Weekly Vulnerabilities Reports > February 2 to 8, 2009
Overview
150 new vulnerabilities reported during this period, including 21 critical vulnerabilities and 59 high severity vulnerabilities. This weekly summary report vulnerabilities in 171 products from 99 vendors including Joomla, Goahead, Cisco, HP, and Mozilla. Vulnerabilities are notably categorized as "SQL Injection", "Cross-site Scripting", "Permissions, Privileges, and Access Controls", "Improper Input Validation", and "Improper Restriction of Operations within the Bounds of a Memory Buffer".
- 141 reported vulnerabilities are remotely exploitables.
- 63 reported vulnerabilities have public exploit available.
- 77 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 145 reported vulnerabilities are exploitable by an anonymous user.
- Joomla has the most reported vulnerabilities, with 10 reported vulnerabilities.
- Gstreamer has the most reported critical vulnerabilities, with 4 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
21 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2009-02-08 | CVE-2008-4562 | HP | Buffer Errors vulnerability in HP Openview Network Node Manager 7.0.1/7.51/7.53 Buffer overflow in the ovlaunch CGI program in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 on Windows allows remote attackers to execute arbitrary code via a crafted Host parameter. | 10.0 |
2009-02-08 | CVE-2008-4559 | HP | Improper Input Validation vulnerability in HP Openview Network Node Manager 7.0.1/7.51/7.53 HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via shell metacharacters in argument fields to the (1) webappmon.exe or (2) OpenView5.exe CGI program. | 10.0 |
2009-02-06 | CVE-2008-6079 | Enlightenment | Multiple Unspecified vulnerability in 'imlib2' Library imlib2 before 1.4.2 allows context-dependent attackers to have an unspecified impact via a crafted (1) ARGB, (2) BMP, (3) JPEG, (4) LBM, (5) PNM, (6) TGA, or (7) XPM file, related to "several heap and stack based buffer overflows - partly due to integer overflows." | 10.0 |
2009-02-04 | CVE-2009-0388 | Tightvnc Ultravnc | Numeric Errors vulnerability in multiple products Multiple integer signedness errors in (1) UltraVNC 1.0.2 and 1.0.5 and (2) TightVnc 1.3.9 allow remote VNC servers to cause a denial of service (heap corruption and application crash) or possibly execute arbitrary code via a large length value in a message, related to the (a) ClientConnection::CheckBufferSize and (b) ClientConnection::CheckFileZipBufferSize functions in ClientConnection.cpp. | 10.0 |
2009-02-04 | CVE-2009-0353 | Mozilla | Resource Management Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Unspecified vulnerability in Mozilla Firefox 3.x before 3.0.6, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the JavaScript engine. | 10.0 |
2009-02-04 | CVE-2009-0352 | Mozilla | Resource Management Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.6, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the layout engine and destruction of arbitrary layout objects by the nsViewManager::Composite function. | 10.0 |
2009-02-03 | CVE-2009-0414 | TOR | Resource Management Errors vulnerability in TOR Unspecified vulnerability in Tor before 0.2.0.33 has unspecified impact and remote attack vectors that trigger heap corruption. | 10.0 |
2009-02-03 | CVE-2009-0410 | Novell | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Groupwise Off-by-one error in the SMTP daemon in GroupWise Internet Agent (GWIA) in Novell GroupWise 6.5x, 7.0, 7.01, 7.02, 7.03, 7.03HP1a, and 8.0 allows remote attackers to execute arbitrary code via a long e-mail address in a malformed RCPT command, leading to a buffer overflow. | 10.0 |
2009-02-03 | CVE-2009-0183 | Free Download Manager | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Free Download Manager Free Download Manager 2.5/3.0 Stack-based buffer overflow in Remote Control Server in Free Download Manager (FDM) 2.5 Build 758 and 3.0 Build 844 allows remote attackers to execute arbitrary code via a long Authorization header in an HTTP request. | 10.0 |
2009-02-02 | CVE-2008-6021 | Attachmate | Security vulnerability in Attachmate Reflection for Secure IT 7.0 Multiple unspecified vulnerabilities in Attachmate Reflection for Secure IT UNIX Client and Server before 7.0 SP1 have unknown impact and attack vectors, aka "security vulnerabilities found by 3rd party analysis." | 10.0 |
2009-02-08 | CVE-2009-0476 | Multimediasoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Multimediasoft products Stack-based buffer overflow in MultiMedia Soft AdjMmsEng.dll 7.11.1.0 and 7.11.2.7, as distributed in multiple MultiMedia Soft audio components for .NET, allows remote attackers to execute arbitrary code via a long string in a playlist (.pls) file, as originally reported for Euphonics Audio Player 1.0. | 9.3 |
2009-02-08 | CVE-2009-0376 | Realnetworks | Buffer Errors vulnerability in Realnetworks Realplayer 11 Heap-based buffer overflow in a DLL file in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to execute arbitrary code via a crafted Internet Video Recording (IVR) file with a modified field that controls an unspecified structure length and triggers heap corruption, related to use of RealPlayer through a Windows Explorer plugin. | 9.3 |
2009-02-08 | CVE-2009-0375 | Realnetworks | Code Injection vulnerability in Realnetworks Realplayer 11 Buffer overflow in a DLL file in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to execute arbitrary code via a crafted Internet Video Recording (IVR) file with a filename length field containing a large integer, which triggers overwrite of an arbitrary memory location with a 0x00 byte value, related to use of RealPlayer through a Windows Explorer plugin. | 9.3 |
2009-02-04 | CVE-2009-0418 | HP | Improper Input Validation vulnerability in HP Hp-Ux B.11.11/B.11.23/B.11.31 The IPv6 Neighbor Discovery Protocol (NDP) implementation in HP HP-UX B.11.11, B.11.23, and B.11.31 does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity), read private network traffic, and possibly execute arbitrary code via a spoofed message that modifies the Forward Information Base (FIB), a related issue to CVE-2008-2476. | 9.3 |
