
(Description Provided by CVE) : Heap-based buffer overflow in the GIFLZWDecompressor::GIFLZWDecompressor function in filter.vcl/lgif/decode.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file, related to LZW decompression.
|
2010-02-12
|
OpenOffice.org (OOo) filter.vcl/lgif/decode.cxx GIFLZWDecompressor::GIFLZWDecompressor Function Overflow
|
|
62384
Description:
(Description Provided by CVE) : Integer underflow in filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTDefTable table property modifier in a Word document.
|
2010-02-12
|
OpenOffice.org (OOo) filter/ww8/ww8par2.cxx sprmTDefTable Table Underflow
|
|
62385
Description:
(Description Provided by CVE) : filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTSetBrc table property modifier in a Word document, related to a "boundary error flaw."
|
2010-02-12
|
OpenOffice.org (OOo) filter/ww8/ww8par2.cxx sprmTSetBrc Table Boundary Error DoS
|
|
62398
Description:
(Description Provided by CVE) : OpenOffice.org (OOo) 2.0.4, 2.4.1, and 3.1.1 does not properly enforce Visual Basic for Applications (VBA) macro security settings, which allows remote attackers to run arbitrary macros via a crafted document.
|
2010-02-12
|
OpenOffice.org (OOo) VBA Security Setting Weakness Arbitrary Macro Execution
|
|
62573
Description:
BASIC-CMS contains a flaw that allows a remote cross site scripting (XSS) attack. This flaw exists because the application does not validate the 'nav_id' parameter upon submission to the 'pages/index.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2010-02-12
|
BASIC-CMS pages/index.php nav_id Parameter XSS
|
|
64621
Description:
Unknown / Incomplete
|
2010-02-12
|
Hyleos ChemViewX ActiveX Multiple Methods Remote Overflow
|
|
64885
Description:
Unknown / Incomplete
|
2010-02-12
|
CMS Made Simple index.php showtemplate Parameter XSS
|
|
64824
Description:
Unknown / Incomplete
|
2010-02-12
|
Microsoft IE Address Bar Character Conversion Spoofing Weakness
|
|
64886
Description:
Unknown / Incomplete
|
2010-02-12
|
CMS Made Simple index.php mact Parameter Encoded Traversal Arbitrary File Access
|
|
65433
Description:
Unknown / Incomplete
|
2010-02-11
|
Chip and PIN PIN Verification Weakness
|
|
62292
Description:
Multiple Adobe products and Blaze DS contains a flaw that may lead to unauthorized disclosure of potentially sensitive information. The issue is triggered when handling incoming requests and may allow a remote attacker to gain access to XML eternal entity references and injected tags.
|
2010-02-11
|
Adobe Multiple Products BlazeDS XML Request Handling Information Disclosure
|
|
62337
Description:
Unknown / Incomplete
|
2010-02-11
|
Dillo Web Browser Cookie Access Restriction Weakness Information Disclosure
|
|
79143
Description:
Unknown / Incomplete
|
2010-02-11
|
Novell eDirectory DS\NDSD Add Value SNMP Event Memory Overwrite
|
