Weekly Vulnerabilities Reports > August 24 to 30, 2009
Overview
128 new vulnerabilities reported during this period, including 14 critical vulnerabilities and 48 high severity vulnerabilities. This weekly summary report vulnerabilities in 116 products from 94 vendors including Cisco, Google, Ajsquare, Kyoceramita, and Microsoft. Vulnerabilities are notably categorized as "SQL Injection", "Cross-site Scripting", "Permissions, Privileges, and Access Controls", "Improper Input Validation", and "Improper Authentication".
- 122 reported vulnerabilities are remotely exploitables.
- 56 reported vulnerabilities have public exploit available.
- 49 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 121 reported vulnerabilities are exploitable by an anonymous user.
- Cisco has the most reported vulnerabilities, with 7 reported vulnerabilities.
- Kyoceramita has the most reported critical vulnerabilities, with 2 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
14 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2009-08-28 | CVE-2008-7115 | Belkin | Permissions, Privileges, and Access Controls vulnerability in Belkin F5D7632-4 and Wireless G Router The web interface to the Belkin Wireless G router and ADSL2 modem F5D7632-4V6 with firmware 6.01.08 allows remote attackers to bypass authentication and gain administrator privileges via a direct request to (1) statusprocess.exe, (2) system_all.exe, or (3) restore.exe in cgi-bin/. | 10.0 |
2009-08-27 | CVE-2009-2935 | Permissions, Privileges, and Access Controls vulnerability in Google Chrome Google V8, as used in Google Chrome before 2.0.172.43, allows remote attackers to bypass intended restrictions on reading memory, and possibly obtain sensitive information or execute arbitrary code in the Chrome sandbox, via crafted JavaScript. | 10.0 | |
2009-08-25 | CVE-2008-7081 | Raidsonic | Improper Authentication vulnerability in Raidsonic ICY BOX NAS 2.3.2.Ib.2.Rs.1 userHandler.cgi in RaidSonic ICY BOX NAS firmware 2.3.2.IB.2.RS.1 allows remote attackers to bypass authentication and gain administrator privileges by setting the login parameter to admin. | 10.0 |
2009-08-24 | CVE-2008-7031 | Foxitsoftware | Buffer Errors vulnerability in Foxitsoftware WAC Server 2.0 Heap-based buffer overflow in Foxit Remote Access Server (aka WAC Server) 2.0 Build 3503 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long SSH packets, a different vulnerability than CVE-2008-0151. | 10.0 |
2009-08-28 | CVE-2008-7109 | Kyoceramita | Incorrect Authorization vulnerability in Kyoceramita Scanner File Utility 3.3.0.1 The Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 allows remote attackers to bypass authorization and upload arbitrary files to the client system via a modified program that does not prompt the user for a password. | 9.8 |
2009-08-28 | CVE-2008-7111 | Kyoceramita | Permissions, Privileges, and Access Controls vulnerability in Kyoceramita Scanner File Utility 3.3.0.1 The Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 does not restrict the filenames or extensions of uploaded files, which makes it easier for remote attackers to execute arbitrary code or overwrite files by leveraging CVE-2008-7110 and CVE-2008-7109. | 9.3 |
2009-08-27 | CVE-2008-7103 | Najdi SI | Buffer Errors vulnerability in Najdi.Si Toolbar 2.0.4.1 Stack-based buffer overflow in an ActiveX control in najdisitoolbar.dll in Najdi.si Toolbar 2.0.4.1 allows remote attackers to cause a denial of service (browser crash) or execute arbitrary code via a long Document.Location property value. | 9.3 |
2009-08-25 | CVE-2009-2963 | Decomputeur | Unspecified vulnerability in Decomputeur Toolbar Uninstaller 1.0.2 Unspecified vulnerability in the update feature in Toolbar Uninstaller 1.0.2 allows remote attackers to force the download and execution of arbitrary files via attack vectors related to a "malformed update url and a malformed update website." | 9.3 |
2009-08-25 | CVE-2009-2961 | Kolmck | Buffer Errors vulnerability in Kolmck KOL Player 1.0 Stack-based buffer overflow in Thaddy de Konng KOL Player 1.0 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long URL in a .MP3 playlist file. | 9.3 |
