Weekly Vulnerabilities Reports > August 25 to 31, 2008
Overview
65 new vulnerabilities reported during this period, including 8 critical vulnerabilities and 15 high severity vulnerabilities. This weekly summary report vulnerabilities in 70 products from 49 vendors including IBM, Redhat, Drupal, Microsoft, and Spacetag. Vulnerabilities are notably categorized as "Cross-site Scripting", "SQL Injection", "Permissions, Privileges, and Access Controls", "Improper Restriction of Operations within the Bounds of a Memory Buffer", and "Improper Input Validation".
- 59 reported vulnerabilities are remotely exploitables.
- 15 reported vulnerabilities have public exploit available.
- 30 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 58 reported vulnerabilities are exploitable by an anonymous user.
- IBM has the most reported vulnerabilities, with 8 reported vulnerabilities.
- Redhat has the most reported critical vulnerabilities, with 2 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
8 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2008-08-29 | CVE-2008-2928 | Redhat | Buffer Errors vulnerability in Redhat Directory Server 7.1 Multiple buffer overflows in the adminutil library in CGI applications in Red Hat Directory Server 7.1 before SP7 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted Accept-Language HTTP header. | 10.0 |
2008-08-27 | CVE-2008-3737 | Spacetag System Consultants | Code Injection vulnerability in multiple products Unspecified vulnerability in (1) System Consultants La!Cooda WIZ 1.4.0 and earlier and (2) SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to execute arbitrary PHP scripts, and delete files, read files, and possibly have unknown other impact. | 10.0 |
2008-08-27 | CVE-2008-3795 | Ipswitch | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ipswitch WS FTP Home Buffer overflow in Ipswitch WS_FTP Home client allows remote FTP servers to have an unknown impact via a long "message response." | 10.0 |
2008-08-27 | CVE-2008-2433 | Trendmicro | Use of Insufficiently Random Values vulnerability in Trendmicro products The web management console in Trend Micro OfficeScan 7.0 through 8.0, Worry-Free Business Security 5.0, and Client/Server/Messaging Suite 3.5 and 3.6 creates a random session token based only on the login time, which makes it easier for remote attackers to hijack sessions via brute-force attacks. | 9.8 |
2008-08-29 | CVE-2008-3480 | Anzio | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Anzio Print Wizard and web Print Object Stack-based buffer overflow in the Anzio Web Print Object (WePO) ActiveX control 3.2.19 and 3.2.24, as used in Anzio Print Wizard, allows remote attackers to execute arbitrary code via a long mainurl parameter. | 9.3 |
2008-08-28 | CVE-2008-3853 | IBM | Buffer Errors vulnerability in IBM DB2 Universal Database 9.1 Buffer overflow in the DAS server program in the Core DAS function component in IBM DB2 9.1 before FP4a and 9.5 before FP1 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via unspecified vectors. | 9.3 |
2008-08-27 | CVE-2008-3844 | Redhat Openbsd | Improper Input Validation vulnerability in Openbsd Openssh Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. | 9.3 |
2008-08-27 | CVE-2007-1682 | Softartisans | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Softartisans Xfile Multiple stack-based buffer overflows in the FileManager ActiveX control in SAFmgPws.dll in SoftArtisans XFile before 2.4.0 allow remote attackers to execute arbitrary code via unspecified calls to the (1) BuildPath, (2) GetDriveName, (3) DriveExists, or (4) DeleteFile method. | 9.3 |
15 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2008-08-29 | CVE-2008-3283 | Fedora Redhat | Resource Management Errors vulnerability in multiple products Multiple memory leaks in Red Hat Directory Server 7.1 before SP7, Red Hat Directory Server 8, and Fedora Directory Server 1.1.1 and earlier allow remote attackers to cause a denial of service (memory consumption) via vectors involving (1) the authentication / bind phase and (2) anonymous LDAP search requests. | 7.8 |
