Weekly Vulnerabilities Reports > April 6 to 12, 2009
Overview
159 new vulnerabilities reported during this period, including 11 critical vulnerabilities and 65 high severity vulnerabilities. This weekly summary report vulnerabilities in 137 products from 106 vendors including Typo3, Vmware, Cisco, Avaya, and Quickersite. Vulnerabilities are notably categorized as "SQL Injection", "Cross-site Scripting", "Permissions, Privileges, and Access Controls", "Improper Restriction of Operations within the Bounds of a Memory Buffer", and "Code Injection".
- 149 reported vulnerabilities are remotely exploitables.
- 58 reported vulnerabilities have public exploit available.
- 83 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 149 reported vulnerabilities are exploitable by an anonymous user.
- Typo3 has the most reported vulnerabilities, with 17 reported vulnerabilities.
- Avaya has the most reported critical vulnerabilities, with 4 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
11 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2009-04-10 | CVE-2008-6703 | Stalker Game | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Stalker-Game S.T.A.L.K.E.R.: Shadow of Chernobyl Stack-based buffer overflow in the IPureServer::_Recieve function in S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and earlier allows remote attackers to execute arbitrary code via a compressed 0x39 packet, which is decompressed by the NET_Compressor::Decompress function. | 10.0 |
2009-04-09 | CVE-2009-1251 | Unix Openafs | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Heap-based buffer overflow in the cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58 on Unix platforms allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via an RX response containing more data than specified in a request, related to use of XDR arrays. | 10.0 |
2009-04-07 | CVE-2008-6651 | Oxyproject | Code Injection vulnerability in Oxyproject Oxybox 0.85 Static code injection vulnerability in edithistory.php in OxYProject OxYBox 0.85 allows remote attackers to inject arbitrary PHP code into oxyhistory.php via the oxymsg parameter. | 10.0 |
2009-04-09 | CVE-2009-0197 | Irfanview | Numeric Errors vulnerability in Irfanview Formats 4.00/4.10/4.20 Integer overflow in the FORMATS Plugin before 4.23 for IrfanView allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a large XPM file that triggers a heap-based buffer overflow. | 9.3 |
2009-04-07 | CVE-2009-1260 | Ezbsystems | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ezbsystems Ultraiso Multiple stack-based buffer overflows in UltraISO 9.3.3.2685 and earlier allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted (1) CCD or (2) IMG file. | 9.3 |
2009-04-06 | CVE-2009-0909 | Vmware | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in VMWare products Heap-based buffer overflow in the VNnc Codec in VMware Workstation 6.5.x before 6.5.2 build 156735, VMware Player 2.5.x before 2.5.2 build 156735, VMware ACE 2.5.x before 2.5.2 build 156735, and VMware Server 2.0.x before 2.0.1 build 156745 allows remote attackers to execute arbitrary code via a crafted web page or video file, aka ZDI-CAN-435. | 9.3 |
2009-04-10 | CVE-2008-6711 | Avaya | Multiple Security vulnerability in Avaya Communication Manager Unspecified vulnerability in the Web administration interface in Avaya Communication Manager 3.1.x before CM 3.1.4 SP2 and 4.0.x before 4.0.3 SP1 allows remote authenticated users to execute arbitrary commands via unknown vectors related to "viewing system logs." | 9.0 |
2009-04-10 | CVE-2008-6710 | Avaya | Multiple Security vulnerability in Avaya Communication Manager Unspecified vulnerability in the Web administration interface in Avaya Communication Manager 3.1.x before CM 3.1.4 SP2 and 4.0.x before 4.0.3 SP1 allows remote authenticated administrators to gain root privileges via unknown vectors related to "configuring data viewing or restoring credentials." | 9.0 |
2009-04-10 | CVE-2008-6709 | Avaya | Multiple Security vulnerability in Avaya Communication Manager and SIP Enablement Services Unspecified vulnerability in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, allows remote authenticated users to execute arbitrary commands via unknown vectors related to configuration of "local data viewing or restoring parameters." | 9.0 |
2009-04-10 | CVE-2008-6708 | Avaya | Multiple Security vulnerability in Avaya Communication Manager and SIP Enablement Services Unspecified vulnerability in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x and 4.x, allows remote authenticated administrators to gain root privileges via unknown vectors related to configuration of "data viewing or restoring parameters." | 9.0 |
2009-04-07 | CVE-2009-1257 | Magic ISO Maker | Buffer Errors vulnerability in Magic ISO Maker Magic ISO Maker 5.5 Heap-based buffer overflow in Magic ISO Maker 5.5 build 0274 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted CCD file. | 9.0 |
65 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2009-04-07 | CVE-2008-6638 | Versalsoft | Configuration vulnerability in Versalsoft Http File Upload Activex Control 6.0.0.35 Insecure method vulnerability in the Versalsoft HTTP Image Uploader ActiveX control (UUploaderSvrD.dll 6.0.0.35) allows remote attackers to delete arbitrary files via the RemoveFileOrDir method. | 8.8 |
2009-04-10 | CVE-2008-6706 | Avaya | Multiple Security vulnerability in Avaya Communication Manager and SIP Enablement Services Multiple unspecified vulnerabilities in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, allow remote attackers to obtain (1) application server configuration, (2) database server configuration including encrypted passwords, (3) a system utility that decrypts "subscriber table passwords," (4) a system utility that decrypts database passwords, and (5) a system utility that encrypts "subscriber table passwords." | 7.8 |
2009-04-09 | CVE-2009-1159 | Cisco | Unspecified vulnerability in Cisco Adaptive Security Appliance 5500 and PIX Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2 before 7.2(4)26, 8.0 before 8.0(4)22, and 8.1 before 8.1(2)12, when SQL*Net inspection is enabled, allows remote attackers to cause a denial of service (traceback and device reload) via a series of SQL*Net packets. | 7.8 |
2009-04-09 | CVE-2009-1158 | Cisco | Unspecified vulnerability in Cisco Adaptive Security Appliance 5500 and PIX Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)26, 8.0 before 8.0(4)24, and 8.1 before 8.1(2)14, when H.323 inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet. | 7.8 |