2009-02-03 | CVE-2009-0184 | Free Download Manager | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Free Download Manager Free Download Manager 2.5/3.0 Multiple buffer overflows in the torrent parsing implementation in Free Download Manager (FDM) 2.5 Build 758 and 3.0 Build 844 allow remote attackers to execute arbitrary code via (1) a long file name within a torrent file, (2) a long tracker URL in a torrent file, or (3) a long comment in a torrent file. | 9.3 |
2009-02-03 | CVE-2009-0398 | Gstreamer | Buffer Errors vulnerability in Gstreamer Plug-Ins 0.6.0 Array index error in the gst_qtp_trak_handler function in gst/qtdemux/qtdemux.c in GStreamer Plug-ins (aka gstreamer-plugins) 0.6.0 allows remote attackers to have an unknown impact via a crafted QuickTime media file. | 9.3 |
2009-02-03 | CVE-2009-0397 | Gstreamer | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Gstreamer Good Plug-Ins and Plug-Ins Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11, and GStreamer Plug-ins (aka gstreamer-plugins) 0.8.5, might allow remote attackers to execute arbitrary code via crafted Time-to-sample (aka stts) atom data in a malformed QuickTime media .mov file. | 9.3 |
2009-02-02 | CVE-2009-0389 | Eztools Software | Unspecified vulnerability in Eztools-Software web ON Windows Activex 2 Multiple insecure method vulnerabilities in the Web On Windows (WOW) ActiveX control in WOW ActiveX 2 allow remote attackers to (1) create and overwrite arbitrary files via the WriteIniFileString method, (2) execute arbitrary programs via the ShellExecute method, (3) read from the registry via unspecified vectors, and (4) write to the registry via unspecified vectors. | 9.3 |
2009-02-02 | CVE-2009-0387 | Gstreamer | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Gstreamer Good Plug-Ins and Plug-Ins Array index error in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted Sync Sample (aka stss) atom data in a malformed QuickTime media .mov file, related to "mark keyframes." | 9.3 |
2009-02-02 | CVE-2009-0386 | Gstreamer | Buffer Errors vulnerability in Gstreamer Good Plug-Ins 0.10.10/0.10.11/0.10.9 Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11 might allow remote attackers to execute arbitrary code via crafted Composition Time To Sample (ctts) atom data in a malformed QuickTime media .mov file. | 9.3 |
2009-02-05 | CVE-2009-0062 | Cisco | Permissions, Privileges, and Access Controls vulnerability in Cisco products Unspecified vulnerability in the Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.2.173.0 allows remote authenticated users to gain privileges via unknown vectors, as demonstrated by escalation from the (1) Lobby Admin and (2) Local Management User privilege levels. | 9.0 |
59 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2009-02-08 | CVE-2008-4560 | HP | Information Exposure vulnerability in HP Openview Network Node Manager 7.0.1/7.51/7.53 HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to obtain sensitive information via (1) a crafted request to the nnmRptConfig.exe CGI program, which reveals the pathname of log directories; or (2) a crafted parameter in a request to the ovlaunch.exe CGI program, which reveals configuration details. | 7.8 |
2009-02-05 | CVE-2009-0061 | Cisco | Improper Input Validation vulnerability in Cisco products Unspecified vulnerability in the Wireless LAN Controller (WLC) TSEC driver in the Cisco 4400 WLC, Cisco Catalyst 6500 and 7600 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.x before 5.1 allows remote attackers to cause a denial of service (device crash or hang) via unknown IP packets. | 7.8 |
2009-02-05 | CVE-2009-0059 | Cisco | Improper Input Validation vulnerability in Cisco products The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.2.x before 5.2.157.0 allow remote attackers to cause a denial of service (device reload) via a web authentication (aka WebAuth) session that includes a malformed POST request to login.html. | 7.8 |
2009-02-05 | CVE-2008-4419 | HP | Path Traversal vulnerability in HP products Directory traversal vulnerability in the HP JetDirect web administration interface in the HP-ChaiSOE 1.0 embedded web server on the LaserJet 9040mfp, LaserJet 9050mfp, and Color LaserJet 9500mfp before firmware 08.110.9; LaserJet 4345mfp and 9200C Digital Sender before firmware 09.120.9; Color LaserJet 4730mfp before firmware 46.200.9; LaserJet 2410, LaserJet 2420, and LaserJet 2430 before firmware 20080819 SPCL112A; LaserJet 4250 and LaserJet 4350 before firmware 20080819 SPCL015A; and LaserJet 9040 and LaserJet 9050 before firmware 20080819 SPCL110A allows remote attackers to read arbitrary files via directory traversal sequences in the URI. | 7.8 |
2009-02-03 | CVE-2009-0396 | Sony Ericsson | Improper Input Validation vulnerability in Sony Ericsson products The Sony Ericsson W910i, W660i, K618i, K610i, Z610i, K810i, K660i, W880i, and K530i phones allow remote attackers to cause a denial of service (device reboot or hang-up) via a malformed WAP Push packet to (1) SMS or (2) UDP port 2948. | 7.8 |
2009-02-02 | CVE-2009-0391 | IBM | Information Exposure vulnerability in IBM Websphere Application Server 6.0.1 Unspecified vulnerability in IBM WebSphere Application Server (WAS) 6.0.1 on z/OS allows attackers to read arbitrary files via unknown vectors. | 7.8 |
2009-02-06 | CVE-2008-6085 | F Secure | Numeric Errors vulnerability in F-Secure products Integer overflow in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, when configured to scan inside compressed archives, allows remote attackers to execute arbitrary code via a crafted RPM compressed archive file, which triggers a buffer overflow. | 7.6 |
2009-02-06 | CVE-2008-6088 | Joomtracker Joomla | SQL Injection vulnerability in Joomtracker COM Joomtracker 1.01 SQL injection vulnerability in the Joomtracker (com_joomtracker) 1.01 module for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a tordetails action to index.php. | 7.5 |