2008-08-29 | CVE-2008-3282 | Apache Fedoraproject | Incorrect Conversion between Numeric Types vulnerability in multiple products Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in the memory allocator in OpenOffice.org (OOo) 2.4.1, on 64-bit platforms, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted document, related to a "numeric truncation error," a different vulnerability than CVE-2008-2152. | 7.8 |
2008-08-28 | CVE-2008-3854 | IBM | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM DB2 Universal Database 9.1/9.5 Multiple stack-based buffer overflows in IBM DB2 9.1 before Fixpak 5 and 9.5 before Fixpak 1 allow remote attackers to cause a denial of service (system outage) via vectors related to (1) use of XQuery to issue statements; the (2) XMLQUERY, (3) XMLEXISTS, and (4) XMLTABLE statements; and the (5) sqlrlaka function. | 7.8 |
2008-08-29 | CVE-2008-3861 | Phpmyrealty | SQL Injection vulnerability in PHPmyrealty Multiple SQL injection vulnerabilities in phpMyRealty (PMR) 1.0.9 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in pages.php and (2) the price_max parameter in search.php. | 7.5 |
2008-08-28 | CVE-2008-3856 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM DB2 Universal Database 8/8.0/9.1 The routine infrastructure component in IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP1 on Unix and Linux does not change the ownership of the db2fmp process, which has unknown impact and attack vectors. | 7.5 |
2008-08-27 | CVE-2008-3848 | Pdesigner | SQL Injection vulnerability in Pdesigner Z-Breaknews 2.0 SQL injection vulnerability in single.php in Z-Breaknews 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2008-08-27 | CVE-2008-3845 | Craftysyntax | SQL Injection vulnerability in Craftysyntax Crafty Syntax Live Help Multiple SQL injection vulnerabilities in Crafty Syntax Live Help (CSLH) 2.14.6 and earlier allow remote attackers to execute arbitrary SQL commands via the department parameter to (1) is_xmlhttp.php and (2) is_flush.php. | 7.5 |
2008-08-27 | CVE-2008-3747 | Wordpress | Permissions, Privileges, and Access Controls vulnerability in Wordpress The (1) get_edit_post_link and (2) get_edit_comment_link functions in wp-includes/link-template.php in WordPress before 2.6.1 do not force SSL communication in the intended situations, which might allow remote attackers to gain administrative access by sniffing the network for a cookie. | 7.5 |
2008-08-26 | CVE-2008-3787 | Nullscripts | SQL Injection vulnerability in Nullscripts web Directory Script SQL injection vulnerability in listing_view.php in Web Directory Script 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the name parameter. | 7.5 |
2008-08-26 | CVE-2008-3785 | Miacms | SQL Injection vulnerability in Miacms 4.6.5 Multiple SQL injection vulnerabilities in the com_content component in MiaCMS 4.6.5 allow remote attackers to execute arbitrary SQL commands via the id parameter in a (1) view, (2) category, or (3) blogsection action to index.php. | 7.5 |
2008-08-26 | CVE-2008-3784 | Btitracker Project Xbtitracker Project | SQL Injection vulnerability in multiple products SQL injection vulnerability in scrape.php in BtiTracker 1.4.7 and earlier and xBtiTracker 2.0.542 and earlier allows remote attackers to execute arbitrary SQL commands via the info_hash parameter. | 7.5 |
2008-08-26 | CVE-2008-3780 | Review Script | SQL Injection vulnerability in Review-Script Five Star Review Script SQL injection vulnerability in recommend.php in Five Star Review Script allows remote attackers to execute arbitrary SQL commands via the item_id parameter. | 7.5 |
