Weekly Vulnerabilities Reports > March 2 to 8, 2009

Overview

159 new vulnerabilities reported during this period, including 14 critical vulnerabilities and 64 high severity vulnerabilities. This weekly summary report vulnerabilities in 156 products from 128 vendors including Mozilla, Ocean12Tech, Bookelves, Drupal, and Brian Wilson. Vulnerabilities are notably categorized as "SQL Injection", "Cross-site Scripting", "Permissions, Privileges, and Access Controls", "Code Injection", and "Resource Management Errors".

  • 149 reported vulnerabilities are remotely exploitables.
  • 80 reported vulnerabilities have public exploit available.
  • 83 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 148 reported vulnerabilities are exploitable by an anonymous user.
  • Mozilla has the most reported vulnerabilities, with 7 reported vulnerabilities.
  • Mozilla has the most reported critical vulnerabilities, with 4 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

14 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2009-03-06 CVE-2008-6415 Youngzsoft Buffer Errors vulnerability in Youngzsoft Ccproxy 6.5

Buffer overflow in YoungZSoft CCProxy 6.5 might allow remote attackers to execute arbitrary code via a CONNECTION request with a long hostname.

10.0
2009-03-05 CVE-2009-0775 Mozilla Resource Management Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not properly handled during garbage collection.

10.0
2009-03-05 CVE-2009-0773 Mozilla Resource Management Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

The JavaScript engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a splice of an array that contains "some non-set elements," which causes jsarray.cpp to pass an incorrect argument to the ResizeSlots function, which triggers memory corruption; (2) vectors related to js_DecompileValueGenerator, jsopcode.cpp, __defineSetter__, and watch, which triggers an assertion failure or a segmentation fault; and (3) vectors related to gczeal, __defineSetter__, and watch, which triggers a hang.

10.0
2009-03-03 CVE-2008-6393 PSI IM
Jabber
Numeric Errors vulnerability in Psi-Im PSI

PSI Jabber client before 0.12.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a file transfer request with a negative value in a SOCKS5 option, which bypasses a signed integer check and triggers an integer overflow and a heap-based buffer overflow.

10.0
2009-03-03 CVE-2009-0752 Sixapart Unspecified vulnerability in Sixapart Movable Type

Unspecified vulnerability in Movable Type Pro and Community Solution 4.x before 4.24 has unknown impact and attack vectors, possibly related to the password recovery mechanism.

10.0
2009-03-05 CVE-2009-0833 Myplugins
Nullsoft
Buffer Errors vulnerability in Myplugins GEN MSN 0.31

Heap-based buffer overflow in gen_msn.dll in the gen_msn plugin 0.31 for Winamp 5.541 allows remote attackers to execute arbitrary code via a playlist (.pls) file with a long URL in the File1 field.

9.3
2009-03-05 CVE-2009-0813 Imera Improper Input Validation vulnerability in Imera Teamlinks

Insecure method vulnerability in the ImeraIEPlugin ActiveX control (ImeraIEPlugin.dll 1.0.2.54) in Imera TeamLinks Client allows remote attackers to force the download and execution of arbitrary URLs via modified DownloadProtocol, DownloadHost, DownloadPort, and DownloadURI parameters.

9.3
2009-03-05 CVE-2009-0774 Mozilla Resource Management Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to gczeal, a different vulnerability than CVE-2009-0773.

9.3
2009-03-05 CVE-2009-0772 Mozilla Resource Management Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to nsCSSStyleSheet::GetOwnerNode, events, and garbage collection, which triggers memory corruption.

9.3
2009-03-05 CVE-2009-0367 Wesnoth Permissions, Privileges, and Access Controls vulnerability in Wesnoth

The Python AI module in Wesnoth 1.4.x and 1.5 before 1.5.11 allows remote attackers to escape the sandbox and execute arbitrary code by using a whitelisted module that imports an unsafe module, then using a hierarchical module name to access the unsafe module through the whitelisted module.

9.3
2009-03-05 CVE-2009-0186 Nullsoft
Mega Nerd
Numeric Errors vulnerability in multiple products

Integer overflow in libsndfile 1.0.18, as used in Winamp and other products, allows context-dependent attackers to execute arbitrary code via crafted description chunks in a CAF audio file, leading to a heap-based buffer overflow.

9.3
2009-03-04 CVE-2009-0812 Bpsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Bpsoft HEX Workshop

Stack-based buffer overflow in BreakPoint Software Hex Workshop 4.23, 6.0.1.4603, and other 6.x and earlier versions allows remote attackers to execute arbitrary code via a crafted Intel Hex Code (.hex) file.

9.3
2009-03-04 CVE-2009-0811 Sopcast Code Injection vulnerability in Sopcast Sopcore Activex Control 3.0.3.501

Insecure method vulnerability in the SopCast SopCore ActiveX control in sopocx.ocx 3.0.3.501 allows remote attackers to execute arbitrary programs via an executable file name in the argument to the SetExternalPlayer method.

9.3
2009-03-02 CVE-2008-6363 Capilano Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Capilano Designworks 4.3.1/5.0.7

Stack-based buffer overflow in DesignWorks Professional 4.3.1 and 5.0.7 allows remote attackers to execute arbitrary code via a crafted .cct file.

9.3

64 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2009-03-06 CVE-2008-6424 JUN Sota Path Traversal vulnerability in JUN Sota Ffftp 1.96B

Directory traversal vulnerability in FFFTP 1.96b allows remote FTP servers to create or overwrite arbitrary files via a response to an FTP LIST command with a filename that contains a ..

8.8
2009-03-02 CVE-2008-6367 Socialgroupie Improper Input Validation vulnerability in Socialgroupie Social Groupie

Unrestricted file upload vulnerability in Photos/create_album.php in Social Groupie allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in Member_images/.

8.5
2009-03-05 CVE-2009-0619 Cisco Remote Denial Of Service vulnerability in Cisco Session Border Controller 3.0(1)

Unspecified vulnerability in the Session Border Controller (SBC) before 3.0(2) for Cisco 7600 series routers allows remote attackers to cause a denial of service (SBC card reload) via crafted packets to TCP port 2000.