2009-02-06 | CVE-2008-6086 | Camera Life | SQL Injection vulnerability in Camera Life Camera Life 2.6.2B4 SQL injection vulnerability in album.php in Camera Life 2.6.2b4 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3355. | 7.5 |
2009-02-06 | CVE-2002-2431 | Goahead | Unspecified vulnerability in Goahead Webserver Unspecified vulnerability in GoAhead WebServer before 2.1.4 allows remote attackers to cause "incorrect behavior" via unknown "malicious code," related to incorrect use of the socketInputBuffered function by sockGen.c. | 7.5 |
2009-02-06 | CVE-2008-6083 | Txtshop | Path Traversal vulnerability in Txtshop 1.0 Directory traversal vulnerability in header.php in TXTshop beta 1.0 allows remote attackers to include and execute arbitrary local files via a .. | 7.5 |
2009-02-06 | CVE-2008-6081 | Simplecustomer | SQL Injection vulnerability in Simplecustomer Simple Customer 1.2 SQL injection vulnerability in contact.php in Simple Customer 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2009-02-06 | CVE-2008-6078 | Limbo CMS | SQL Injection vulnerability in Limbo CMS COM Privmsg SQL injection vulnerability in open.php in the Private Messaging (com_privmsg) component for Limbo CMS allows remote attackers to execute arbitrary SQL commands via the id parameter in a pms action to index.php. | 7.5 |
2009-02-06 | CVE-2008-6076 | Jlleblanc Joomla | SQL Injection vulnerability in Jlleblanc COM Dailymessage 1.0.3 SQL injection vulnerability in the Daily Message (com_dailymessage) 1.0.3 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | 7.5 |
2009-02-05 | CVE-2008-6066 | Meet WEB | Code Injection vulnerability in Meet#Web 0.8 Multiple PHP remote file inclusion vulnerabilities in Meet#Web 0.8 allow remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) modules.php, (2) ManagerResource.class.php, (3) ManagerRightsResource.class.php, (4) RegForm.class.php, (5) RegResource.class.php, and (6) RegRightsResource.class.php in classes/. | 7.5 |
2009-02-05 | CVE-2008-6064 | Domphp | SQL Injection vulnerability in Domphp 0.81 Multiple SQL injection vulnerabilities in DomPHP 0.81 allow remote attackers to execute arbitrary SQL commands via the cat parameter to agenda/index.php, and unspecified other vectors. | 7.5 |
2009-02-05 | CVE-2009-0431 | Codefixer | SQL Injection vulnerability in Codefixer Linkspro NIL SQL injection vulnerability in Default.asp in LinksPro Standard Edition allows remote attackers to execute arbitrary SQL commands via the OrderDirection parameter. | 7.5 |
2009-02-05 | CVE-2009-0429 | Activewebsoftwares | SQL Injection vulnerability in Activewebsoftwares Active Bids Multiple SQL injection vulnerabilities in Active Bids allow remote attackers to execute arbitrary SQL commands via the (1) search parameter to search.asp, (2) SortDir parameter to auctionsended.asp, and the (3) catid parameter to wishlist.php. | 7.5 |
2009-02-05 | CVE-2009-0428 | Dmxready | SQL Injection vulnerability in Dmxready Secure Document Library 1.0 SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Secure Document Library 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cid parameter. | 7.5 |
2009-02-05 | CVE-2009-0427 | Dmxready | SQL Injection vulnerability in Dmxready Member Directory Manager 1.1 SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Member Directory Manager 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cid parameter. | 7.5 |
2009-02-05 | CVE-2009-0426 | Dmxready | SQL Injection vulnerability in Dmxready Classified Listings Manager 1.1 SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Classified Listings Manager 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cid parameter. | 7.5 |
2009-02-05 | CVE-2009-0425 | Blue EYE CMS | SQL Injection vulnerability in Blue EYE CMS Blue EYE CMS SQL injection vulnerability in index.php in Blue Eye CMS 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the clanek parameter. | 7.5 |
2009-02-05 | CVE-2009-0423 | Kevin Walker | Path Traversal vulnerability in Kevin Walker PHP Photo Album 0.8 Directory traversal vulnerability in index.php in Php Photo Album (PHPPA) 0.8 BETA allows remote attackers to include and execute arbitrary local files via a .. | 7.5 |
2009-02-05 | CVE-2009-0422 | Tincan | Code Injection vulnerability in Tincan PHPlist Dynamic variable evaluation vulnerability in lists/admin.php in phpList 2.10.8 and earlier, when register_globals is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the _SERVER[ConfigFile] parameter to admin/index.php. | 7.5 |
2009-02-05 | CVE-2009-0421 | Joomla | SQL Injection vulnerability in Joomla COM Eventing SQL injection vulnerability in the Eventing (com_eventing) 1.6.x component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | 7.5 |
2009-02-05 | CVE-2009-0420 | RD Media Joomla | SQL Injection vulnerability in Rd-Media Rd-Autos 1.5.5 SQL injection vulnerability in the RD-Autos (com_rdautos) 1.5.5 Stable component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | 7.5 |
2009-02-04 | CVE-2008-6050 | Ircmaxell Joomla | SQL Injection vulnerability in Ircmaxell Tech Article 1.0.1 SQL injection vulnerability in the Tech Articles (com_tech_article) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the item parameter to index.php. | 7.5 |
2009-02-04 | CVE-2008-6046 | Adbnewssender Project | SQL Injection vulnerability in Adbnewssender Project Adbnewssender SQL injection vulnerability in ADbNewsSender before 1.5.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors in (1) opt_in_out.php.inc, (2) confirmation.php.inc, and (3) renewal.php.inc in mailinglist/. | 7.5 |
2009-02-03 | CVE-2009-0412 | Interspire | Improper Authentication vulnerability in Interspire Shopping Cart 4.0.1 The ProcessLogin function in class.auth.php in Interspire Shopping Cart (ISC) 4.0.1 Ultimate edition allows remote attackers to bypass authentication and obtain administrative access by reusing the RememberToken cookie after a failed admin login attempt. | 7.5 |
2009-02-03 | CVE-2009-0407 | Humayun Shabbir | SQL Injection vulnerability in Humayun Shabbir PHP-Cms Project 1 SQL injection vulnerability in admin/login.php in PHP-CMS Project 1 allows remote attackers to execute arbitrary SQL commands via the username parameter. | 7.5 |