2008-08-25 | CVE-2008-3778 | Avaya | Permissions, Privileges, and Access Controls vulnerability in Avaya Communication Manager and SIP Enablement Services The remote management interface in SIP Enablement Services (SES) Server in Avaya SIP Enablement Services 5.0, and Communication Manager (CM) 5.0 on the S8300C with SES enabled, proceeds with Core router updates even when a login is invalid, which allows remote attackers to cause a denial of service (messaging outage) or gain privileges via an update request. | 7.5 |
2008-08-27 | CVE-2008-3838 | SUN | Improper Input Validation vulnerability in SUN Opensolaris and Solaris Unspecified vulnerability in the NFS Remote Procedure Calls (RPC) zones implementation in Sun Solaris 10 and OpenSolaris before snv_88 allows local administrators of non-global zones to read and modify NFS traffic for arbitrary non-global zones, possibly leading to file modifications or a denial of service. | 7.2 |
2008-08-29 | CVE-2008-2930 | Fedora Redhat | Resource Management Errors vulnerability in multiple products Red Hat Directory Server 7.1 before SP7, Red Hat Directory Server 8, and Fedora Directory Server 1.1.1 allow remote attackers to cause a denial of service (CPU consumption and search outage) via crafted LDAP search requests with patterns, related to a single-threaded regular-expression subsystem. | 7.1 |
38 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2008-08-27 | CVE-2008-3738 | Spacetag | Improper Authentication vulnerability in Spacetag Lacoodast Session fixation vulnerability in SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to hijack web sessions via unspecified vectors. | 6.8 |
2008-08-27 | CVE-2008-2327 | Libtiff | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Libtiff Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code. | 6.8 |
2008-08-26 | CVE-2008-3794 | Videolan | Numeric Errors vulnerability in Videolan VLC Media Player 0.8.6I Integer signedness error in the mms_ReceiveCommand function in modules/access/mms/mmstu.c in VLC Media Player 0.8.6i allows remote attackers to execute arbitrary code via a crafted mmst link with a negative size value, which bypasses a size check and triggers an integer overflow followed by a heap-based buffer overflow. | 6.8 |
2008-08-26 | CVE-2008-3788 | Picturespro | SQL Injection vulnerability in Picturespro Photo Cart 3.9 Multiple SQL injection vulnerabilities in PICTURESPRO Photo Cart 3.9, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) qtitle, (2) qid, and (3) qyear parameters to (a) search.php, and the (4) email and (5) password parameters to (b) _login.php. | 6.8 |
2008-08-26 | CVE-2008-3783 | Matterdaddy | SQL Injection vulnerability in Matterdaddy Market 1.1 Multiple SQL injection vulnerabilities in index.php in Matterdaddy Market 1.1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) category and (2) type parameters. | 6.8 |
2008-08-28 | CVE-2008-3852 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM DB2 Universal Database 9.1/9.5 Unspecified vulnerability in the CLR stored procedure deployment from IBM Database Add-Ins for Visual Studio in the Visual Studio Net component in IBM DB2 9.1 before Fixpak 5 and 9.5 before Fixpak 2 allows remote authenticated users to execute arbitrary code via unknown vectors. | 6.5 |
2008-08-27 | CVE-2008-3281 | Xmlsoft Apple Fedoraproject Canonical Debian Redhat Vmware | XML Entity Expansion vulnerability in multiple products libxml2 2.6.32 and earlier does not properly detect recursion during entity expansion in an attribute value, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document. | 6.5 |
2008-08-27 | CVE-2008-3742 | Drupal | Permissions, Privileges, and Access Controls vulnerability in Drupal Unrestricted file upload vulnerability in the BlogAPI module in Drupal 5.x before 5.10 and 6.x before 6.4 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, which is not validated. | 6.5 |