7.8
2009-03-04 CVE-2008-6395 3Com USE of Externally-Controlled Format String vulnerability in 3Com Wireless 8760 Dual-Radio

The web management interface in 3Com Wireless 8760 Dual Radio 11a/b/g PoE Access Point allows remote attackers to cause a denial of service (device crash) via a malformed HTTP POST request.

7.8
2009-03-03 CVE-2009-0758 Avahi Resource Management Errors vulnerability in Avahi Avahi-Daemon 0.6.23

The originates_from_local_legacy_unicast_socket function in avahi-core/server.c in avahi-daemon 0.6.23 does not account for the network byte order of a port number when processing incoming multicast packets, which allows remote attackers to cause a denial of service (network bandwidth and CPU consumption) via a crafted legacy unicast mDNS query packet that triggers a multicast packet storm.

7.8
2009-03-02 CVE-2009-0749 Optipng Project
Suse
Opensuse
Use After Free vulnerability in multiple products

Use-after-free vulnerability in the GIFReadNextExtension function in lib/pngxtern/gif/gifread.c in OptiPNG 0.6.2 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a crafted GIF image that causes the realloc function to return a new pointer, which triggers memory corruption when the old pointer is accessed.

7.8
2009-03-06 CVE-2008-6438 E107Coders
E107
SQL Injection vulnerability in E107Coders Macguru Blog Engine Plugin 2.2

SQL injection vulnerability in macgurublog_menu/macgurublog.php in the MacGuru BLOG Engine plugin 2.2 for e107 allows remote attackers to execute arbitrary SQL commands via the uid parameter, a different vector than CVE-2008-2455.

7.5
2009-03-06 CVE-2008-6434 Blueriver SQL Injection vulnerability in Blueriver Sava CMS

SQL injection vulnerability in index.cfm in Blue River Interactive Group Sava CMS before 5.0.122 allows remote attackers to execute arbitrary SQL commands via the LinkServID parameter.

7.5
2009-03-06 CVE-2008-6430 Joomla SQL Injection vulnerability in Joomla COM Mycontent 1.1.13

SQL injection vulnerability in the MyContent (com_mycontent) component 1.1.13 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php.

7.5
2009-03-06 CVE-2008-6429 Joomla
Mike Leeper
SQL Injection vulnerability in Mike Leeper COM Prayercenter

SQL injection vulnerability in the PrayerCenter (com_prayercenter) component 1.4.9 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view_request action to index2.php.

7.5
2009-03-06 CVE-2008-6425 Comicshout SQL Injection vulnerability in Comicshout 2.8

SQL injection vulnerability in news.php in ComicShout 2.8 allows remote attackers to execute arbitrary SQL commands via the news_id parameter, a different vector than CVE-2008-2456.

7.5
2009-03-06 CVE-2008-6422 Psychostats SQL Injection vulnerability in Psychostats 2.3/2.3.1/2.3.3

Multiple SQL injection vulnerabilities in PsychoStats 2.3, 2.3.1, and 2.3.3 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) weapon.php and (2) map.php.

7.5
2009-03-06 CVE-2008-6421 Socialsitegenerator Code Injection vulnerability in Socialsitegenerator Social Site Generator 2.0

PHP remote file inclusion vulnerability in social_game_play.php in Social Site Generator (SSG) 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the path parameter.

7.5
2009-03-06 CVE-2008-6419 Socialsitegenerator SQL Injection vulnerability in Socialsitegenerator Social Site Generator 2.0

Multiple SQL injection vulnerabilities in Social Site Generator (SSG) 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) sgc_id parameter to display_blog.php, (2) scm_mem_id parameter to social_my_profile_download.php, and the (3) catid parameter to social_forum_subcategories.php.

7.5
2009-03-06 CVE-2008-6418 Torrenttrader SQL Injection vulnerability in Torrenttrader

SQL injection vulnerability in scrape.php in TorrentTrader before 2008-05-13 allows remote attackers to execute arbitrary SQL commands via the info_hash parameter.

7.5
2009-03-06 CVE-2008-6414 AJ Square SQL Injection vulnerability in AJ Square AJ Auction 2.0

SQL injection vulnerability in detail.php in AJ Auction Pro Platinum Skin 2 allows remote attackers to execute arbitrary SQL commands via the item_id parameter.

7.5
2009-03-06 CVE-2008-6412 Vignette Security Bypass vulnerability in Vignette Content Management

Unspecified vulnerability in Vignette Content Management 7.3.0.5, 7.3.1, 7.3.1.1, 7.4, and 7.5 allows "low privileged" users to gain administrator privileges via unknown attack vectors.

7.5
2009-03-06 CVE-2008-6411 Explay Improper Authentication vulnerability in Explay CMS 2.0

Explay CMS 2.1 and earlier allows remote attackers to bypass authentication and gain administrative access by setting the login cookie to 1.

7.5
2009-03-06 CVE-2008-6410 Brian Wilson Path Traversal vulnerability in Brian Wilson Ol'Bookmarks

Directory traversal vulnerability in show.php in ol'bookmarks manager 0.7.5 and earlier allows remote attackers to include and execute arbitrary local files via a ..

7.5
2009-03-06 CVE-2008-6409 Brian Wilson SQL Injection vulnerability in Brian Wilson Ol'Bookmarks 0.7.5

SQL injection vulnerability in index.php in ol'bookmarks manager 0.7.5 allows remote attackers to execute arbitrary SQL commands via the id parameter in a brain action.

7.5
2009-03-06 CVE-2008-6408 Brian Wilson Code Injection vulnerability in Brian Wilson Ol'Bookmarks 0.7.5

PHP remote file inclusion vulnerability in frame.php in ol'bookmarks manager 0.7.5 allows remote attackers to execute arbitrary PHP code via a URL in the framefile parameter.

7.5
2009-03-06 CVE-2008-6407 Brian Wilson Path Traversal vulnerability in Brian Wilson Ol'Bookmarks 0.7.5

Directory traversal vulnerability in frame.php in ol'bookmarks manager 0.7.5 allows remote attackers to include and execute arbitrary local files via a ..