2009-02-03 | CVE-2009-0406 | Community CMS | SQL Injection vulnerability in Community CMS Community CMS SQL injection vulnerability in index.php in Community CMS 0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2009-02-03 | CVE-2009-0405 | Smartsitecms | SQL Injection vulnerability in Smartsitecms 1.0 SQL injection vulnerability in articles.php in smartSite CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the var parameter. | 7.5 |
2009-02-03 | CVE-2009-0403 | Chipmunk Scripts | SQL Injection vulnerability in Chipmunk Scripts Chipmunk Blogger SQL injection vulnerability in admin/authenticate.php in Chipmunk Blogger Script allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. | 7.5 |
2009-02-03 | CVE-2009-0401 | Ephpscripts | SQL Injection vulnerability in Ephpscripts E-PHP CMS SQL injection vulnerability in browsecats.php in E-Php CMS allows remote attackers to execute arbitrary SQL commands via the cid parameter. | 7.5 |
2009-02-03 | CVE-2009-0399 | Chipmunk Scripts | Permissions, Privileges, and Access Controls vulnerability in Chipmunk Scripts Chipmunk Blogger Chipmunk Blogger Script allows remote attackers to gain administrator privileges via a direct request to admin/reguser.php. | 7.5 |
2009-02-03 | CVE-2008-6043 | Phpprobid | SQL Injection vulnerability in PHPprobid PHP PRO BID 6.04 Multiple SQL injection vulnerabilities in PHP Pro Bid (PPB) 6.04 allow remote attackers to execute arbitrary SQL commands via the (1) order_field and (2) order_type parameters to categories.php and unspecified other components. | 7.5 |
2009-02-03 | CVE-2008-6042 | Netartmedia | SQL Injection vulnerability in Netartmedia Real Estate Portal 2.0 SQL injection vulnerability in the re_search module in NetArtMedia Real Estate Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the ad parameter to index.php. | 7.5 |
2009-02-03 | CVE-2008-6040 | Agares Media | SQL Injection vulnerability in Agares Media Arcadem PRO 2.700/2.707/2.802 SQL injection vulnerability in index.php in Arcadem Pro 2.700 through 2.802 allows remote attackers to execute arbitrary SQL commands via the articlecat parameter, probably related to includes/articleblock.php. | 7.5 |
2009-02-03 | CVE-2008-6038 | Mapcal | SQL Injection vulnerability in Mapcal 0.1 SQL injection vulnerability in index.php in MapCal 0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in an editevent action, possibly related to dsp_editevent.php. | 7.5 |
2009-02-03 | CVE-2008-6037 | Availscript | SQL Injection vulnerability in Availscript Article Script SQL injection vulnerability in view.php in AvailScript Article Script allows remote attackers to execute arbitrary SQL commands via the v parameter. | 7.5 |
2009-02-03 | CVE-2008-6036 | Basebuilder | Code Injection vulnerability in Basebuilder 1.0/1.0.3/2.0 PHP remote file inclusion vulnerability in main.inc.php in BaseBuilder 2.0.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mj_config[src_path] parameter. | 7.5 |
2009-02-03 | CVE-2008-6033 | WSN Links | SQL Injection vulnerability in WSN Links WSN Links 2.20 SQL injection vulnerability in comments.php in WSN Links 2.20 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2009-02-03 | CVE-2008-6032 | WSN | SQL Injection vulnerability in WSN Links 4.0.34P SQL injection vulnerability in comments.php in WSN Links Free 4.0.34P allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2009-02-03 | CVE-2008-6031 | WSN Links | SQL Injection vulnerability in WSN Links WSN Links 2.22/2.23 SQL injection vulnerability in vote.php in WSN Links 2.22 and 2.23 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2009-02-03 | CVE-2008-6030 | Netartmedia | SQL Injection vulnerability in Netartmedia Jobs Portal 1.3 Multiple SQL injection vulnerabilities in NetArtMedia Jobs Portal 1.3 allow remote attackers to execute arbitrary SQL commands via (1) the job parameter to index.php in the search module or (2) the news_id parameter to index.php. | 7.5 |
2009-02-03 | CVE-2008-6028 | University OF Queensland | SQL Injection vulnerability in University of Queensland FEZ 1.3/2.0 SQL injection vulnerability in list.php in University of Queensland Library Fez 1.3 and 2.0 RC1 allows remote attackers to execute arbitrary SQL commands via the parent_id parameter in a subject action. | 7.5 |
2009-02-03 | CVE-2008-6026 | Bluecube | SQL Injection vulnerability in Bluecube CMS SQL injection vulnerability in tienda.php in BlueCUBE CMS allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2009-02-03 | CVE-2009-0395 | Netartmedia | SQL Injection vulnerability in Netartmedia CAR Portal 1.0 SQL injection vulnerability in the login feature in NetArt Media Car Portal 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. | 7.5 |
2009-02-03 | CVE-2009-0394 | PLE CMS | SQL Injection vulnerability in PLE CMS PLE CMS 1.0 SQL injection vulnerability in login.php in Pre Lecture Exercises (PLEs) CMS 1.0 beta 4.2 allows remote attackers to execute arbitrary SQL commands via the school parameter. | 7.5 |
2009-02-02 | CVE-2008-6023 | Xnova | Code Injection vulnerability in Xnova 0.8 PHP remote file inclusion vulnerability in includes/todofleetcontrol.php in a newer version of Xnova, possibly 0.8 sp1, allows remote attackers to execute arbitrary PHP code via a URL in the xnova_root_path parameter. | 7.5 |
2009-02-02 | CVE-2008-6022 | Xnova | Code Injection vulnerability in Xnova 0.8 PHP remote file inclusion vulnerability in includes/todofleetcontrol.php in an older version of Xnova, possibly 0.8 sp1, allows remote attackers to execute arbitrary PHP code via a URL in the ugamela_root_path parameter. | 7.5 |
2009-02-02 | CVE-2008-6020 | Drupal | SQL Injection vulnerability in Drupal Views 6.X2.0 SQL injection vulnerability in the Views module 6.x before 6.x-2.2 for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to "an exposed filter on CCK text fields." | 7.5 |
2009-02-02 | CVE-2008-6019 | DO CMS | SQL Injection vulnerability in Do-Cms 3.0 SQL injection vulnerability in index.php in EACOMM DO-CMS 3.0 allows remote attackers to execute arbitrary SQL commands via the p parameter. | 7.5 |