2009-04-09 | CVE-2009-1157 | Cisco | Unspecified vulnerability in Cisco Adaptive Security Appliance 5500 and PIX Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)30, 8.0 before 8.0(4)28, and 8.1 before 8.1(2)19 allows remote attackers to cause a denial of service (memory consumption or device reload) via a crafted TCP packet. | 7.8 |
2009-04-09 | CVE-2009-1155 | Cisco | Improper Authentication vulnerability in Cisco Adaptive Security Appliance 5500 and PIX Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.1(1) through 7.1(2)82, 7.2 before 7.2(4)27, 8.0 before 8.0(4)25, and 8.1 before 8.1(2)15, when AAA override-account-disable is entered in a general-attributes field, allow remote attackers to bypass authentication and establish a VPN session to an ASA device via unspecified vectors. | 7.8 |
2009-04-09 | CVE-2009-1250 | IBM Openafs Linux | Numeric Errors vulnerability in multiple products The cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58, and IBM AFS 3.6 before Patch 19, on Linux allows remote attackers to cause a denial of service (system crash) via an RX response with a large error-code value that is interpreted as a pointer and dereferenced, related to use of the ERR_PTR macro. | 7.8 |
2009-04-08 | CVE-2009-1270 | Clamav Debian Canonical | Infinite Loop vulnerability in multiple products libclamav/untar.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (infinite loop) via a crafted TAR file that causes (1) clamd and (2) clamscan to hang. | 7.8 |
2009-04-07 | CVE-2008-6630 | Typo3 | Path Traversal vulnerability in Typo3 WT Gallery Directory traversal vulnerability in the wt_gallery extension 2.5.0 and earlier for TYPO3 allows remote attackers to read arbitrary image files and determine directory structure via unspecified vectors. | 7.8 |
2009-04-06 | CVE-2008-6621 | Graphicsmagick | Unspecified vulnerability in Graphicsmagick Unspecified vulnerability in GraphicsMagick before 1.2.3 allows remote attackers to cause a denial of service (crash) via unspecified vectors in DPX images. | 7.8 |
2009-04-10 | CVE-2008-6714 | Xecms Project | Improper Authentication vulnerability in Xecms Project Xecms 1.0.0 admin.php in xeCMS 1.0.0 RC2 and earlier allows remote attackers to bypass authentication and access the admin panel by setting the xecms_username cookie. | 7.5 |
2009-04-10 | CVE-2008-6701 | Netscout | Permissions, Privileges, and Access Controls vulnerability in Netscout Ngenius Infinistream and Visualizer NetScout (formerly Network General) Visualizer V2100 and InfiniStream i1730 do not restrict access to ResourceManager/en_US/domains/add_domain.jsp, which allows remote attackers to gain administrator privileges via a direct request. | 7.5 |
2009-04-10 | CVE-2008-6697 | Typo3 Michael Fritz | SQL Injection vulnerability in Michael Fritz Worldcup SQL injection vulnerability in TARGET-E WorldCup Bets (worldcup) 2.0.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
2009-04-10 | CVE-2008-6696 | Typo3 Manu Oehler | SQL Injection vulnerability in Manu Oehler Toto 0.1.0 SQL injection vulnerability in Fussballtippspiel (toto) 0.1.1 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
2009-04-10 | CVE-2008-6695 | Typo3 Frank Naegler | SQL Injection vulnerability in Frank Naegler Timtab Sociable SQL injection vulnerability in TIMTAB social bookmark icons (timtab_sociable) 2.0.4 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
2009-04-10 | CVE-2008-6694 | Typo3 FR Simon Rundell | SQL Injection vulnerability in Fr.Simon Rundell STE Prayer 0.0.1 SQL injection vulnerability in Random Prayer (ste_prayer) 0.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
2009-04-10 | CVE-2008-6693 | Typo3 Sebastian Baumann | SQL Injection vulnerability in Sebastian Baumann SB Downloader SQL injection vulnerability in Download system (sb_downloader) extension 0.1.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
2009-04-10 | CVE-2008-6692 | Typo3 FR Simon Rundell | SQL Injection vulnerability in Fr.Simon Rundell PD Trainingcourses 0.1.1 SQL injection vulnerability in Diocese of Portsmouth Training Courses (pd_trainingcourses) extension 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
2009-04-10 | CVE-2008-6691 | Typo3 Diocese OF Portsmouth | SQL Injection vulnerability in Diocese of Portsmouth PD Calendar Today 0.0.3 SQL injection vulnerability in Diocese of Portsmouth Calendar Today (pd_calendar_today) extension 0.0.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
2009-04-10 | CVE-2008-6690 | Typo3 | Setting Manipulation vulnerability in Typo3 ND Antispam 1.0.3 Unspecified vulnerability in nepa-design.de Spam Protection (nd_antispam) extension 1.0.3 for TYPO3 allows remote attackers to modify configuration via unknown vectors. | 7.5 |
2009-04-10 | CVE-2008-6689 | Typo3 Kevin Renskers | SQL Injection vulnerability in Kevin Renskers Dmmjobcontrol SQL injection vulnerability in JobControl (dmmjobcontrol) 1.15.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
2009-04-10 | CVE-2008-6686 | Typo3 JAN Bednarik | SQL Injection vulnerability in JAN Bednarik Cooluri SQL injection vulnerability in CoolURI (cooluri) 1.0.11 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
2009-04-10 | CVE-2008-6685 | Typo3 Thomas Waggershauser | Code Execution vulnerability in TYPO3 Frontend Filemanager Extension Unspecified vulnerability in Frontend Filemanager (air_filemanager) 0.6.1 and earlier extension for TYPO3 allows remote attackers to execute arbitrary commands via unknown vectors. | 7.5 |
2009-04-09 | CVE-2009-1282 | Glfusion | SQL Injection vulnerability in Glfusion SQL injection vulnerability in private/system/lib-session.php in glFusion 1.1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the glf_session cookie parameter. | 7.5 |
2009-04-09 | CVE-2009-1278 | Gravityboardx | Code Injection vulnerability in Gravityboardx Gravity Board X 2.0 Static code injection vulnerability in forms/ajax/configure.php in Gravity Board X (GBX) 2.0 BETA allows remote attackers to inject arbitrary PHP code into config.php via the configure action to index.php. | 7.5 |
2009-04-09 | CVE-2009-1277 | Gravityboardx | SQL Injection vulnerability in Gravityboardx Gravity Board X 2.0 SQL injection vulnerability in index.php in Gravity Board X (GBX) 2.0 BETA allows remote attackers to execute arbitrary SQL commands via the member_id parameter in a viewprofile action. | 7.5 |
2009-04-08 | CVE-2008-6678 | Quickersite | SQL Injection vulnerability in Quickersite 1.8.5 SQL injection vulnerability in asp/includes/contact.asp in QuickerSite 1.8.5 allows remote attackers to execute arbitrary SQL commands via the sNickName parameter in a profile action to default.asp. | 7.5 |