7.5
2009-03-06 CVE-2008-6405 Greatclone SQL Injection vulnerability in Greatclone Hotscripts Clone

SQL injection vulnerability in showcategory.php in Hotscripts Clone allows remote attackers to execute arbitrary SQL commands via the cid parameter.

7.5
2009-03-06 CVE-2008-6403 Openrat Code Injection vulnerability in Openrat 0.8Beta1

PHP remote file inclusion vulnerability in themes/default/include/html/insert.inc.php in OpenRat 0.8-beta4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the tpl_dir parameter.

7.5
2009-03-06 CVE-2008-6402 Muskatli Code Injection vulnerability in Muskatli Sofi Webgui 0.4.2/0.5.2/0.6.0Pre

PHP remote file inclusion vulnerability in hu/modules/reg-new/modstart.php in Sofi WebGui 0.6.3 PRE and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mod_dir parameter.

7.5
2009-03-06 CVE-2008-6401 Jetik SQL Injection vulnerability in Jetik Jetik-Web

SQL injection vulnerability in sayfa.php in JETIK-WEB allows remote attackers to execute arbitrary SQL commands via the kat parameter.

7.5
2009-03-06 CVE-2009-0768 Yapbb SQL Injection vulnerability in Yapbb 1.1/1.2

SQL injection vulnerability in forumhop.php in YapBB 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the forumID parameter in a next action.

7.5
2009-03-06 CVE-2009-0766 Bookelves Path Traversal vulnerability in Bookelves Kipper 2.01

Directory traversal vulnerability in default.php in Kipper 2.01 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the configfile parameter.

7.5
2009-03-06 CVE-2009-0765 Bookelves Path Traversal vulnerability in Bookelves Kipper 2.01

Directory traversal vulnerability in index.php in Kipper 2.01 allows remote attackers to include and execute arbitrary local files via a ..

7.5
2009-03-05 CVE-2009-0832 Ausimods
PHP Fusion
SQL Injection vulnerability in Ausimods E-Cart 1.3

SQL injection vulnerability in items.php in the E-Cart module 1.3 for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the CA parameter.

7.5
2009-03-05 CVE-2009-0829 Andrew Freed SQL Injection vulnerability in Andrew Freed Quotebook

Multiple SQL injection vulnerabilities in QuoteBook allow remote attackers to execute arbitrary SQL commands via the (1) MyBox and (2) selectFavorites parameters to (a) quotes.php and the (3) QuoteName and (4) QuoteText parameters to (b) quotesadd.php.

7.5
2009-03-05 CVE-2009-0820 PHP Brickhost Code Injection vulnerability in PHP.Brickhost PHPscheduleit

Multiple eval injection vulnerabilities in phpScheduleIt before 1.2.11 allow remote attackers to execute arbitrary code via (1) the end_date parameter to reserve.php and (2) the start_date and end_date parameters to check.php.

7.5
2009-03-04 CVE-2009-0810 Xatrix SQL Injection vulnerability in Xatrix Xguestbook 2.0

SQL injection vulnerability in login.php in xGuestbook 2.0 allows remote attackers to execute arbitrary SQL commands via the user parameter.

7.5
2009-03-04 CVE-2009-0808 Simple Cmms SQL Injection vulnerability in Simple Cmms Simplecmms 0.1.0

Multiple SQL injection vulnerabilities in SimpleCMMS before 0.1.0 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5
2009-03-04 CVE-2009-0807 Zfeeder Permissions, Privileges, and Access Controls vulnerability in Zfeeder 1.6

zFeeder 1.6 allows remote attackers to gain administrative access via a direct request to admin.php.

7.5
2009-03-04 CVE-2008-6394 CS Cart SQL Injection vulnerability in Cs-Cart

SQL injection vulnerability in core/user.php in CS-Cart 1.3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the cs_cookies[customer_user_id] cookie parameter.

7.5
2009-03-03 CVE-2009-0757 Mpfr Buffer Errors vulnerability in Mpfr GNU Mpfr 2.4.0

Multiple buffer overflows in GNU MPFR 2.4.0 allow context-dependent attackers to cause a denial of service (crash) via the (1) mpfr_snprintf and (2) mpfr_vsnprintf functions.

7.5
2009-03-02 CVE-2009-0750 Txtsql
Tombstone
SQL Injection vulnerability in Tombstone Smnews

SQL injection vulnerability in login.php in the smNews example script for txtSQL 2.2 Final allows remote attackers to execute arbitrary SQL commands via the username parameter.

7.5
2009-03-02 CVE-2008-6392 1Scripts SQL Injection vulnerability in 1Scripts Z1Exchange 1.0

SQL injection vulnerability in showads.php in Z1Exchange allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2009-03-02 CVE-2008-6391 Nexusjnr SQL Injection vulnerability in Nexusjnr Jbook

SQL injection vulnerability in main.asp in Jbook allows remote attackers to execute arbitrary SQL commands via the username (user parameter).

7.5
2009-03-02 CVE-2008-6390 Ocean12Tech SQL Injection vulnerability in Ocean12Tech Membership Manager PRO

SQL injection vulnerability in login.asp in Ocean12 Membership Manager Pro allows remote attackers to execute arbitrary SQL commands via the Password parameter.

7.5
2009-03-02 CVE-2008-6389 Aliensoftcorp SQL Injection vulnerability in Aliensoftcorp RAE Media Contact Management

SQL injection vulnerability in asadmin/default.asp in Rae Media Contact Management Software SOHO, Standard, and Enterprise allows remote attackers to execute arbitrary SQL commands via the Password parameter.

7.5
2009-03-02 CVE-2008-6380 Activewebsoftwares SQL Injection vulnerability in Activewebsoftwares Active web Helpdesk 2.0

SQL injection vulnerability in default.aspx in Active Web Helpdesk 2.0 allows remote attackers to execute arbitrary SQL commands via the CategoryID parameter.

7.5
2009-03-02 CVE-2008-6379 Mxmania SQL Injection vulnerability in Mxmania Gallery MX 2.0.0

SQL injection vulnerability in pics_pre.asp in Gallery MX 2.0.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter.