2009-02-02 | CVE-2008-6017 | I Rater | SQL Injection vulnerability in I-Rater Basic NIL SQL injection vulnerability in messages.php in I-Rater Basic allows remote attackers to execute arbitrary SQL commands via the idp parameter. | 7.5 |
2009-02-02 | CVE-2009-0381 | Bazaarbuilder Joomla | SQL Injection vulnerability in Bazaarbuilder Ecommerce Shopping Cart 5.0 SQL injection vulnerability in the BazaarBuilder Ecommerce Shopping Cart (com_prod) 5.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter in a products action to index.php. | 7.5 |
2009-02-02 | CVE-2009-0379 | Joomla | SQL Injection vulnerability in Joomla COM Pcchess SQL injection vulnerability in the Prince Clan Chess Club (com_pcchess) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the game_id parameter in a showgame action to index.php, a different vector than CVE-2008-0761. | 7.5 |
2009-02-02 | CVE-2009-0377 | Joomla | SQL Injection vulnerability in Joomla COM Beamospetition 1.0.12 SQL injection vulnerability in the beamospetition (com_beamospetition) 1.0.12 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mpid parameter in a sign action to index.php, a different vector than CVE-2008-3132. | 7.5 |
2009-02-08 | CVE-2009-0477 | SUN | Permissions, Privileges, and Access Controls vulnerability in SUN Opensolaris Unspecified vulnerability in the process (aka proc) filesystem in Sun OpenSolaris snv_85 through snv_100 allows local users to gain privileges via vectors related to the contract filesystem. | 7.2 |
2009-02-02 | CVE-2009-0390 | Enomaly | Code Injection vulnerability in Enomaly Elastic Computing Platform 2.1 Argument injection vulnerability in Enomaly Elastic Computing Platform (ECP), formerly Enomalism, before 2.1.1 allows local users to send signals to arbitrary processes by populating the /tmp/enomalism2.pid file with command-line arguments for the kill program. | 7.2 |
67 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2009-02-03 | CVE-2009-0416 | Standards Based Linux Instrumentation | Link Following vulnerability in Standards Based Linux Instrumentation Sblim-Sfcb 1.3.2 The SSL certificate setup program (genSslCert.sh) in Standards Based Linux Instrumentation for Manageability (SBLIM) sblim-sfcb 1.3.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /var/tmp/key.pem, (2) /var/tmp/cert.pem, and (3) /var/tmp/ssl.cnf temporary files. | 6.9 |
2009-02-02 | CVE-2008-4990 | Enomaly | Link Following vulnerability in Enomaly Elastic Computing Platform Enomaly Elastic Computing Platform (ECP), formerly Enomalism, before 2.1.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/enomalism2.pid temporary file. | 6.9 |
2009-02-06 | CVE-2009-0473 | Rockwellautomation | Link Following vulnerability in Rockwellautomation Controllogix 1756-Enbt/A Ethernet/ IP Bridge Open redirect vulnerability in the web interface in the Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge Module allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | 6.8 |
2009-02-06 | CVE-2009-0471 | Cisco | Cross-Site Request Forgery (CSRF) vulnerability in Cisco IOS 12.4(23) Cross-site request forgery (CSRF) vulnerability in the HTTP server in Cisco IOS 12.4(23) allows remote attackers to execute arbitrary commands, as demonstrated by executing the hostname command with a level/15/configure/-/hostname request. | 6.8 |
2009-02-06 | CVE-2008-6084 | Matteoiammarrone | Improper Input Validation vulnerability in .Matteoiammarrone Iamma Simple Gallery 1.0/2.0 Unrestricted file upload vulnerability in pages/download.php in Iamma Simple Gallery 1.0 and 2.0 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the file in the uploads directory. | 6.8 |
2009-02-03 | CVE-2009-0409 | Mzbservices | SQL Injection vulnerability in Mzbservices Max.Blog 1.0.6 SQL injection vulnerability in offline_auth.php in Max.Blog 1.0.6 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. | 6.8 |
2009-02-03 | CVE-2009-0400 | Socialengine | SQL Injection vulnerability in Socialengine 3.06 SQL injection vulnerability in blog.php in SocialEngine 3.06 trial allows remote attackers to execute arbitrary SQL commands via the category_id parameter. | 6.8 |
2009-02-03 | CVE-2008-6039 | Bluepage | Improper Authentication vulnerability in Bluepage CMS 2.4.0 Session fixation vulnerability in BLUEPAGE CMS 2.5 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter. | 6.8 |
2009-02-03 | CVE-2008-6029 | Buzzywall | SQL Injection vulnerability in Buzzywall 1/1.3 SQL injection vulnerability in search.php in BuzzyWall 1.3.1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the search parameter. | 6.8 |
2009-02-03 | CVE-2008-6025 | Openelec | Path Traversal vulnerability in Openelec 2.02/3.00 Directory traversal vulnerability in scr/form.php in openElec 3.01 and earlier allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |
2009-02-03 | CVE-2009-0392 | Motorola | Path Traversal vulnerability in Motorola Cpei300 Directory traversal vulnerability in sysconf.cgi in Motorola Wimax modem CPEi300 allows remote authenticated users to read arbitrary files via a .. | 6.8 |
2009-02-02 | CVE-2009-0272 | Novell | Cross-Site Request Forgery (CSRF) vulnerability in Novell Groupwise Cross-site request forgery (CSRF) vulnerability in Novell GroupWise WebAccess 6.5x, 7.0, 7.01, 7.02x, 7.03, 7.03HP1a, and 8.0 allows remote attackers to insert e-mail forwarding rules, and modify unspecified other configuration settings, as arbitrary users via unknown vectors. | 6.8 |
2009-02-02 | CVE-2008-6018 | Myphpsite | Path Traversal vulnerability in Myphpsite NIL Directory traversal vulnerability in index.php in MyPHPSite, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. | 6.8 |
2009-02-02 | CVE-2009-0384 | Adam Tomecek | SQL Injection vulnerability in Adam Tomecek Ownrs 1.2 SQL injection vulnerability in autor.php in OwnRS CMS 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 6.8 |
2009-02-06 | CVE-2008-6077 | Loudblog | SQL Injection vulnerability in Loudblog SQL injection vulnerability in loudblog/ajax.php in LoudBlog 0.8.0a and earlier allows remote authenticated users to execute arbitrary SQL commands via the colpick parameter in a singleread action. | 6.5 |