2008-08-27 | CVE-2008-3736 | Spacetag System Consultants | Cross-Site Request Forgery (CSRF) vulnerability in multiple products Multiple cross-site request forgery (CSRF) vulnerabilities in (1) System Consultants La!Cooda WIZ 1.4.0 and earlier and (2) SpaceTag LacoodaST 2.1.3 and earlier allow remote attackers to hijack the authentication of arbitrary users for requests that (a) change passwords or (b) change configurations. | 6.0 |
2008-08-27 | CVE-2008-3744 | Drupal | Cross-Site Request Forgery (CSRF) vulnerability in Drupal Multiple cross-site request forgery (CSRF) vulnerabilities in Drupal 5.x before 5.10 and 6.x before 6.4 allow remote attackers to hijack the authentication of administrators for requests that (1) add or (2) delete user access rules. | 5.8 |
2008-08-27 | CVE-2008-3743 | Drupal | Cross-Site Request Forgery (CSRF) vulnerability in Drupal Multiple cross-site request forgery (CSRF) vulnerabilities in forms in Drupal 6.x before 6.4 allow remote attackers to perform unspecified actions via unknown vectors, related to improper token validation for (1) cached forms and (2) forms with AHAH elements. | 5.8 |
2008-08-27 | CVE-2008-3745 | Drupal | Permissions, Privileges, and Access Controls vulnerability in Drupal and Upload Module The Upload module in Drupal 6.x before 6.4 allows remote authenticated users to edit nodes, delete files, and download unauthorized attachments via unspecified vectors. | 5.5 |
2008-08-29 | CVE-2008-3859 | Davlin | Credentials Management vulnerability in Davlin Thickbox Gallery 2 Davlin Thickbox Gallery 2 allows remote attackers to obtain the administrative username and MD5 password hash via a direct request to conf/admins.php. | 5.0 |
2008-08-27 | CVE-2008-3851 | Microsoft Pluck | Path Traversal vulnerability in Pluck 4.5.2 Multiple directory traversal vulnerabilities in Pluck CMS 4.5.2 on Windows allow remote attackers to include and execute arbitrary local files via a ..\ (dot dot backslash) in the (1) blogpost, (2) cat, and (3) file parameters to data/inc/themes/predefined_variables.php, as reachable through index.php; and the (4) blogpost and (5) cat parameters to data/inc/blog_include_react.php, as reachable through index.php. | 5.0 |
2008-08-27 | CVE-2008-3840 | Craftysyntax | Credentials Management vulnerability in Craftysyntax Crafty Syntax Live Help Crafty Syntax Live Help (CSLH) 2.14.6 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information. | 5.0 |
2008-08-27 | CVE-2008-3790 | Ruby Lang | Improper Input Validation vulnerability in Ruby-Lang Ruby 1.8.6/1.8.7/1.9 The REXML module in Ruby 1.8.6 through 1.8.6-p287, 1.8.7 through 1.8.7-p72, and 1.9 allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML document with recursively nested entities, aka an "XML entity explosion." | 5.0 |
2008-08-27 | CVE-2008-3796 | Swfdec | Improper Input Validation vulnerability in Swfdec Swfdec 0.6 before 0.6.8 allows remote attackers to cause a denial of service (application crash) via a 1x1 JPEG image. | 5.0 |
2008-08-25 | CVE-2008-3776 | Fujitsu | Path Traversal vulnerability in Fujitsu web Based Admin View 2.1.2 Directory traversal vulnerability in Fujitsu Web-Based Admin View 2.1.2 allows remote attackers to read arbitrary files via a .. | 5.0 |
2008-08-27 | CVE-2008-3839 | SUN | Local Denial of Service vulnerability in SUN Opensolaris and Solaris Unspecified vulnerability in the NFS module in the kernel in Sun Solaris 10 and OpenSolaris snv_59 through snv_87, when configured as an NFS server without the nodevices option, allows local users to cause a denial of service (panic) via unspecified vectors. | 4.7 |
2008-08-28 | CVE-2008-3857 | IBM | Information Exposure vulnerability in IBM DB2 Universal Database 9.1 The Base Service Utilities component in IBM DB2 9.1 before Fixpak 5 retains a cleartext password in memory after the database connection that sent the password is fully established, which might allow local users to obtain sensitive information by reading a memory dump. | 4.6 |