7.5
2009-03-02 CVE-2008-6378 Mxmania SQL Injection vulnerability in Mxmania Calendar MX Professional 2.0.0

SQL injection vulnerability in calendar_Eventupdate.asp in Calendar Mx Professional 2.0.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter.

7.5
2009-03-02 CVE-2008-6377 Phpbb SEO Code Injection vulnerability in PHPbb-Seo Multi SEO PHPbb 1.1.0

PHP remote file inclusion vulnerability in include/global.php in Multi SEO phpBB 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the pfad parameter.

7.5
2009-03-02 CVE-2008-6376 Nexusjnr SQL Injection vulnerability in Nexusjnr Jbook

SQL injection vulnerability in main.asp in Jbook allows remote attackers to execute arbitrary SQL commands via the password (pass parameter).

7.5
2009-03-02 CVE-2008-6372 Ocean12Tech SQL Injection vulnerability in Ocean12Tech FAQ Manager PRO 1.0

SQL injection vulnerability in default.asp in Ocean12 FAQ Manager Pro 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter in a Cat action.

7.5
2009-03-02 CVE-2008-6371 Ocean12Tech SQL Injection vulnerability in Ocean12Tech Membership Manager PRO

SQL injection vulnerability in login.asp in Ocean12 Membership Manager Pro allows remote attackers to execute arbitrary SQL commands via the username (Username parameter).

7.5
2009-03-02 CVE-2008-6369 Ocean12Tech SQL Injection vulnerability in Ocean12Tech Contact Manager PRO 1.02

SQL injection vulnerability in default.asp in Ocean12 Contact Manager Pro 1.02 allows remote attackers to execute arbitrary SQL commands via the Sort parameter.

7.5
2009-03-02 CVE-2008-6368 Chipmunk Scripts SQL Injection vulnerability in Chipmunk Scripts Chipmunk Guestbook 1.4M

SQL injection vulnerability in index.php in Chipmunk Guestbook 1.4m allows remote attackers to execute arbitrary SQL commands via the start parameter.

7.5
2009-03-02 CVE-2008-6366 Adserversolutions SQL Injection vulnerability in Adserversolutions Affiliate Software Java 4.0

SQL injection vulnerability in logon.jsp in Ad Server Solutions Affiliate Software Java 4.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password, possibly related to the uname and pass parameters to logon_process.jsp.

7.5
2009-03-02 CVE-2008-6365 Adserversolutions SQL Injection vulnerability in Adserversolutions AD Management Software

SQL injection vulnerability in logon.jsp in Ad Server Solutions Ad Management Software Java allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password, related to the uname or pass parameters to logon.jsp or logon_processing.jsp.

7.5
2009-03-02 CVE-2008-6364 Adserversolutions SQL Injection vulnerability in Adserversolutions Banner Exchange Software

SQL injection vulnerability in logon_process.jsp in Ad Server Solutions Banner Exchange Solution Java allows remote attackers to execute arbitrary SQL commands via the (1) username (uname parameter) and (2) password (pass parameter).

7.5
2009-03-02 CVE-2008-6362 Ezonelink SQL Injection vulnerability in Ezonelink multiple Membership Script 2.5

SQL injection vulnerability in sitepage.php in Multiple Membership Script 2.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2009-03-02 CVE-2008-6358 Socialgroupie SQL Injection vulnerability in Socialgroupie Social Groupie

SQL injection vulnerability in group_index.php in Social Groupie allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2009-03-02 CVE-2008-6353 ASP CMS SQL Injection vulnerability in Asp-Cms 1.0

SQL injection vulnerability in index.asp in ASP-CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the cha parameter.

7.5
2009-03-02 CVE-2008-6352 Xpoze SQL Injection vulnerability in Xpoze PRO 4.10

SQL injection vulnerability in home.html in Xpoze Pro 4.10 allows remote attackers to execute arbitrary SQL commands via the menu parameter.

7.5
2009-03-02 CVE-2008-6350 Turnkeyforms SQL Injection vulnerability in Turnkeyforms Local Classifieds

SQL injection vulnerability in listtest.php in TurnkeyForms Local Classifieds allows remote attackers to execute arbitrary SQL commands via the r parameter.

7.5
2009-03-02 CVE-2008-6349 Turnkeyforms SQL Injection vulnerability in Turnkeyforms Business Survey PRO 1.0

SQL injection vulnerability in survey_results_text.php in TurnkeyForms Business Survey Pro 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2009-03-02 CVE-2008-6348 Developiteasy SQL Injection vulnerability in Developiteasy Photo Gallery 1.2

Multiple SQL injection vulnerabilities in DevelopItEasy Photo Gallery 1.2 allow remote attackers to execute arbitrary SQL commands via the (1) cat_id parameter to gallery_category.php, (2) photo_id parameter to gallery_photo.php, and the (3) user_name and (4) user_pass parameters to admin/index.php.

7.5
2009-03-02 CVE-2008-6347 Joomla
Luigi Massa
Code Injection vulnerability in Luigi Massa Onguma Time Sheet 2.04

PHP remote file inclusion vulnerability in lib/onguma.class.php in the Onguma Time Sheet (com_ongumatimesheet20) 2.0 4b component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.

7.5
2009-03-04 CVE-2009-0779 IBM Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM AIX 5.3/6.1

Buffer overflow in pppdial in IBM AIX 5.3 and 6.1 allows local users to gain privileges via a long "input string."

7.2
2009-03-05 CVE-2009-0776 Mozilla Information Exposure vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to bypass the same-origin policy and read XML data from another domain via a cross-domain redirect.

7.1

76 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2009-03-04 CVE-2008-6398 Eric Raymond Link Following vulnerability in Eric Raymond SNG 1.0.2

sng_regress in SNG 1.0.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/recompiled$$.png, (2) /tmp/decompiled$$.sng, and (3) /tmp/canonicalized$$.sng temporary files.

6.9
2009-03-06 CVE-2008-6427 Hivemaker SQL Injection vulnerability in Hivemaker

SQL injection vulnerability in index.php in Hivemaker Professional 1.0.2 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cid parameter.