2009-02-05 | CVE-2009-0058 | Cisco | Improper Input Validation vulnerability in Cisco products The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.x before 5.2 allow remote attackers to cause a denial of service (web authentication outage or device reload) via unspecified network traffic, as demonstrated by a vulnerability scanner. | 6.1 |
2009-02-03 | CVE-2009-0408 | Oscommerce | Cross-Site Request Forgery (CSRF) vulnerability in Oscommerce 2.2 Cross-site request forgery (CSRF) vulnerability in osCommerce 2.2 RC 2a allows remote attackers to hijack the authentication of administrators. | 6.0 |
2009-02-04 | CVE-2009-0355 | Mozilla | Permissions, Privileges, and Access Controls vulnerability in Mozilla Firefox components/sessionstore/src/nsSessionStore.js in Mozilla Firefox before 3.0.6 does not block changes of INPUT elements to type="file" during tab restoration, which allows user-assisted remote attackers to read arbitrary files on a client machine via a crafted INPUT element. | 5.4 |
2009-02-02 | CVE-2008-6024 | SUN | Resource Management Errors vulnerability in SUN Opensolaris and Solaris Unspecified vulnerability in the NFSv4 client module in the kernel on Sun Solaris 10 and OpenSolaris before snv_37, when automountd is used, allows user-assisted remote attackers to cause a denial of service (unresponsive NFS filesystems) via unknown vectors. | 5.4 |
2009-02-06 | CVE-2008-6074 | Phpcrs | Path Traversal vulnerability in PHPcrs Directory traversal vulnerability in frame.php in phpcrs 2.06 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. | 5.1 |
2009-02-05 | CVE-2008-6065 | Oracle | Permissions, Privileges, and Access Controls vulnerability in Oracle Database Server 10.1/10.2/11 Oracle Database Server 10.1, 10.2, and 11g grants directory WRITE permissions for arbitrary pathnames that are aliased in a CREATE OR REPLACE DIRECTORY statement, which allows remote authenticated users with CREATE ANY DIRECTORY privileges to gain SYSDBA privileges by aliasing the pathname of the password directory, and then overwriting the password file through UTL_FILE operations, a related issue to CVE-2006-7141. | 5.1 |
2009-02-08 | CVE-2009-0478 | Squid | Improper Input Validation vulnerability in Squid Squid 2.7 to 2.7.STABLE5, 3.0 to 3.0.STABLE12, and 3.1 to 3.1.0.4 allows remote attackers to cause a denial of service via an HTTP request with an invalid version number, which triggers a reachable assertion in (1) HttpMsg.c and (2) HttpStatusLine.c. | 5.0 |
2009-02-06 | CVE-2009-0474 | Rockwellautomation | Information Exposure vulnerability in Rockwellautomation Controllogix 1756-Enbt/A Ethernet/ IP Bridge The web interface in the Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge Module allows remote attackers to obtain "internal web page information" and "internal information about the module" via unspecified vectors. | 5.0 |
2009-02-06 | CVE-2008-6089 | Scriptsez | Path Traversal vulnerability in Scriptsez Easy Image Downloader Directory traversal vulnerability in main.php in ScriptsEz Easy Image Downloader allows remote attackers to read arbitrary files via a .. | 5.0 |
2009-02-06 | CVE-2003-1569 | Goahead Microsoft | Improper Input Validation vulnerability in Goahead Webserver GoAhead WebServer before 2.1.5 on Windows 95, 98, and ME allows remote attackers to cause a denial of service (daemon crash) via an HTTP request with a (1) con, (2) nul, (3) clock$, or (4) config$ device name in a path component, different vectors than CVE-2001-0385. | 5.0 |
2009-02-06 | CVE-2003-1568 | Goahead Goahead Software | Improper Input Validation vulnerability in multiple products GoAhead WebServer before 2.1.6 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an invalid URL, related to the websSafeUrl function. | 5.0 |
2009-02-06 | CVE-2002-2430 | Goahead | Resource Management Errors vulnerability in Goahead Webserver 2.0/2.1 GoAhead WebServer before 2.1.1 allows remote attackers to cause a denial of service (CPU consumption) by performing a socket disconnect to terminate a request before it has been fully processed by the server. | 5.0 |
2009-02-06 | CVE-2002-2429 | Goahead | Improper Input Validation vulnerability in Goahead Webserver webs.c in GoAhead WebServer before 2.1.4 allows remote attackers to cause a denial of service (daemon crash) via an HTTP POST request that contains a negative integer in the Content-Length header. | 5.0 |
2009-02-06 | CVE-2002-2428 | Goahead | Improper Input Validation vulnerability in Goahead Webserver webs.c in GoAhead WebServer before 2.1.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an HTTP POST request that contains a Content-Length header but no body data. | 5.0 |
2009-02-06 | CVE-2002-2427 | Goahead | Improper Authentication vulnerability in Goahead Webserver 2.0/2.1 The security handler in GoAhead WebServer before 2.1.1 allows remote attackers to bypass authentication and obtain access to protected web content via "an extra slash in a URL," a different vulnerability than CVE-2002-1603. | 5.0 |
2009-02-06 | CVE-2008-6082 | Southrivertech | Resource Management Errors vulnerability in Southrivertech Titan FTP Server 6.26 Titan FTP Server 6.26 build 630 allows remote attackers to cause a denial of service (CPU consumption) via the SITE WHO command. | 5.0 |
2009-02-06 | CVE-2008-6080 | Codecall Joomla | Path Traversal vulnerability in Codecall COM Ionfiles 4.4.2 Directory traversal vulnerability in download.php in the ionFiles (com_ionfiles) 4.4.2 component for Joomla! allows remote attackers to read arbitrary files via a .. | 5.0 |
2009-02-05 | CVE-2008-6059 | Webkit | Permissions, Privileges, and Access Controls vulnerability in Webkit xml/XMLHttpRequest.cpp in WebCore in WebKit before r38566 does not properly restrict access from web pages to the (1) Set-Cookie and (2) Set-Cookie2 HTTP response headers, which allows remote attackers to obtain sensitive information from cookies via XMLHttpRequest calls, related to the HTTPOnly protection mechanism. | 5.0 |