2009-04-08 | CVE-2008-6677 | Quickersite | Code Injection vulnerability in Quickersite 1.8.5 Unrestricted file upload vulnerability in fckeditor251/editor/filemanager/connectors/asp/upload.asp in QuickerSite 1.8.5 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file. | 7.5 |
2009-04-08 | CVE-2008-6673 | Quickersite | Permissions, Privileges, and Access Controls vulnerability in Quickersite 1.8.5 asp/bs_login.asp in QuickerSite 1.8.5 does not properly restrict access to administrative functionality, which allows remote attackers to (1) change the admin password via the cSaveAdminPW action; (2) modify site information, such as the contact address, via the saveAdmin; and (3) modify the site design via the saveDesign action. | 7.5 |
2009-04-08 | CVE-2008-6669 | Dirk Bartley | OS Command Injection vulnerability in Dirk Bartley Nweb2Fax viewrq.php in nweb2fax 0.2.7 and earlier allows remote attackers to execute arbitrary code via shell metacharacters in the var_filename parameter in a (1) tif or (2) pdf format action. | 7.5 |
2009-04-08 | CVE-2008-6667 | Marc Melvin | Improper Authentication vulnerability in Marc Melvin A+ PHP Scripts News Management System A+ PHP Scripts News Management System (NMS) allows remote attackers to bypass authentication and gain administrator privileges by setting the mobsuser and mobspass cookies to 1. | 7.5 |
2009-04-08 | CVE-2008-6663 | Phpauctions | SQL Injection vulnerability in PHPauctions SQL injection vulnerability in profile.php in PHPAuctions.info PHPAuctions (aka PHPAuctionSystem) allows remote attackers to execute arbitrary SQL commands via the auction_id parameter, a different vector than CVE-2009-0106. | 7.5 |
2009-04-07 | CVE-2009-1263 | Joomla Alikonweb | SQL Injection vulnerability in Alikonweb COM Bookjoomlas 0.1 SQL injection vulnerability in sub_commententry.php in the BookJoomlas (com_bookjoomlas) component 0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gbid parameter in a comment action to index.php. | 7.5 |
2009-04-07 | CVE-2009-1258 | RD Media Joomla | SQL Injection vulnerability in Rd-Media COM Rdautos 1.5.7 SQL injection vulnerability in the RD-Autos (com_rdautos) component 1.5.7 for Joomla! allows remote attackers to execute arbitrary SQL commands via the makeid parameter in index.php. | 7.5 |
2009-04-07 | CVE-2009-1256 | Flexcms | SQL Injection vulnerability in Flexcms 2.5 SQL injection vulnerability in FlexCMS 2.5 allows remote attackers to execute arbitrary SQL commands via the ItemId parameter. | 7.5 |
2009-04-07 | CVE-2008-6656 | Openautoclassifieds | SQL Injection vulnerability in Openautoclassifieds Open Auto Classifieds 1.4.3B Multiple SQL injection vulnerabilities in Open Auto Classifieds 1.4.3b allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to listings.php and (2) the username field to login.php. | 7.5 |
2009-04-07 | CVE-2008-6653 | Joomla Mambo WH COM | SQL Injection vulnerability in Wh-Com COM Webhosting SQL injection vulnerability in webhosting.php in the Webhosting Component (com_webhosting) module before 1.1 RC7 for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | 7.5 |
2009-04-07 | CVE-2008-6652 | Insanevisions | SQL Injection vulnerability in Insanevisions Onecms 2.5 SQL injection vulnerability in asd.php in OneCMS 2.5 allows remote attackers to execute arbitrary SQL commands via the sitename parameter. | 7.5 |
2009-04-07 | CVE-2008-6649 | Ktools | SQL Injection vulnerability in Ktools Photostore SQL injection vulnerability in manager/image_details_editor.php in Ktools PhotoStore 2.5, 2.9.8, 3.1.0, and other versions through 3.5.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2009-04-07 | CVE-2008-6648 | Ktools | SQL Injection vulnerability in Ktools Photostore 3.4.3/3.5.2 SQL injection vulnerability in crumbs.php in Ktools PhotoStore 3.4.3 and 3.5.2 allows remote attackers to execute arbitrary SQL commands via the gid parameter to about_us.php. | 7.5 |
2009-04-07 | CVE-2008-6647 | Ktools | SQL Injection vulnerability in Ktools Photostore 3.4.3 SQL injection vulnerability in gallery.php in Ktools PhotoStore 3.4.3 allows remote attackers to execute arbitrary SQL commands via the gid parameter. | 7.5 |
2009-04-07 | CVE-2008-6642 | Dotcontent | SQL Injection vulnerability in Dotcontent Fluentcms 4.0/4.1 SQL injection vulnerability in view.php in DotContent FluentCMS 4.x allows remote attackers to execute arbitrary SQL commands via the sid parameter. | 7.5 |
2009-04-07 | CVE-2008-6640 | Aspindir | SQL Injection vulnerability in Aspindir Batmanportal Multiple SQL injection vulnerabilities in BatmanPorTaL allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) uyeadmin.asp and (2) profil.asp. | 7.5 |
2009-04-07 | CVE-2008-6634 | Beaussier | SQL Injection vulnerability in Beaussier Roomphplanning 1.5 SQL injection vulnerability in RoomPHPlanning 1.5 allows remote attackers to execute arbitrary SQL commands via the idroom parameter to weekview.php. | 7.5 |
2009-04-07 | CVE-2008-6633 | Beaussier | SQL Injection vulnerability in Beaussier Roomphplanning 1.5 SQL injection vulnerability in RoomPHPlanning 1.5 allows remote attackers to execute arbitrary SQL commands via the idresa parameter to resaopen.php. | 7.5 |
2009-04-07 | CVE-2008-6632 | Mercuryboard | SQL Injection vulnerability in Mercuryboard SQL injection vulnerability in func/login.php in MercuryBoard 1.1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header ($_SERVER['HTTP_USER_AGENT']). | 7.5 |
2009-04-06 | CVE-2008-6627 | Webbdomain | SQL Injection vulnerability in Webbdomain Webshop 1.02/1.1 SQL injection vulnerability in getin.php in WEBBDOMAIN WebShop 1.2, 1.1, 1.02, and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. | 7.5 |
2009-04-06 | CVE-2008-6626 | Webbdomain | SQL Injection vulnerability in Webbdomain Quiz 1.0/1.01 SQL injection vulnerability in getin.php in WEBBDOMAIN Quiz 1.02 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. | 7.5 |
2009-04-06 | CVE-2008-6625 | Webbdomain | SQL Injection vulnerability in Webbdomain Polls 1.0/1.01 SQL injection vulnerability in getin.php in WEBBDOMAIN Polls (aka Poll) 1.0 and 1.01 allows remote attackers to execute arbitrary SQL commands via the username parameter. | 7.5 |
2009-04-06 | CVE-2008-6624 | Webbdomain | SQL Injection vulnerability in Webbdomain Petition SQL injection vulnerability in getin.php in WEBBDOMAIN Petition 1.02, 2.0, and 3.0 allows remote attackers to execute arbitrary SQL commands via the username parameter. | 7.5 |
2009-04-06 | CVE-2008-6623 | Webbdomain | SQL Injection vulnerability in Webbdomain Post Card 1.01 SQL injection vulnerability in getin.php in WEBBDOMAIN Post Card (aka Web Postcards) 1.02 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. | 7.5 |