6.8
2009-03-05 CVE-2009-0037 Curl Cross-Site Request Forgery (CSRF) vulnerability in Curl and Libcurl

The redirect implementation in curl and libcurl 5.11 through 7.19.3, when CURLOPT_FOLLOWLOCATION is enabled, accepts arbitrary Location values, which might allow remote HTTP servers to (1) trigger arbitrary requests to intranet servers, (2) read or overwrite arbitrary files via a redirect to a file: URL, or (3) execute arbitrary commands via a redirect to an scp: URL.

6.8
2009-03-02 CVE-2008-6384 Drupal Cross-Site Request Forgery (CSRF) vulnerability in Drupal Comment Mail 5.X0.1/5.X1.0/5.X1.X

Multiple cross-site request forgery (CSRF) vulnerabilities in Comment Mail 5.x before 5.x-1.1, a module for Drupal, allow remote attackers to hijack the authentication of administrators.

6.8
2009-03-02 CVE-2008-6361 Insun Podcast Path Traversal vulnerability in Insun Podcast Feedcms 1.7.319Beta

Directory traversal vulnerability in index.php in InSun Feed CMS 1.7.3 19Beta allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the lang parameter.

6.8
2009-03-04 CVE-2009-0806 Opengoo Permissions, Privileges, and Access Controls vulnerability in Opengoo

Unspecified vulnerability in OpenGoo before 1.2.1 allows remote authenticated users to modify their own permissions via unknown attack vectors.

6.5
2009-03-03 CVE-2009-0759 ZNC Code Injection vulnerability in ZNC

Multiple CRLF injection vulnerabilities in webadmin in ZNC before 0.066 allow remote authenticated users to modify the znc.conf configuration file and gain privileges via CRLF sequences in the quit message and other vectors.

6.5
2009-03-05 CVE-2008-6399 Dotnetnuke Permissions, Privileges, and Access Controls vulnerability in Dotnetnuke

Unspecified vulnerability in DotNetNuke 4.5.2 through 4.9 allows remote attackers to "add additional roles to their user account" via unknown attack vectors.

6.4
2009-03-05 CVE-2009-0578 Ubuntu Permissions, Privileges, and Access Controls vulnerability in Ubuntu Linux 8.10

GNOME NetworkManager before 0.7.0.99 does not properly verify privileges for dbus (1) modify and (2) delete requests, which allows local users to change or remove the network connections of arbitrary users via unspecified vectors related to org.freedesktop.NetworkManagerUserSettings and at_console.

6.2
2009-03-05 CVE-2009-0831 PHP Fusion SQL Injection vulnerability in PHP-Fusion Members CV Module 1.0

SQL injection vulnerability in members.php in the Members CV (job) module 1.0 for PHP-Fusion, when magic_quotes_gpc is disabled, allows remote authenticated users to execute arbitrary SQL commands via the sortby parameter.

6.0
2009-03-02 CVE-2008-6383 Drupal SQL Injection vulnerability in Drupal Storm

SQL injection vulnerability in SpeedTech Organization and Resource Manager (Storm) 5.x before 5.x-1.14 and 6.x before 6.x-1.18, a module for Drupal, allows remote authenticated users with storm project access to execute arbitrary SQL commands via unspecified vectors.

6.0
2009-03-05 CVE-2009-0777 Mozilla Improper Input Validation vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 decode invisible characters when they are displayed in the location bar, which causes an incorrect address to be displayed and makes it easier for remote attackers to spoof URLs and conduct phishing attacks.

5.8
2009-03-04 CVE-2009-0804 Ziproxy Permissions, Privileges, and Access Controls vulnerability in Ziproxy 2.6.0

Ziproxy 2.6.0, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header.

5.4
2009-03-04 CVE-2009-0803 Smoothwall Permissions, Privileges, and Access Controls vulnerability in Smoothwall Networkguardian, Schoolguardian and Smoothguardian

SmoothWall SmoothGuardian, as used in SmoothWall Firewall, NetworkGuardian, and SchoolGuardian 2008, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header.

5.4
2009-03-04 CVE-2009-0802 Qbik Permissions, Privileges, and Access Controls vulnerability in Qbik Wingate

Qbik WinGate, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header.

5.4
2009-03-04 CVE-2009-0801 Squid Permissions, Privileges, and Access Controls vulnerability in Squid web Proxy Cache

Squid, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header.

5.4
2009-03-06 CVE-2008-6440 Cerberus
Webgroupmedia
Improper Authentication vulnerability in multiple products

Cerberus Helpdesk before 4.0 (Build 600) allows remote attackers to obtain sensitive information via direct requests for "controllers ...

5.0
2009-03-06 CVE-2008-6423 I Apps Path Traversal vulnerability in I-Apps Passwiki

Directory traversal vulnerability in passwiki.php in PassWiki 0.9.16 RC3 and earlier allows remote attackers to read arbitrary local files via a ..

5.0
2009-03-06 CVE-2008-6420 Socialsitegenerator Information Exposure vulnerability in Socialsitegenerator Social Site Generator 2.0

Social Site Generator (SSG) 2.0 allows remote attackers to read arbitrary files via the file parameter to (1) filedload.php, (2) webadmin/download.php, and (3) webadmin/download_file.php.

5.0
2009-03-06 CVE-2008-6417 Greensql Remote Security vulnerability in GreenSQL-Console

Unspecified vulnerability in GreenSQL-Console before 0.3.5 allows attackers to obtain the "installation directory" via unknown vectors.

5.0
2009-03-06 CVE-2009-0770 Dkim Remote Denial of Service vulnerability in dkim-milter 'p' flag

dkim-milter 2.6.0 through 2.8.0 allows remote attackers to cause a denial of service (crash) by signing a message with a key that has been revoked in DNS, which triggers an assertion error.

5.0
2009-03-06 CVE-2009-0767 Bookelves Permissions, Privileges, and Access Controls vulnerability in Bookelves Kipper 2.01

Kipper 2.01 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a file containing credentials via a direct request for job/config.data.

5.0
2009-03-06 CVE-2009-0760 Team5 Permissions, Privileges, and Access Controls vulnerability in Team5 Team Board 1.0.0/2.0.0

Team Board 1.x and 2.x stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing credentials via a direct request for data/team.mdb.