2009-02-04 | CVE-2009-0419 | Microsoft | Permissions, Privileges, and Access Controls vulnerability in Microsoft XML Core Services Microsoft XML Core Services, as used in Microsoft Expression Web, Office, Internet Explorer 6 and 7, and other products, does not properly restrict access from web pages to Set-Cookie2 HTTP response headers, which allows remote attackers to obtain sensitive information from cookies via XMLHttpRequest calls, related to the HTTPOnly protection mechanism. | 5.0 |
2009-02-04 | CVE-2009-0357 | Mozilla | Permissions, Privileges, and Access Controls vulnerability in Mozilla Firefox and Seamonkey Mozilla Firefox before 3.0.6 and SeaMonkey before 1.1.15 do not properly restrict access from web pages to the (1) Set-Cookie and (2) Set-Cookie2 HTTP response headers, which allows remote attackers to obtain sensitive information from cookies via XMLHttpRequest calls, related to the HTTPOnly protection mechanism. | 5.0 |
2009-02-04 | CVE-2008-6057 | Liberum | Permissions, Privileges, and Access Controls vulnerability in Liberum Help Desk 0.97.3 Doug Luxem Liberum Help Desk 0.97.3 stores db/helpdesk2000.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request. | 5.0 |
2009-02-04 | CVE-2008-6055 | Preprojects | Permissions, Privileges, and Access Controls vulnerability in Preprojects PRE Classified Listings PreProjects Pre Classified Listings stores pclasp.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request. | 5.0 |
2009-02-04 | CVE-2008-6054 | Preprojects COM | Permissions, Privileges, and Access Controls vulnerability in Preprojects.Com PRE Courier and Cargo Business PreProjects Pre Courier and Cargo Business stores dbcourior.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request. | 5.0 |
2009-02-04 | CVE-2008-6053 | Preprojects | Permissions, Privileges, and Access Controls vulnerability in Preprojects PRE Resume Submitter PreProjects Pre Resume Submitter stores onlineresume.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request. | 5.0 |
2009-02-04 | CVE-2008-6052 | Preprojects | Permissions, Privileges, and Access Controls vulnerability in Preprojects PRE E-Learning Portal PreProjects Pre E-Learning Portal stores db_elearning.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request. | 5.0 |
2009-02-04 | CVE-2008-6051 | Metalinks | Permissions, Privileges, and Access Controls vulnerability in Metalinks Metacart MetaCart Free stores metacart.mdb under the web root with insufficient access control, which allows remote attackers to obtain usernames and passwords via a direct request. | 5.0 |
2009-02-03 | CVE-2009-0411 | Permissions, Privileges, and Access Controls vulnerability in Google Chrome Google Chrome before 1.0.154.46 does not properly restrict access from web pages to the (1) Set-Cookie and (2) Set-Cookie2 HTTP response headers, which allows remote attackers to obtain sensitive information from cookies via XMLHttpRequest calls and other web script. | 5.0 | |
2009-02-03 | CVE-2009-0276 | Unspecified vulnerability in Google Chrome Cross-domain vulnerability in the V8 JavaScript engine in Google Chrome before 1.0.154.46 allows remote attackers to bypass the Same Origin Policy via a crafted script that accesses another frame and reads its full URL and possibly other sensitive information, or modifies the URL of this frame. | 5.0 | |
2009-02-03 | CVE-2009-0274 | Novell | Information Exposure vulnerability in Novell Groupwise Unspecified vulnerability in WebAccess in Novell GroupWise 6.5, 7.0, 7.01, 7.02x, 7.03, 7.03HP1a, and 8.0 might allow remote attackers to obtain sensitive information via a crafted URL, related to conversion of POST requests to GET requests. | 5.0 |
2009-02-08 | CVE-2009-0206 | HP | Local Denial Of Service vulnerability in HP-UX NFS Unspecified vulnerability in NFS in HP ONCplus B.11.31.05 and earlier for HP-UX B.11.31 allows local users to cause a denial of service via unknown vectors. | 4.9 |
2009-02-03 | CVE-2008-4914 | Vmware | Denial Of Service vulnerability in VMWare ESX and Esxi Unspecified vulnerability in VMware ESXi 3.5 before ESXe350-200901401-I-SG and ESX 3.5 before ESX350-200901401-SG allows local administrators to cause a denial of service (host crash) via a snapshot with a malformed VMDK delta disk. | 4.7 |
2009-02-06 | CVE-2009-0472 | Rockwellautomation | Cross-Site Scripting vulnerability in Rockwellautomation Controllogix 1756-Enbt/A Ethernet/ IP Bridge Multiple cross-site scripting (XSS) vulnerabilities in the web interface in the Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge Module allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2009-02-06 | CVE-2009-0470 | Cisco | Cross-Site Scripting vulnerability in Cisco IOS 12.4(23) Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 12.4(23) allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI under (1) level/15/exec/-/ or (2) exec/, a different vulnerability than CVE-2008-3821. | 4.3 |
2009-02-06 | CVE-2008-6090 | Scriptsez | Path Traversal vulnerability in Scriptsez Mini Hosting Panel Directory traversal vulnerability in members.php in ScriptsEz Mini Hosting Panel allows remote attackers to read arbitrary local files via a .. | 4.3 |
2009-02-06 | CVE-2008-6087 | Camera Life | Cross-Site Scripting vulnerability in Camera Life Camera Life 2.6.2B4 Cross-site scripting (XSS) vulnerability in topic.php in Camera Life 2.6.2b4 allows remote attackers to inject arbitrary web script or HTML via the name parameter. | 4.3 |
2009-02-05 | CVE-2008-6063 | Microsoft | Information Exposure vulnerability in Microsoft Word 2007 Microsoft Word 2007, when the "Save as PDF" add-on is enabled, places an absolute pathname in the Subject field during an "Email as PDF" operation, which allows remote attackers to obtain sensitive information such as the sender's account name and a Temporary Internet Files subdirectory name. | 4.3 |
2009-02-05 | CVE-2008-6062 | Adobe | Cross-Site Scripting vulnerability in Adobe Dreamweaver Cross-site scripting (XSS) vulnerability in ActionScript in arbitrary Shockwave Flash (SWF) files created by Adobe Dreamweaver, when the Insert Flash Video feature is used, allows remote attackers to inject arbitrary web script or HTML via an asfunction: URI in the skinName parameter. | 4.3 |