2008-08-28 | CVE-2008-3855 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM DB2 Universal Database 9.1 Unspecified vulnerability in the DB2 Administration Server (DAS) in the Core DAS function component in IBM DB2 9.1 before Fixpak 5 allows local users to gain privileges, aka a "FILE CREATION VULNERABILITY." NOTE: this may be the same as CVE-2007-5664. | 4.6 |
2008-08-29 | CVE-2008-2929 | Fedora Redhat | Cross-Site Scripting vulnerability in multiple products Multiple cross-site scripting (XSS) vulnerabilities in the adminutil library in the Directory Server Administration Express and Directory Server Gateway (DSGW) web interface in Red Hat Directory Server 7.1 before SP7 and 8 EL4 and EL5, and Fedora Directory Server, allow remote attackers to inject arbitrary web script or HTML via input values that use % (percent) escaping. | 4.3 |
2008-08-29 | CVE-2008-3873 | Adobe | Unspecified vulnerability in Adobe Flash Player The System.setClipboard method in ActionScript in Adobe Flash Player 9.0.124.0 and earlier allows remote attackers to populate the clipboard with a URL that is difficult to delete and does not require user interaction to populate the clipboard, as exploited in the wild in August 2008. | 4.3 |
2008-08-29 | CVE-2008-3860 | IBM Microsoft | Cross-Site Scripting vulnerability in IBM Lotus Quickr 8.1 Multiple cross-site scripting (XSS) vulnerabilities (1) in the WYSIWYG editors, (2) during local group creation, (3) during HTML redirects, (4) in the HTML import, (5) in the Rich text editor, and (6) in link-page in IBM Lotus Quickr 8.1 services for Lotus Domino before Hotfix 15 allow remote attackers to inject arbitrary web script or HTML via unknown vectors, including (7) the Imported Page. | 4.3 |
2008-08-28 | CVE-2008-3858 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM DB2 Universal Database 9.1 The Downlevel DB2RA Support component in IBM DB2 9.1 before Fixpak 4a allows remote attackers to cause a denial of service (instance crash) via a crafted CONNECT data stream that simulates a V7 client connect request. | 4.3 |
2008-08-27 | CVE-2008-3850 | Accellion | Cross-Site Scripting vulnerability in Accellion Secure File Transfer Appliance 70135 Cross-site scripting (XSS) vulnerability in Accellion File Transfer FTA_7_0_135 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to courier/forgot_password.html. | 4.3 |
2008-08-27 | CVE-2008-3849 | Civic CMS | Cross-Site Scripting vulnerability in Civic-Cms Cross-site scripting (XSS) vulnerability in the calendar controller in Civic Website Manager before 1.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, probably involving (1) month, (2) day, and (3) year fields. | 4.3 |
2008-08-27 | CVE-2008-3847 | Aguestbook | Cross-Site Scripting vulnerability in Aguestbook AN Guestbook Multiple cross-site scripting (XSS) vulnerabilities in AN Guestbook (ANG) before 0.7.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2008-08-27 | CVE-2008-3846 | Aquagardensoft | Cross-Site Scripting vulnerability in Aquagardensoft Mysql-Lists Cross-site scripting (XSS) vulnerability in mysql-lists 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2008-08-27 | CVE-2008-3843 | Microsoft | Cross-Site Scripting vulnerability in Microsoft .Net Framework 1.0/1.1/2.0 Request Validation (aka the ValidateRequest filters) in ASP.NET in Microsoft .NET Framework with the MS07-040 update does not properly detect dangerous client input, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated by a query string containing a "<~/" (less-than tilde slash) sequence followed by a crafted STYLE element. | 4.3 |
2008-08-27 | CVE-2008-3842 | Microsoft | Cross-Site Scripting vulnerability in Microsoft .Net Framework 1.0/1.1/2.0 Request Validation (aka the ValidateRequest filters) in ASP.NET in Microsoft .NET Framework without the MS07-040 update does not properly detect dangerous client input, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated by a query string containing a "</" (less-than slash) sequence. | 4.3 |