5.0
2009-03-05 CVE-2009-0828 Freedville Permissions, Privileges, and Access Controls vulnerability in Freedville Quotebook

QuoteBook stores quotes.inc under the web root with insufficient access control, which allows remote attackers to obtain sensitive database information, including user credentials, via a direct request.

5.0
2009-03-05 CVE-2009-0827 Freedville Permissions, Privileges, and Access Controls vulnerability in Freedville Pollhelper

PollHelper stores poll.inc under the web root with insufficient access control, which allows remote attackers to download the database file containing user credentials via a direct request.

5.0
2009-03-05 CVE-2009-0826 Freedville Permissions, Privileges, and Access Controls vulnerability in Freedville Bloghelper

BlogHelper stores common_db.inc under the web root with insufficient access control, which allows remote attackers to download the database file containing user credentials via a direct request.

5.0
2009-03-05 CVE-2009-0821 Mozilla Resource Management Errors vulnerability in Mozilla Firefox

Mozilla Firefox 2.0.0.20 and earlier allows remote attackers to cause a denial of service (application crash) via nested calls to the window.print function, as demonstrated by a window.print(window.print()) in the onclick attribute of an INPUT element.

5.0
2009-03-05 CVE-2009-0815 Typo3 Information Exposure vulnerability in Typo3

The jumpUrl mechanism in class.tslib_fe.php in TYPO3 3.3.x through 3.8.x, 4.0 before 4.0.12, 4.1 before 4.1.10, 4.2 before 4.2.6, and 4.3alpha1 leaks a hash secret (juHash) in an error message, which allows remote attackers to read arbitrary files by including the hash in a request.

5.0
2009-03-04 CVE-2009-0780 Openbsd Remote Denial of Service vulnerability in OpenBSD bgpd

The aspath_prepend function in rde_attr.c in bgpd in OpenBSD 4.3 and 4.4 allows remote attackers to cause a denial of service (application crash) via an Autonomous System (AS) advertisement containing a long AS path.

5.0
2009-03-03 CVE-2009-0756 Poppler Denial of Service vulnerability in Poppler

The JBIG2Stream::readSymbolDictSeg function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (crash) via a PDF file that triggers a parsing error, which is not properly handled by JBIG2SymbolDict::~JBIG2SymbolDict and triggers an invalid memory dereference.

5.0
2009-03-03 CVE-2009-0755 Poppler Denial of Service vulnerability in Poppler

The FormWidgetChoice::loadDefaults function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (crash) via a PDF file with an invalid Form Opt entry.

5.0
2009-03-03 CVE-2009-0753 Mldonkey Path Traversal vulnerability in Mldonkey

Absolute path traversal vulnerability in MLDonkey 2.8.4 through 2.9.7 allows remote attackers to read arbitrary files via a leading "//" (double slash) in the filename.

5.0
2009-03-02 CVE-2009-0751 Yaws Resource Management Errors vulnerability in Yaws

Yaws before 1.80 allows remote attackers to cause a denial of service (memory consumption and crash) via a request with a large number of headers.

5.0
2009-03-02 CVE-2008-6388 4U2Ges Permissions, Privileges, and Access Controls vulnerability in 4U2Ges Rapid Classified 3.1/3.15

Rapid Classified 3.1 and 3.15 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to cldb.mdb.

5.0
2009-03-02 CVE-2008-6387 Activewebsoftwares Information Exposure vulnerability in Activewebsoftwares Quick Tree View .Net 3.1

Quick Tree View .NET 3.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to qtv.mdb.

5.0
2009-03-02 CVE-2008-6382 Aspportal Permissions, Privileges, and Access Controls vulnerability in Aspportal 3.2.5

ASP Portal 3.2.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to ASPPortal.mdb.

5.0
2009-03-02 CVE-2008-6375 Nexusjnr Permissions, Privileges, and Access Controls vulnerability in Nexusjnr Jbook

JBook stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to userids.mdb.

5.0
2009-03-02 CVE-2008-6374 Codefixer Permissions, Privileges, and Access Controls vulnerability in Codefixer Mailinglistpro

CodefixerSoftware MailingListPro Free Edition stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to db/MailingList.mdb.

5.0
2009-03-02 CVE-2008-6373 Nagios Code Injection vulnerability in Nagios

Unspecified vulnerability in Nagios before 3.0.6 has unspecified impact and remote attack vectors related to CGI programs, "adaptive external commands," and "writing newlines and submitting service comments."

5.0
2009-03-02 CVE-2008-6357 Donnafontenot Permissions, Privileges, and Access Controls vulnerability in Donnafontenot Mycal Personal Events Calendar

MyCal Personal Events Calendar stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing the username and password via a direct request to mycal.mdb.

5.0
2009-03-02 CVE-2008-6356 Donnafontenot Permissions, Privileges, and Access Controls vulnerability in Donnafontenot Evcal Events Calendar

evCal Events Calendar stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing the username and password via a direct request to (1) evcal.mdb and (2) evcal97.mdb.

5.0
2009-03-02 CVE-2008-6355 Thenetguys Permissions, Privileges, and Access Controls vulnerability in Thenetguys Aspired2Protect

The Net Guys ASPired2Protect stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing the username and password via a direct request to ASPired2Protect.mdb.

5.0
2009-03-02 CVE-2008-6354 Thenetguys Permissions, Privileges, and Access Controls vulnerability in Thenetguys Aspired2Poll

The Net Guys ASPired2poll stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing the username and password via a direct request to ASPired2poll.mdb.

5.0
2009-03-06 CVE-2009-0838 SUN Resource Management Errors vulnerability in SUN Opensolaris and Sunos

The crypto pseudo device driver in Sun Solaris 10, and OpenSolaris snv_88 through snv_102, does not properly free memory, which allows local users to cause a denial of service (panic) via unspecified vectors, related to the vmem_hash_delete function.

4.9
2009-03-05 CVE-2009-0365 Ubuntu Permissions, Privileges, and Access Controls vulnerability in Ubuntu Linux

nm-applet.conf in GNOME NetworkManager before 0.7.0.99 contains an incorrect deny setting, which allows local users to discover (1) network connection passwords and (2) pre-shared keys via calls to the GetSecrets method in the dbus request handler.