2009-04-06 | CVE-2008-6622 | Webbdomian | SQL Injection vulnerability in Webbdomian Post Card 1.01 SQL injection vulnerability in choosecard.php in WEBBDOMAIN Post Card (aka Web Postcards) 1.02, 1.01, and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter. | 7.5 |
2009-04-06 | CVE-2008-6618 | Netlab | SQL Injection vulnerability in Netlab Classsystem 2.3 Multiple SQL injection vulnerabilities in ClassSystem 2.3 allow remote attackers to execute arbitrary SQL commands via the teacher_id parameter in (1) class/HomepageMain.php and (2) class/HomepageTop.php, and (3) the message_id parameter in class/MessageReply.php. | 7.5 |
2009-04-06 | CVE-2008-6615 | ZEN Cart | SQL Injection vulnerability in Zen-Cart ZEN Cart 2008 SQL injection vulnerability in index.php in Zen Software Zen Cart 2008 allows remote attackers to execute arbitrary SQL commands via the keyword parameter in the advanced_search_result page. | 7.5 |
2009-04-06 | CVE-2008-6614 | Impliedbydesign | SQL Injection vulnerability in Impliedbydesign IBD Micro CMS 3.5 Multiple SQL injection vulnerabilities in microcms-admin-login.php in Implied By Design (IBD) Micro CMS 3.5 (aka 0.3.5) allow remote attackers to execute arbitrary SQL commands via (1) the administrators_username parameter (aka the Username field) or (2) the administrators_pass parameter (aka the Password field). | 7.5 |
2009-04-06 | CVE-2009-1248 | Acutecp | Code Injection vulnerability in Acutecp Acute Control Panel 1.0.0 Multiple PHP remote file inclusion vulnerabilities in Acute Control Panel 1.0.0 allow remote attackers to execute arbitrary PHP code via a URL in the theme_directory parameter to (1) container.php and (2) header.php in themes/. | 7.5 |
2009-04-06 | CVE-2009-1247 | Acutecp Rediscussed | SQL Injection vulnerability in Acutecp.Rediscussed Acutecp 1.0.0 SQL injection vulnerability in login.php in Acute Control Panel 1.0.0 allows remote attackers to execute arbitrary SQL commands via the username parameter. | 7.5 |
2009-04-06 | CVE-2009-1246 | Blogplus | Path Traversal vulnerability in Blogplus 1.0 Multiple directory traversal vulnerabilities in Blogplus 1.0 allow remote attackers to include and execute arbitrary local files via a .. | 7.5 |
2009-04-06 | CVE-2009-1245 | Cccp Common Clan Portal Pasterbin | SQL Injection vulnerability in Cccp-Common-Clan-Portal-Pasterbin Cccp Pastebin Multiple SQL injection vulnerabilities in the insert_to_pastebin function in php/cccp-admin/inc/functions.php in CCCP Community Clan Portal Pastebin before 2.80 allow remote attackers to execute arbitrary SQL commands via the (1) subject, (2) language, and (3) nickname parameters to php/cccp-pages/submit.php. | 7.5 |
2009-04-06 | CVE-2008-6613 | Abweb | Permissions, Privileges, and Access Controls vulnerability in Abweb Minimal-Ablog 0.4 uploader.php in minimal-ablog 0.4 does not properly restrict access, which allows remote attackers to gain administrative privileges via a direct request. | 7.5 |
2009-04-06 | CVE-2008-6611 | Abweb | SQL Injection vulnerability in Abweb Minimal Ablog 0.4 SQL injection vulnerability in index.php in Minimal ABlog 0.4 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2009-04-06 | CVE-2008-6608 | Developiteasy | SQL Injection vulnerability in Developiteasy Events Calendar 1.2 Multiple SQL injection vulnerabilities in DevelopItEasy Events Calendar 1.2 allow remote attackers to execute arbitrary SQL commands via (1) the user_name parameter (aka user field) to admin/index.php, (2) the user_pass parameter (aka pass field) to admin/index.php, or (3) the id parameter to calendar_details.php. | 7.5 |
2009-04-06 | CVE-2008-6606 | Matpo | SQL Injection vulnerability in Matpo Link 1.2 SQL injection vulnerability in view.php in MatPo Link 1.2 Beta allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2009-04-07 | CVE-2009-1262 | Fortinet | USE of Externally-Controlled Format String vulnerability in Fortinet Forticlient 3.0.614 Format string vulnerability in Fortinet FortiClient 3.0.614, and possibly earlier, allows local users to execute arbitrary code via format string specifiers in the VPN connection name. | 7.2 |
2009-04-06 | CVE-2009-1147 | Vmware | Remote vulnerability in VMware Hosted Products VMSA-2009-0005 Unspecified vulnerability in vmci.sys in the Virtual Machine Communication Interface (VMCI) in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 2.0.x before 2.0.1 build 156745 allows local users to gain privileges via unknown vectors. | 7.2 |
80 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2009-04-09 | CVE-2009-1144 | Foolabs Glyphandcog Gentoo | Code Injection vulnerability in multiple products Untrusted search path vulnerability in the Gentoo package of Xpdf before 3.02-r2 allows local users to gain privileges via a Trojan horse xpdfrc file in the current working directory, related to an unset SYSTEM_XPDFRC macro in a Gentoo build process that uses the poppler library. | 6.9 |
2009-04-10 | CVE-2008-6684 | Yourfreeworld | Improper Input Validation vulnerability in Yourfreeworld Apartment Search Script Unrestricted file upload vulnerability in editimage.php in Apartment Search Script allows remote attackers to execute arbitrary code by uploading a file with an executable extension and a GIF header, then accessing this file via a direct request to a renamed file in Member_Admin/logo/. | 6.8 |
2009-04-09 | CVE-2009-1283 | Glfusion | Cryptographic Issues vulnerability in Glfusion glFusion before 1.1.3 performs authentication with a user-provided password hash instead of a password, which allows remote attackers to gain privileges by obtaining the hash and using it in the glf_password cookie, aka "User Masquerading." NOTE: this can be leveraged with a separate SQL injection vulnerability to steal hashes. | 6.8 |
2009-04-09 | CVE-2009-1280 | Joomla | Cross-Site Request Forgery (CSRF) vulnerability in Joomla Multiple cross-site request forgery (CSRF) vulnerabilities in the com_media component for Joomla! 1.5.x through 1.5.9 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors. | 6.8 |
2009-04-09 | CVE-2009-1275 | Apache | Cross-Site Scripting And Information Disclosure vulnerability in Apache Tiles 2.1.0/2.1.1 Apache Tiles 2.1 before 2.1.2, as used in Apache Struts and other products, evaluates Expression Language (EL) expressions twice in certain circumstances, which allows remote attackers to conduct cross-site scripting (XSS) attacks or obtain sensitive information via unspecified vectors, related to the (1) tiles:putAttribute and (2) tiles:insertTemplate JSP tags. | 6.8 |
2009-04-09 | CVE-2009-1254 | James Stone | Improper Input Validation vulnerability in James Stone Tunapie 2.1 James Stone Tunapie 2.1 allows remote attackers to execute arbitrary commands via shell metacharacters in a stream URL. | 6.8 |