2009-02-05 | CVE-2008-6061 | Techsmith | Cross-Site Scripting vulnerability in Techsmith Camtasia Studio Cross-site scripting (XSS) vulnerability in ActionScript in arbitrary Shockwave Flash (SWF) controller files created by Techsmith Camtasia Studio before 5 allows remote attackers to inject arbitrary additional SWF content via a URL in the csPreloader parameter. | 4.3 |
2009-02-05 | CVE-2008-6060 | Infosoftglobal | Cross-Site Scripting vulnerability in Infosoftglobal Fusion Charts Cross-site scripting (XSS) vulnerability in ActionScript in arbitrary Shockwave Flash (SWF) files created by InfoSoft FusionCharts allows remote attackers to inject arbitrary additional SWF content via a URL in the SRC attribute of an IMG element in the dataURL parameter. | 4.3 |
2009-02-05 | CVE-2009-0430 | Activewebsoftwares | Cross-Site Scripting vulnerability in Activewebsoftwares Active Bids Multiple cross-site scripting (XSS) vulnerabilities in Active Bids allow remote attackers to inject arbitrary web script or HTML via the (1) search parameter to search.asp and the (2) URL parameter to tellafriend.asp. | 4.3 |
2009-02-05 | CVE-2009-0424 | AN Guestbook | Cross-Site Scripting vulnerability in AN Guestbook AN Guestbook Cross-site scripting (XSS) vulnerability in sign1.php in AN Guestbook (ANG) before 0.7.7 allows remote attackers to inject arbitrary web script or HTML via the country parameter, which is not properly handled in (1) administrator/manage.php or (2) administrator/trash.php. | 4.3 |
2009-02-04 | CVE-2008-6056 | EX Designs | Cross-Site Scripting vulnerability in Ex-Designs World Recipe 2.11 Multiple cross-site scripting (XSS) vulnerabilities in World Recipe 2.11 allow remote attackers to inject arbitrary web script or HTML via the (1) n parameter to emailrecipe.aspx, (2) id parameter to recipedetail.aspx, and the (3) catid parameter to validatefieldlength.aspx. | 4.3 |
2009-02-04 | CVE-2008-6047 | Adbnewssender | Cross-Site Scripting vulnerability in Adbnewssender Cross-site scripting (XSS) vulnerability in ADbNewsSender before 1.5.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) subscribing and (2) unsubscribing. | 4.3 |
2009-02-03 | CVE-2009-0413 | Roundcube | Cross-Site Scripting vulnerability in Roundcube Webmail 0.2 Cross-site scripting (XSS) vulnerability in RoundCube Webmail (roundcubemail) 0.2 stable allows remote attackers to inject arbitrary web script or HTML via the background attribute embedded in an HTML e-mail message. | 4.3 |
2009-02-03 | CVE-2009-0404 | Bioinformatics | Cross-Site Scripting vulnerability in Bioinformatics Htmlawed Multiple cross-site scripting (XSS) vulnerabilities in Bioinformatics htmLawed 1.1.3 and 1.1.4 allow remote attackers to inject arbitrary web script or HTML via invalid Cascading Style Sheets (CSS) expressions in the style attribute, which is processed by Internet Explorer 7. | 4.3 |
2009-02-03 | CVE-2008-6041 | Dataspade | Cross-Site Scripting vulnerability in Dataspade 1.0 Multiple cross-site scripting (XSS) vulnerabilities in Index.asp in Dataspade 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) ViewName, (2) TableName, (3) OrderBy, and (4) FilterField parameters. | 4.3 |
2009-02-03 | CVE-2008-6035 | Achievo | Cross-Site Scripting vulnerability in Achievo 1.3.2 Cross-site scripting (XSS) vulnerability in dispatch.php in Achievo 1.3.2-STABLE allows remote attackers to inject arbitrary web script or HTML via the atknodetype parameter. | 4.3 |
2009-02-03 | CVE-2008-6034 | Achievo | Cross-Site Scripting vulnerability in Achievo 1.3.2 Cross-site scripting (XSS) vulnerability in dispatch.php in Achievo 1.3.2 allows remote attackers to inject arbitrary web script or HTML via the atkaction parameter. | 4.3 |
2009-02-03 | CVE-2008-6027 | Bluepage | Cross-Site Scripting vulnerability in Bluepage CMS 2.4.0 Multiple cross-site scripting (XSS) vulnerabilities in index.php in BLUEPAGE CMS 2.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) whl, (2) var_1, and (3) search parameters. | 4.3 |
2009-02-02 | CVE-2009-0273 | Novell | Cross-Site Scripting vulnerability in Novell Groupwise Multiple cross-site scripting (XSS) vulnerabilities in Novell GroupWise WebAccess 6.5x, 7.0, 7.01, 7.02x, 7.03, 7.03HP1a, and 8.0 allow remote attackers to inject arbitrary web script or HTML via the (1) User.id and (2) Library.queryText parameters to gw/webacc, and other vectors involving (3) HTML e-mail and (4) HTML attachments. | 4.3 |
2009-02-02 | CVE-2009-0382 | Drupal | Permissions, Privileges, and Access Controls vulnerability in Drupal Internationalization 5.X1.1 Unspecified vulnerability in Internationalization (i18n) Translation 5.x before 5.x-2.5, a module for Drupal, allows remote attackers with "translate node" permissions to bypass intended access restrictions and read unpublished nodes via unspecified vectors. | 4.3 |
2009-02-02 | CVE-2009-0378 | Joomla | Cross-Site Scripting vulnerability in Joomla COM Beamospetition 1.0.12 Cross-site scripting (XSS) vulnerability in index.php in the beamospetition (com_beamospetition) 1.0.12 component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the pet parameter in a sign action. | 4.3 |
3 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2009-02-03 | CVE-2009-0415 | Monkey | Unspecified vulnerability in Monkey Trickle 1.07 Untrusted search path vulnerability in trickle 1.07 allows local users to execute arbitrary code via a Trojan horse trickle-overload.so in the current working directory, which is referenced in the LD_PRELOAD path. | 3.7 |
2009-02-03 | CVE-2009-0393 | Motorola | Cross-Site Scripting vulnerability in Motorola Cpei300 Cross-site scripting (XSS) vulnerability in sysconf.cgi in Motorola Wimax modem CPEi300 allows remote authenticated users to inject arbitrary web script or HTML via the page parameter. | 3.5 |
2009-02-04 | CVE-2009-0358 | Mozilla | Information Exposure vulnerability in Mozilla Firefox Mozilla Firefox 3.x before 3.0.6 does not properly implement the (1) no-store and (2) no-cache Cache-Control directives, which allows local users to obtain sensitive information by using the (a) back button or (b) history list of the victim's browser, as demonstrated by reading the response page of an https POST request. | 3.3 |