4.6
2009-03-02 CVE-2008-6381 Bcoos SQL Injection vulnerability in Bcoos

SQL injection vulnerability in modules/adresses/viewcat.php in bcoos 1.0.13, and possibly earlier, allows remote authenticated users with Addresses module permissions to execute arbitrary SQL commands via the cid parameter.

4.6
2009-03-04 CVE-2008-6397 Alcovebook Link Following vulnerability in Alcovebook Sgml2X 1.0.0

rlatex in AlcoveBook sgml2x 1.0.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.

4.4
2009-03-06 CVE-2008-6439 Abledating Cross-Site Scripting vulnerability in Abledating 2.4

Cross-site scripting (XSS) vulnerability in search_results.php in ABK-Soft AbleDating 2.4 allows remote attackers to inject arbitrary web script or HTML via the keyword parameter.

4.3
2009-03-06 CVE-2008-6437 Lukas Waldauf Cross-Site Scripting vulnerability in Lukas Waldauf PHPfreeforum

Multiple cross-site scripting (XSS) vulnerabilities in PHPFreeForum 1.0 RC2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) message parameter to error.php, and the (2) nickname and (3) randomid parameters to part/menu.php.

4.3
2009-03-06 CVE-2008-6436 Xerox Cross-Site Scripting vulnerability in Xerox Workcentre

Cross-site scripting (XSS) vulnerability in the Web Server in Xerox WorkCentre 7132, 7228, 7235, and 7245 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2009-03-06 CVE-2008-6435 Phpsqlitecms Cross-Site Scripting vulnerability in PHPsqlitecms 1

Multiple cross-site scripting (XSS) vulnerabilities in phpSQLiteCMS 1 RC2 allow remote attackers to inject arbitrary web script or HTML via the (1) lang[home], (2) lang[admin_menu], and (3) lang[admin_menu_page_overview] parameters to cms/includes/header.inc.php; and the (4) lang[login_username] and (5) lang[login_password] parameters to cms/includes/login.inc.php.

4.3
2009-03-06 CVE-2008-6433 Blueriver Cross-Site Scripting vulnerability in Blueriver Sava CMS

Cross-site scripting (XSS) vulnerability in index.cfm in Blue River Interactive Group Sava CMS before 5.0.122 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter in a search action.

4.3
2009-03-06 CVE-2008-6431 Bmforum Cross-Site Scripting vulnerability in Bmforum 5.6

Multiple cross-site scripting (XSS) vulnerabilities in BMForum 5.6 allow remote attackers to inject arbitrary web script or HTML via the (1) outpused parameter to index.php, the (2) footer_copyright and (3) verandproname parameters to newtem/footer/bsd01footer.php, and the (4) topads and (5) myplugin parameters to newtem/header/bsd01header.php.

4.3
2009-03-06 CVE-2008-6428 Kayalang Cross-Site Scripting vulnerability in Kayalang Kaya 0.4.0

The CGI framework in Kaya 0.4.0 allows remote attackers to inject arbitrary HTTP headers and conduct cross-site scripting (XSS) attacks via unspecified vectors.

4.3
2009-03-06 CVE-2008-6416 Greensql Cross-Site Scripting vulnerability in Greensql Greensql-Console

Multiple cross-site scripting (XSS) vulnerabilities in GreenSQL-Console before 0.3.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "internal pages."

4.3
2009-03-06 CVE-2008-6413 Drupal
Ticklespace
Cross-Site Scripting vulnerability in Ticklespace Answers Module 5.X1.Xdev

Cross-site scripting (XSS) vulnerability in the Answers module 5.x-1.x-dev and possibly other 5.x versions, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via a Simple Answer to a question.

4.3
2009-03-06 CVE-2008-6406 Datalifecms Cross-Site Scripting vulnerability in Datalifecms Datalife Engine 7.2

Cross-site scripting (XSS) vulnerability in admin.php in DataLife Engine (DLE) 7.2 allows remote attackers to inject arbitrary web script or HTML via the query string.

4.3
2009-03-06 CVE-2008-6404 Extrosoft Cross-Site Scripting vulnerability in Extrosoft Thyme 1.3

Cross-site scripting (XSS) vulnerability in add_calendars.php in eXtrovert Software Thyme 1.3 allows remote attackers to inject arbitrary web script or HTML via the callback parameter.

4.3
2009-03-06 CVE-2009-0769 QIP Resource Management Errors vulnerability in QIP 2005

QIP 2005 build 8082 allows remote attackers to cause a denial of service (CPU consumption and application hang) via a crafted Rich Text Format (RTF) ICQ message, as demonstrated by an {\rtf\pict\&&} message.

4.3
2009-03-06 CVE-2009-0764 Bookelves Cross-Site Scripting vulnerability in Bookelves Kipper 2.01

Multiple cross-site scripting (XSS) vulnerabilities in Kipper 2.01 allow remote attackers to inject arbitrary web script or HTML via the charm parameter to (1) index.php and (2) kipper.php.

4.3
2009-03-06 CVE-2009-0763 Bookelves Cross-Site Scripting vulnerability in Bookelves Kipper 2.01

Cross-site scripting (XSS) vulnerability in default.php in Kipper 2.01 allows remote attackers to inject arbitrary web script or HTML via the charm parameter.

4.3
2009-03-06 CVE-2009-0762 Scriptsez Cross-Site Scripting vulnerability in Scriptsez EZ PHP Comment

Cross-site scripting (XSS) vulnerability in ScriptsEz Ez PHP Comment allows remote attackers to inject arbitrary web script or HTML via the name parameter.

4.3
2009-03-06 CVE-2009-0761 Team5 Team Board Cross-Site Scripting vulnerability in Team5.Team Board products

Cross-site scripting (XSS) vulnerability in online.asp in Team Board 1.x allows remote attackers to inject arbitrary web script or HTML via the lookname parameter.

4.3
2009-03-05 CVE-2009-0830 Andrew Freed Cross-Site Scripting vulnerability in Andrew Freed Quotebook

Cross-site scripting (XSS) vulnerability in QuoteBook allows remote attackers to inject arbitrary web script or HTML via the (1) QuoteName and (2) QuoteText parameters to quotesadd.php.