2009-04-08 | CVE-2008-6665 | Anantasoft | Code Injection vulnerability in Anantasoft Ananta CMS 1.0B5 change.php in Ananta CMS 1.0b5, with magic_quotes_gpc disabled, allows remote attackers to gain administrator privileges via a crafted email parameter, possibly related to code injection. | 6.8 |
2009-04-07 | CVE-2009-1259 | Insanevisions | SQL Injection vulnerability in Insanevisions Adaptbb 1.0 SQL injection vulnerability in inc/bb/topic.php in Insane Visions AdaptBB 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the topic_id parameter in a topic action to index.php. | 6.8 |
2009-04-07 | CVE-2008-6660 | Ozerov | Unspecified vulnerability in Ozerov Bigdump 029B Unrestricted file upload vulnerability in bigdump.php in Alexey Ozerov BigDump 0.29b allows remote attackers to execute arbitrary code by uploading a file with an executable extension followed by a .sql extension, then accessing this file via a direct request. | 6.8 |
2009-04-07 | CVE-2008-6657 | Simple Machines | Cross-Site Request Forgery (CSRF) vulnerability in Simple Machines Simple Machines Forum Cross-site request forgery (CSRF) vulnerability in index.php in Simple Machines Forum (SMF) 1.0 before 1.0.15 and 1.1 before 1.1.7 allows remote attackers to hijack the authentication of admins for requests that install packages via the package parameter in an install2 action. | 6.8 |
2009-04-07 | CVE-2008-6639 | Ajaxplorer | Cross-Site Request Forgery (CSRF) vulnerability in Ajaxplorer 2.3.3/2.3.4 Cross-site request forgery (CSRF) vulnerability in admin.php in AjaXplorer 2.3.3 and 2.3.4 allows remote attackers to hijack the authentication of administrators for requests that modify passwords via the update_user_pwd action. | 6.8 |
2009-04-07 | CVE-2008-6636 | Geody | Code Injection vulnerability in Geody Dagger PHP remote file inclusion vulnerability in skins/default.php in Geody Labs Dagger - The Cutting Edge r12feb2008, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the dir_edge_skins parameter. | 6.8 |
2009-04-07 | CVE-2008-6635 | Geody | Code Injection vulnerability in Geody Dagger R12Feb2008 PHP remote file inclusion vulnerability in skins/default.php in Geody Labs Dagger - The Cutting Edge r12feb2008, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the dir_inc parameter. | 6.8 |
2009-04-06 | CVE-2008-6619 | Netlab | Permissions, Privileges, and Access Controls vulnerability in Netlab Classsystem 2.3 Unrestricted file upload vulnerability in class/ApplyDB.php in ClassSystem 2.3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in class/UploadHomepage/. | 6.8 |
2009-04-06 | CVE-2008-6617 | Sitexs CMS | Permissions, Privileges, and Access Controls vulnerability in Sitexs CMS Sitexs CMS 0.1.1 Unrestricted file upload vulnerability in adm/visual/upload.php in SiteXS CMS 0.1.1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in images/. | 6.8 |
2009-04-06 | CVE-2008-6612 | Abweb | Code Injection vulnerability in Abweb Minimal-Ablog 0.4 Unrestricted file upload vulnerability in admin/uploader.php in Minimal ABlog 0.4 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in img/. | 6.8 |
2009-04-06 | CVE-2009-0910 | Vmware | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in VMWare products Heap-based buffer overflow in the VNnc Codec in VMware Workstation 6.5.x before 6.5.2 build 156735, VMware Player 2.5.x before 2.5.2 build 156735, VMware ACE 2.5.x before 2.5.2 build 156735, and VMware Server 2.0.x before 2.0.1 build 156745 allows remote attackers to execute arbitrary code via a crafted web page or video file, aka ZDI-CAN-436. | 6.8 |
2009-04-06 | CVE-2008-6605 | 2Wire | Cross-Site Request Forgery (CSRF) vulnerability in 2Wire products Cross-site request forgery (CSRF) vulnerability in the xslt script in the web-based management interface on the 2wire 1701HG, 1800HW, 2071HG, and 2700HG with firmware 3.17.5, 3.7.1, 4.25.19, or 5.29.51 allows remote attackers to hijack the intranet connectivity of arbitrary users for requests that cause a denial of service (network outage) via a page parameter with a % (percent) character followed by a non-alphanumeric character. | 6.8 |
2009-04-07 | CVE-2008-6641 | Aspindir | SQL Injection vulnerability in Aspindir Shader TV Multiple SQL injection vulnerabilities in Shader TV (Beta) allow remote authenticated administrators to execute arbitrary SQL commands via the sid parameter to (1) kanal.asp, (2) google.asp, and (3) hakk.asp in yonet/; and allow remote attackers to execute arbitrary SQL commands via the (4) username or (5) password fields to yonet/default.asp. | 6.5 |
2009-04-10 | CVE-2008-6707 | Avaya | Improper Authentication vulnerability in Avaya Communication Manager and SIP Enablement Services The Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, does not perform authentication for certain functionality, which allows remote attackers to obtain sensitive information and access restricted functionality via (1) the certificate installation utility, (2) unspecified scripts in the objects folder, (3) an "unnecessary default application," (4) unspecified scripts in the states folder, (5) an unspecified "default application" that lists server configuration, and (6) "full system help." | 6.4 |
2009-04-06 | CVE-2008-6610 | OTT | Path Traversal vulnerability in OTT PHPcksec 0.2 Absolute path traversal vulnerability in phpcksec.php in Stefan Ott phpcksec 0.2.0 allows remote attackers to list arbitrary directories and read arbitrary files via a full pathname in the file parameter. | 6.4 |
2009-04-06 | CVE-2009-0908 | Vmware | Remote vulnerability in VMware Hosted Products VMSA-2009-0005 Unspecified vulnerability in the ACE shared folders implementation in the VMware Host Guest File System (HGFS) shared folders feature in VMware ACE 2.5.1 and earlier allows attackers to enable a disabled shared folder. | 6.4 |
2009-04-09 | CVE-2009-0844 | MIT | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in MIT Kerberos and Kerberos 5 The get_input_token function in the SPNEGO implementation in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote attackers to cause a denial of service (daemon crash) and possibly obtain sensitive information via a crafted length value that triggers a buffer over-read. | 5.8 |
2009-04-09 | CVE-2009-1156 | Cisco | Unspecified vulnerability in Cisco Adaptive Security Appliance 5500 and PIX Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 8.0 before 8.0(4)25 and 8.1 before 8.1(2)15, when an SSL VPN or ASDM access is configured, allows remote attackers to cause a denial of service (device reload) via a crafted (1) SSL or (2) HTTP packet. | 5.7 |