2008-08-27 | CVE-2008-3841 | Openfreeway | Cross-Site Scripting vulnerability in Openfreeway Freeway 1.4.1.171 Cross-site scripting (XSS) vulnerability in admin/search_links.php in Freeway eCommerce 1.4.1.171 allows remote attackers to inject arbitrary web script or HTML via the search_link parameter. | 4.3 |
2008-08-27 | CVE-2008-3739 | Spacetag System Consultants | Cross-Site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in (1) System Consultants La!Cooda WIZ 1.4.0 and earlier and (2) SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly involving upload of files containing XSS sequences. | 4.3 |
2008-08-27 | CVE-2008-3746 | Webdav | Denial Of Service vulnerability in Webdav Neon 0.28.0/0.28.1/0.28.2 neon 0.28.0 through 0.28.2 allows remote servers to cause a denial of service (NULL pointer dereference and crash) via vectors related to Digest authentication, Digest domain parameter support, and the parse_domain function. | 4.3 |
2008-08-27 | CVE-2008-3740 | Drupal | Cross-Site Scripting vulnerability in Drupal Cross-site scripting (XSS) vulnerability in the output filter in Drupal 5.x before 5.10 and 6.x before 6.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2008-08-26 | CVE-2008-3786 | Picturespro | Cross-Site Scripting vulnerability in Picturespro Photo Cart 3.9 Cross-site scripting (XSS) vulnerability in index.php in PICTURESPRO Photo Cart 3.9 allows remote attackers to inject arbitrary web script or HTML via the qtitle parameter (aka "Gallery or event name" field) in a search action. | 4.3 |
2008-08-26 | CVE-2008-3781 | Gmod | Cross-Site Scripting vulnerability in Gmod Gbrowse Cross-site scripting (XSS) vulnerability in GMOD GBrowse before 1.69 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2008-08-26 | CVE-2008-3779 | Review Script | Cross-Site Scripting vulnerability in Review-Script Five Star Review Script Cross-site scripting (XSS) vulnerability in search/index.php in Five Star Review Script allows remote attackers to inject arbitrary web script or HTML via the words parameter in a search action. | 4.3 |
4 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2008-08-29 | CVE-2008-3874 | Lussumo | Cross-Site Scripting vulnerability in Lussumo Vanilla Cross-site scripting (XSS) vulnerability in account.php in Lussumo Vanilla 1.1.5-rc1, 1.1.4, and earlier allows remote authenticated users to inject arbitrary web script or HTML via the Value field (aka Label ==> Value pairs). | 3.5 |
2008-08-27 | CVE-2008-3741 | Drupal | Cross-Site Scripting vulnerability in Drupal The private filesystem in Drupal 5.x before 5.10 and 6.x before 6.4 trusts the MIME type sent by a web browser, which allows remote authenticated users to conduct cross-site scripting (XSS) attacks by uploading files containing arbitrary web script or HTML. | 3.5 |
2008-08-26 | CVE-2008-3782 | Discountedscripts | Cross-Site Scripting vulnerability in Discountedscripts ACG PTP 1.0.6 Multiple cross-site scripting (XSS) vulnerabilities in admin/index.php in ACG-PTP 1.0.6 allow remote authenticated administrators to inject arbitrary web script or HTML via the (1) Category name field under Advertisement Packages, the (2) Reason field under Credit/Debit Users, and the (3) FAQ question and (4) FAQ answer fields under Add New FAQ Entry. | 3.5 |
2008-08-25 | CVE-2008-3777 | Avaya | Information Exposure vulnerability in Avaya Communication Manager and SIP Enablement Services The SIP Enablement Services (SES) Server in Avaya SIP Enablement Services 5.0, and Communication Manager (CM) 5.0 on the S8300C with SES enabled, writes account names and passwords to the (1) alarm and (2) system logs during failed login attempts, which allows local users to obtain login credentials by reading these logs. | 2.1 |