4.3
2009-03-05 CVE-2008-6400 Refbase Cross-Site Scripting vulnerability in Refbase

Cross-site scripting (XSS) vulnerability in refbase before 0.9.5 allows remote attackers to inject arbitrary web script or HTML via the headerMsg parameter to (1) show.php and (2) search.php.

4.3
2009-03-05 CVE-2009-0816 Typo3 Cross-Site Scripting vulnerability in Typo3

Multiple cross-site scripting (XSS) vulnerabilities in the backend user interface in TYPO3 3.3.x through 3.8.x, 4.0 before 4.0.12, 4.1 before 4.1.10, 4.2 before 4.2.6, and 4.3alpha1 allow remote attackers to inject arbitrary web script or HTML via unspecified fields.

4.3
2009-03-05 CVE-2009-0814 Blogsa Cross-Site Scripting vulnerability in Blogsa

Cross-site scripting (XSS) vulnerability in Widgets.aspx in Blogsa 1.0 Beta 3 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchText parameter.

4.3
2009-03-04 CVE-2009-0805 Mihai Bazon
Xoops
Cross-Site Scripting vulnerability in Mihai Bazon Pical

Cross-site scripting (XSS) vulnerability in piCal 0.91h and earlier, a module for XOOPS, allows remote attackers to inject arbitrary web script or HTML via the event_id parameter in index.php.

4.3
2009-03-04 CVE-2008-6396 Celerondude Cross-Site Scripting vulnerability in Celerondude Uploader 6.1

Cross-site scripting (XSS) vulnerability in account.php in Celerondude Uploader 6.1 allows remote attackers to inject arbitrary web script or HTML via the username parameter.

4.3
2009-03-02 CVE-2008-6386 1Scripts Cross-Site Scripting vulnerability in 1Scripts Z1Exchange 1.0

Cross-site scripting (XSS) vulnerability in showads.php in Z1Exchange 1.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter.

4.3
2009-03-02 CVE-2008-6385 W3Matter Cross-Site Scripting vulnerability in W3Matter Revsense 1.0

Cross-site scripting (XSS) vulnerability in index.php in W3matter RevSense 1.0 allows remote attackers to inject arbitrary web script or HTML via the section parameter.

4.3
2009-03-02 CVE-2008-6370 Ocean12Tech Cross-Site Scripting vulnerability in Ocean12Tech Contact Manager PRO 1.02

Cross-site scripting (XSS) vulnerability in default.asp in Ocean12 Contact Manager Pro 1.02 allows remote attackers to inject arbitrary web script or HTML via the DisplayFormat parameter.

4.3
2009-03-02 CVE-2008-6360 Impresscms Cross-Site Scripting vulnerability in Impresscms 1.0.2

Cross-site scripting (XSS) vulnerability in the userranks feature in modules/system/admin.php in ImpressCMS 1.0.2 final allows remote attackers to inject arbitrary web script or HTML via the rank_title parameter.

4.3
2009-03-02 CVE-2008-6359 Phpf1 Cross-Site Scripting vulnerability in PHPf1 Max'S Guestbook

Cross-site scripting (XSS) vulnerability in index.php in Max's Guestbook allows remote attackers to inject arbitrary web script or HTML via the (1) name, (2) email, and (3) message parameters.

4.3
2009-03-02 CVE-2008-6351 Turnkeyforms Cross-Site Scripting vulnerability in Turnkeyforms Local Classifieds

Cross-site scripting (XSS) vulnerability in listtest.php in TurnkeyForms Local Classifieds allows remote attackers to inject arbitrary web script or HTML via the r parameter.

4.3
2009-03-05 CVE-2009-0819 Mysql
Oracle
Remote Denial Of Service vulnerability in MySQL XPath Expression

sql/item_xmlfunc.cc in MySQL 5.1 before 5.1.32 and 6.0 before 6.0.10 allows remote authenticated users to cause a denial of service (crash) via "an XPath expression employing a scalar expression as a FilterExpr with ExtractValue() or UpdateXML()," which triggers an assertion failure.

4.0

5 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2009-03-06 CVE-2009-0835 Linux Permissions, Privileges, and Access Controls vulnerability in Linux Kernel

The __secure_computing function in kernel/seccomp.c in the seccomp subsystem in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform, when CONFIG_SECCOMP is enabled, does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass intended access restrictions via crafted syscalls that are misinterpreted as (a) stat or (b) chmod, a related issue to CVE-2009-0342 and CVE-2009-0343.

3.6
2009-03-05 CVE-2009-0818 Drupal Cross-Site Scripting vulnerability in Drupal Taxonomy Theme Module

Cross-site scripting (XSS) vulnerability in the taxonomy_theme_admin_table_builder function (taxonomy_theme_admin.inc) in Taxonomy Theme module before 5.x-1.2, a module for Drupal, allows remote authenticated users with the "administer taxonomy" permission, or the ability to create pages when tagging is enabled, to inject arbitrary web script or HTML via the Vocabulary name (name parameter) to index.php.

3.5
2009-03-04 CVE-2009-0809 3DS
IBM
Permissions, Privileges, and Access Controls vulnerability in multiple products

The Web Editor in Dassault Systemes ENOVIA SmarTeam V5 before Release 18 Service Pack 8, and possibly CATIA and other products, allows remote authenticated users to read the profile card of an object in the document class via a link that is sent from the owner of the document object.

3.5
2009-03-03 CVE-2009-0754 PHP
Apache
USE of Externally-Controlled Format String vulnerability in PHP 4.4.4/5.1.6

PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior of other sites hosted on the same web server by modifying the mbstring.func_overload setting within .htaccess, which causes this setting to be applied to other virtual hosts on the same server.

2.1
2009-03-02 CVE-2009-0368 Opensc Project Cryptographic Issues vulnerability in Opensc-Project Opensc

OpenSC before 0.11.7 allows physically proximate attackers to bypass intended PIN requirements and read private data objects via a (1) low level APDU command or (2) debugging tool, as demonstrated by reading the 4601 or 4701 file with the opensc-explorer or opensc-tool program.

2.1