2009-04-07 | CVE-2008-6659 | Simple Machines | Path Traversal vulnerability in Simple Machines Simple Machines Forum Directory traversal vulnerability in index.php in Simple Machines Forum (SMF) 1.0 before 1.0.15 and 1.1 before 1.1.7 allows remote authenticated users to configure arbitrary local files for execution via directory traversal sequences in the value of the theme_dir field during a jsoption action, related to Sources/QueryString.php and Sources/Themes.php, as demonstrated by a local .gif file in attachments/ with PHP code that was uploaded through a profile2 action to index.php. | 5.5 |
2009-04-06 | CVE-2009-1243 | Linux | Improper Locking vulnerability in Linux Kernel net/ipv4/udp.c in the Linux kernel before 2.6.29.1 performs an unlocking step in certain incorrect circumstances, which allows local users to cause a denial of service (panic) by reading zero bytes from the /proc/net/udp file and unspecified other files, related to the "udp seq_file infrastructure." | 5.5 |
2009-04-10 | CVE-2008-6713 | Massive Entertainment | Resource Management Errors vulnerability in Massive Entertainment WIC World in Conflict (WIC) 1.008 and earlier allows remote attackers to cause a denial of service (access violation and crash) via a zero-byte data block to TCP port 48000, which triggers a NULL pointer dereference. | 5.0 |
2009-04-10 | CVE-2008-6712 | EA | Remote Denial of Service vulnerability in EA Crysis 1.1/1.2 The HTTP/XML-RPC service in Crysis 1.21 (game version 1.1.1.6156) and earlier allows remote attackers to cause a denial of service (crash) via a long HTTP request, which triggers a NULL pointer dereference. | 5.0 |
2009-04-10 | CVE-2008-6705 | Stalker Game | Remote vulnerability in S.T.A.L.K.E.R Shadow of Chernobyl The MultipacketReciever::RecievePacket function in S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and earlier allows remote attackers to cause a denial of service (server termination) via a crafted packet without an expected 0xe0 or 0xe1 value, which triggers the INT3 instruction. | 5.0 |
2009-04-10 | CVE-2008-6704 | Stalker Game | Numeric Errors vulnerability in Stalker-Game S.T.A.L.K.E.R.: Shadow of Chernobyl Integer overflow in the NET_Compressor::Decompress function in S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and earlier allows remote attackers to cause a denial of service (server crash) via a crafted packet with a 0xc1 value that contains no compressed data, which triggers a copy of a large amount of memory. | 5.0 |
2009-04-10 | CVE-2008-6702 | Stalker Game | Improper Input Validation vulnerability in Stalker-Game S.T.A.L.K.E.R.: Shadow of Chernobyl S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and earlier allows remote attackers to cause a denial of service (crash) via a long nickname, which triggers an exception. | 5.0 |
2009-04-09 | CVE-2009-1284 | Bibtex | Buffer Errors vulnerability in Bibtex 0.99 Buffer overflow in BibTeX 0.99 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a long .bib bibliography file. | 5.0 |
2009-04-08 | CVE-2009-1274 | Xine | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Xine Xine-Lib Integer overflow in the qt_error parse_trak_atom function in demuxers/demux_qt.c in xine-lib 1.1.16.2 and earlier allows remote attackers to execute arbitrary code via a Quicktime movie file with a large count value in an STTS atom, which triggers a heap-based buffer overflow. | 5.0 |
2009-04-08 | CVE-2009-1273 | Andrew J Korty | Credentials Management vulnerability in Andrew J.Korty PAM SSH 1.92 pam_ssh 1.92 and possibly other versions, as used when PAM is compiled with USE=ssh, generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames. | 5.0 |
2009-04-08 | CVE-2009-1272 | PHP | Improper Input Validation vulnerability in PHP The php_zip_make_relative_path function in php_zip.c in PHP 5.2.x before 5.2.9 allows context-dependent attackers to cause a denial of service (crash) via a ZIP file that contains filenames with relative paths, which is not properly handled during extraction. | 5.0 |
2009-04-08 | CVE-2009-1271 | PHP | Unspecified vulnerability in PHP The JSON_parser function (ext/json/JSON_parser.c) in PHP 5.2.x before 5.2.9 allows remote attackers to cause a denial of service (segmentation fault) via a malformed string to the json_decode API function. | 5.0 |
2009-04-08 | CVE-2008-6680 | Clamav | Numeric Errors vulnerability in Clamav libclamav/pe.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (crash) via a crafted EXE file that triggers a divide-by-zero error. | 5.0 |
2009-04-08 | CVE-2008-6679 | Ghostscript | Buffer Errors vulnerability in Ghostscript 8.62 Buffer overflow in the BaseFont writer module in Ghostscript 8.62, and possibly other versions, allows remote attackers to cause a denial of service (ps2pdf crash) and possibly execute arbitrary code via a crafted Postscript file. | 5.0 |
2009-04-08 | CVE-2008-6676 | Quickersite | Improper Input Validation vulnerability in Quickersite 1.8.5 QuickerSite 1.8.5 allows remote attackers to obtain sensitive information via a request to showThumb.aspx without any parameters, which reveals the installation path in an error message. | 5.0 |
2009-04-08 | CVE-2008-6674 | Quickersite | Permissions, Privileges, and Access Controls vulnerability in Quickersite 1.8.5 mailPage.asp in QuickerSite 1.8.5 allows remote attackers to flood e-mail accounts with messages via a large number of requests with a modified sEmail parameter. | 5.0 |
2009-04-08 | CVE-2008-6672 | Vertex4 | Numeric Errors vulnerability in Vertex4 Sunage 1.05/1.06/1.08 Vertex4 SunAge 1.08.1 and earlier allows remote attackers to cause a denial of service ("runtime error") via a crafted join packet to UDP port 27960, probably related to an invalid nickname command. | 5.0 |
2009-04-08 | CVE-2008-6671 | Vertex4 | Numeric Errors vulnerability in Vertex4 Sunage 1.05/1.06/1.08 Vertex4 SunAge 1.08.1 and earlier allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted join packet to UDP port 27960. | 5.0 |
2009-04-08 | CVE-2008-6670 | Vertex4 | Numeric Errors vulnerability in Vertex4 Sunage 1.05/1.06/1.08 Integer overflow in Vertex4 SunAge 1.08.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted packet to UDP port 27960. | 5.0 |
2009-04-08 | CVE-2008-6668 | Dirk Bartley | Path Traversal vulnerability in Dirk Bartley Nweb2Fax 0.2 Multiple directory traversal vulnerabilities in nweb2fax 0.2.7 and earlier allow remote attackers to read arbitrary files via a .. | 5.0 |
2009-04-07 | CVE-2008-6650 | Mywebland | Permissions, Privileges, and Access Controls vulnerability in Mywebland Minibloggie 1.0 del.php in miniBloggie 1.0 allows remote attackers to delete arbitrary posts via a direct request with a modified post_id parameter, a different vulnerability than CVE-2008-4628. | 5.0 |
2009-04-07 | CVE-2008-6643 | Lokicms | Permissions, Privileges, and Access Controls vulnerability in Lokicms 0.3.4 LokiCMS 0.3.4 and possibly earlier versions does not properly restrict access to administrative functions, which allows remote attackers to bypass intended restrictions and modify configuration settings via the LokiACTION parameter in a direct request to admin.php. | 5.0 |
2009-04-06 | CVE-2009-1146 | Vmware | Remote vulnerability in VMware Hosted Products VMSA-2009-0005 Unspecified vulnerability in an ioctl in hcmon.sys in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 1.0.x before 1.0.9 build 156507 and 2.0.x before 2.0.1 build 156745 allows local users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2008-3761. | 4.9 |
2009-04-06 | CVE-2008-4916 | EMC Vmware | Remote vulnerability in VMware Hosted Products VMSA-2009-0005 Unspecified vulnerability in a guest virtual device driver in VMware Workstation before 5.5.9 build 126128, and 6.5.1 and earlier 6.x versions; VMware Player before 1.0.9 build 126128, and 2.5.1 and earlier 2.x versions; VMware ACE before 1.0.8 build 125922, and 2.5.1 and earlier 2.x versions; VMware Server 1.x before 1.0.8 build 126538 and 2.0.x before 2.0.1 build 156745; VMware Fusion before 2.0.1; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to cause a denial of service (host OS crash) via unknown vectors. | 4.6 |
2009-04-09 | CVE-2009-1253 | James Stone | Link Following vulnerability in James Stone Tunapie 2.1 James Stone Tunapie 2.1 allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file. | 4.4 |
2009-04-10 | CVE-2008-6700 | Butterflymedia | Cross-Site Scripting vulnerability in Butterflymedia Butterfly Organizer 2.0.0 Multiple cross-site scripting (XSS) vulnerabilities in Butterfly Organizer 2.0.0 allow remote attackers to inject arbitrary web script or HTML via the (1) mytable parameter to view.php, (2) mytable parameter to viewdb2.php, (3) tablehere parameter to category-rename.php, and (4) letter parameter to module-contacts.php. | 4.3 |
2009-04-10 | CVE-2008-6699 | Typo3 | Cross-Site Scripting vulnerability in Typo3 TJS Reslib and Typo3 Cross-site scripting (XSS) vulnerability in Resource Library (tjs_reslib) 0.1.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | 4.3 |
2009-04-10 | CVE-2008-6698 | Typo3 Michael Fritz | Cross-Site Scripting vulnerability in Michael Fritz Worldcup Cross-site scripting (XSS) vulnerability in TARGET-E WorldCup Bets (worldcup) 2.0.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | 4.3 |
2009-04-10 | CVE-2008-6688 | Typo3 Kevin Renskers | Cross-Site Scripting vulnerability in Kevin Renskers Dmmjobcontrol Cross-site scripting (XSS) vulnerability in JobControl (dmmjobcontrol) 1.15.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | 4.3 |
2009-04-10 | CVE-2008-6687 | Typo3 David Cadu | Cross-Site Scripting vulnerability in David Cadu Dcdgooglemap Cross-site scripting (XSS) vulnerability in DCD GoogleMap (dcdgooglemap) 1.1.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | 4.3 |
2009-04-10 | CVE-2008-6683 | Yourfreeworld | Cross-Site Scripting vulnerability in Yourfreeworld Apartment Search Script Cross-site scripting (XSS) vulnerability in listtest.php in Apartment Search Script allows remote attackers to inject arbitrary web script or HTML via the r parameter. | 4.3 |
2009-04-09 | CVE-2009-1281 | Glfusion | Cross-Site Scripting vulnerability in Glfusion Cross-site scripting (XSS) vulnerability in glFusion before 1.1.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2009-04-09 | CVE-2009-1160 | Cisco | Permissions, Privileges, and Access Controls vulnerability in Cisco Adaptive Security Appliance 5500 and PIX Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)1, 7.1 before 7.1(2)74, 7.2 before 7.2(4)9, and 8.0 before 8.0(4)5 do not properly implement the implicit deny statement, which might allow remote attackers to successfully send packets that bypass intended access restrictions, aka Bug ID CSCsq91277. | 4.3 |
2009-04-09 | CVE-2008-6682 | Apache | Cross-Site Scripting vulnerability in Apache Struts Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.0.x before 2.0.11.1 and 2.1.x before 2.1.1 allow remote attackers to inject arbitrary web script or HTML via vectors associated with improper handling of (1) " (double quote) characters in the href attribute of an s:a tag and (2) parameters in the action attribute of an s:url tag. | 4.3 |
2009-04-09 | CVE-2008-6681 | Dojotoolkit | Cross-Site Scripting vulnerability in Dojotoolkit Dojo Cross-site scripting (XSS) vulnerability in dijit.Editor in Dojo before 1.1 allows remote attackers to inject arbitrary web script or HTML via XML entities in a TEXTAREA element. | 4.3 |
2009-04-09 | CVE-2008-2025 | Apache Novell Opensuse | Cross-Site Scripting vulnerability in Apache Struts Cross-site scripting (XSS) vulnerability in Apache Struts before 1.2.9-162.31.1 on SUSE Linux Enterprise (SLE) 11, before 1.2.9-108.2 on SUSE openSUSE 10.3, before 1.2.9-198.2 on SUSE openSUSE 11.0, and before 1.2.9-162.163.2 on SUSE openSUSE 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "insufficient quoting of parameters." | 4.3 |
2009-04-09 | CVE-2007-6726 | Apache Dojotoolkit | Cross-Site Scripting vulnerability in multiple products Multiple cross-site scripting (XSS) vulnerabilities in Dojo 0.4.1 and 0.4.2, as used in Apache Struts and other products, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving (1) xip_client.html and (2) xip_server.html in src/io/. | 4.3 |
2009-04-09 | CVE-2009-0847 | MIT | Numeric Errors vulnerability in MIT Kerberos 51.6.3 The asn1buf_imbed function in the ASN.1 decoder in MIT Kerberos 5 (aka krb5) 1.6.3, when PK-INIT is used, allows remote attackers to cause a denial of service (application crash) via a crafted length value that triggers an erroneous malloc call, related to incorrect calculations with pointer arithmetic. | 4.3 |
2009-04-08 | CVE-2008-6675 | Quickersite | Cross-Site Scripting vulnerability in Quickersite 1.8.5 Multiple cross-site scripting (XSS) vulnerabilities in QuickerSite 1.8.5 allow remote attackers to inject arbitrary web script or HTML via (1) the close parameter to showThumb.aspx; (2) SB_redirect and (3) SB_feedback parameters in process_send.asp, as reachable through default.asp; (4) paramCode and (5) cColor parameters to picker.asp; and the (6) query string, (7) Referer header, and (8) X-FORWARDED-FOR header to rss.asp. | 4.3 |
2009-04-08 | CVE-2008-6666 | Kronos | Cross-Site Scripting vulnerability in Kronos Webta Multiple cross-site scripting (XSS) vulnerabilities in Kronos webTA allow remote attackers to inject arbitrary web script or HTML via the description field to (1) servlet/com.threeis.webta.H710selProject and (2) servlet/com.threeis.webta.H720editProjectInfo. | 4.3 |
2009-04-07 | CVE-2009-1261 | Webhelpdesk | Cross-Site Scripting vulnerability in Webhelpdesk web Help Desk 9.1.22 Multiple cross-site scripting (XSS) vulnerabilities in Web Help Desk 9.1.22 (evaluation version) allow remote attackers to inject arbitrary web script or HTML via the (1) Report Name, (2) Asset No., and (3) Full Name fields in a Models action. | 4.3 |
2009-04-07 | CVE-2008-6655 | Comscripts | Cross-Site Scripting vulnerability in Comscripts Gedcom TO Mysl 2 Multiple cross-site scripting (XSS) vulnerabilities in GEDCOM_TO_MYSQL 2 allow remote attackers to inject arbitrary web script or HTML via the (1) nom_branche and (2) nom parameters to php/prenom.php; the (3) nom_branche parameter to php/index.php; and the (4) nom_branche, (5) nom, and (6) prenom parameters to php/info.php. | 4.3 |
2009-04-07 | CVE-2008-6654 | Structum | Cross-Site Scripting vulnerability in Structum Infobiz Server Cross-site scripting (XSS) vulnerability in search_results.php in InfoBiz Server allows remote attackers to inject arbitrary web script or HTML via the keywords parameter. | 4.3 |
2009-04-07 | CVE-2008-6646 | Coronamatrix | Cross-Site Scripting vulnerability in Coronamatrix PHPaddressbook 2.0 Cross-site scripting (XSS) vulnerability in index.php in CoronaMatrix phpAddressBook 2.0 allows remote attackers to inject arbitrary web script or HTML via the username parameter. | 4.3 |
2009-04-07 | CVE-2008-6645 | Opencosmo | Cross-Site Scripting vulnerability in Opencosmo Visualsentinel 0.7 Cross-site scripting (XSS) vulnerability in Opencosmo VisualSentinel 0.7 allows remote attackers to inject arbitrary web script or HTML via the User-Agent header ($_SERVER ['HTTP_USER_AGENT']), which is not properly handled when displaying log files. | 4.3 |
2009-04-07 | CVE-2008-6644 | Dotnetnuke | Cross-Site Scripting vulnerability in Dotnetnuke Cross-site scripting (XSS) vulnerability in Default.aspx in DotNetNuke 4.8.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. | 4.3 |
2009-04-07 | CVE-2008-6637 | Libraryvideocompany | Cross-Site Scripting vulnerability in Libraryvideocompany Safari Montage Multiple cross-site scripting (XSS) vulnerabilities in forgotPW.php in Library Video Company SAFARI Montage 3.1.x allow remote attackers to inject arbitrary web script or HTML via the (1) school and (2) email parameters. | 4.3 |
2009-04-07 | CVE-2008-6631 | Blogphp | Cross-Site Scripting vulnerability in Blogphp 2.0 Multiple cross-site scripting (XSS) vulnerabilities in index.php in BlogPHP 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) user parameter in a sendmessage action and the (2) username parameter when registering a new user, different vectors than CVE-2008-0679. | 4.3 |
2009-04-06 | CVE-2008-6629 | Webbdomain | Cross-Site Scripting vulnerability in Webbdomain Webshop Online 1.02 Cross-site scripting (XSS) vulnerability in detail.php in WEBBDOMAIN Multi Languages WebShop Online 1.02 allows remote attackers to inject arbitrary web script or HTML via the name parameter. | 4.3 |
2009-04-06 | CVE-2008-6620 | Grafxsoftware | Cross-Site Scripting vulnerability in Grafxsoftware Minicwb Multiple cross-site scripting (XSS) vulnerabilities in javascript/editor/editor/filemanager/browser/mcpuk/connectors/php/connector.php in GraFX miniCWB 2.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) errcontext, (2) _GET, (3) _POST, (4) _SESSION, (5) _SERVER, and (6) fckphp_config[Debug_SERVER] parameters. | 4.3 |
2009-04-06 | CVE-2008-6616 | ZEN Cart | Cross-Site Scripting vulnerability in Zen-Cart ZEN Cart 2008 Cross-site scripting (XSS) vulnerability in index.php in Zen Software Zen Cart 2008 allows remote attackers to inject arbitrary web script or HTML via the keyword parameter in the advanced_search_result page. | 4.3 |
2009-04-06 | CVE-2009-1249 | Drupal | Cross-Site Scripting vulnerability in Drupal Feedapi Mapper 5.X1.0/5.X1.X Cross-site scripting (XSS) vulnerability in Feed element mapper 5.x before 5.x-1.1, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via the content title in admin/content/node-type/nodetype/map. | 4.3 |
2009-04-06 | CVE-2008-6609 | OTT | Cross-Site Scripting vulnerability in OTT PHPcksec 0.2 Cross-site scripting (XSS) vulnerability in phpcksec.php in Stefan Ott phpcksec 0.2 allows remote attackers to inject arbitrary web script or HTML via the path parameter. | 4.3 |
2009-04-06 | CVE-2008-6607 | Matpo | Cross-Site Scripting vulnerability in Matpo Link 1.2 Cross-site scripting (XSS) vulnerability in view.php in MatPo Link 1.2 Beta allows remote attackers to inject arbitrary web script or HTML via the thema parameter. | 4.3 |
2009-04-07 | CVE-2009-1264 | Typo3 Stanislas Rolland | Permissions, Privileges, and Access Controls vulnerability in Stanislas Rolland SR Feuser Register Frontend User Registration (sr_feuser_register) extension 2.5.20 and earlier for TYPO3 does not properly verify access rights, which allows remote authenticated users to obtain sensitive information such as passwords via unknown attack vectors. | 4.0 |
2009-04-07 | CVE-2008-6658 | Simple Machines | Path Traversal vulnerability in Simple Machines Simple Machines Forum Directory traversal vulnerability in index.php in Simple Machines Forum (SMF) 1.0 before 1.0.15 and 1.1 before 1.1.7 allows remote authenticated administrators to install packages from arbitrary directories via a .. | 4.0 |
3 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2009-04-09 | CVE-2009-1279 | Joomla | Cross-Site Scripting vulnerability in Joomla Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.5 through 1.5.9 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to the (1) com_admin component, (2) com_search component when "Gather Search Statistics" is enabled, and (3) the category view in the com_content component. | 2.6 |
2009-04-09 | CVE-2009-1276 | Gnome SUN | Information Exposure vulnerability in SUN Opensolaris and Solaris XScreenSaver in Sun Solaris 10 and OpenSolaris before snv_109, and Solaris 8 and 9 with GNOME 2.0 or 2.0.2, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locked, as demonstrated by Thunderbird new-mail notifications. | 2.1 |
2009-04-06 | CVE-2009-0518 | Vmware | Information Exposure vulnerability in VMWare Esx, VMWare Esxi and VMWare Virtualcenter VI Client in VMware VirtualCenter before 2.5 Update 4, VMware ESXi 3.5 before Update 4, and VMware ESX 3.5 before Update 4 retains the VirtualCenter Server password in process memory, which might allow local users to obtain this password. | 2.1 |