2009-08-25 | CVE-2008-7079 | Nero | Buffer Errors vulnerability in Nero Showtime 5.0.15.0 Buffer overflow in Nero ShowTime 5.0.15.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long entry in a .M3U playlist file. | 9.3 |
2009-08-25 | CVE-2008-7074 | Memcode | USE of Externally-Controlled Format String vulnerability in Memcode I.Scribe Format string vulnerability in MemeCode Software i.Scribe 1.88 through 2.00 before Beta9 allows remote SMTP servers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in a server response, which is not properly handled "when displaying the signon message." | 9.3 |
2009-08-25 | CVE-2008-7070 | Kvirc | Code Injection vulnerability in Kvirc 3.4.2 Argument injection vulnerability in the URI handler in KVIrc 3.4.2 Shiny allows remote attackers to execute arbitrary commands via a " (quote) followed by command line switches in a (1) irc:///, (2) irc6:///, (3) ircs:///, or (4) and ircs6:/// URI. | 9.3 |
2009-08-24 | CVE-2008-7053 | Logmein | Resource Management Errors vulnerability in Logmein Ractrl.Dll LogMeIn Remote Access Utility ActiveX control (RACtrl.dll) allows remote attackers to cause a denial of service (crash) by setting the fgcolor and bgcolor properties to certain long values that trigger memory corruption. | 9.3 |
2009-08-25 | CVE-2008-7078 | Maxum | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Maxum Rumpus Multiple buffer overflows in Rumpus before 6.0.1 allow remote attackers to (1) cause a denial of service (segmentation fault) via a long HTTP verb in the HTTP component; and allow remote authenticated users to execute arbitrary code via a long argument to the (2) MKD, (3) XMKD, (4) RMD, and other unspecified commands in the FTP component. | 9.0 |
48 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2009-08-28 | CVE-2008-7110 | Kyoceramita | Path Traversal vulnerability in Kyoceramita Scanner File Utility 3.3.0.1 Directory traversal vulnerability in the Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 allows remote attackers to upload files to arbitrary locations via a .. | 7.8 |
2009-08-27 | CVE-2008-7095 | Arubanetworks | Permissions, Privileges, and Access Controls vulnerability in Arubanetworks Aruba Mobility Controller and Arubaos The SNMP daemon in ArubaOS 3.3.2.6 in Aruba Mobility Controller does not restrict SNMP access, which allows remote attackers to (1) read all SNMP community strings via SNMP-COMMUNITY-MIB::snmpCommunityName (1.3.6.1.6.3.18.1.1.1.2) or SNMP-VIEW-BASED-ACM-MIB::vacmGroupName (1.3.6.1.6.3.16.1.2.1.3) with knowledge of one community string, and (2) read SNMPv3 user names via SNMP-USER-BASED-SM-MIB or SNMP-VIEW-BASED-ACM-MIB. | 7.8 |
2009-08-27 | CVE-2009-2976 | Cisco | Cryptographic Issues vulnerability in Cisco Aironet Ap1100 and Aironet Ap1200 Cisco Aironet Lightweight Access Point (AP) devices send the contents of certain multicast data frames in cleartext, which allows remote attackers to discover Wireless LAN Controller MAC addresses and IP addresses, and AP configuration details, by sniffing the wireless network. | 7.8 |
2009-08-27 | CVE-2009-2972 | SUN | Resource Management Errors vulnerability in SUN Solaris 8/9 in.lpd in the print service in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors that trigger a "fork()/exec() bomb." | 7.8 |
2009-08-27 | CVE-2009-2698 | Linux Canonical Suse Fedoraproject Redhat Vmware | NULL Pointer Dereference vulnerability in multiple products The udp_sendmsg function in the UDP implementation in (1) net/ipv4/udp.c and (2) net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving the MSG_MORE flag and a UDP socket. | 7.8 |
2009-08-27 | CVE-2009-2053 | Cisco | Unspecified vulnerability in Cisco Unified Communications Manager Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2) allows remote attackers to cause a denial of service (file-descriptor exhaustion and SCCP outage) via a flood of TCP packets, aka Bug ID CSCsx32236. | 7.8 |
2009-08-27 | CVE-2009-2052 | Cisco | Unspecified vulnerability in Cisco Unified Communications Manager Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2), and 7.1 before 7.1(2); and Cisco Unified Presence 1.x, 6.x before 6.0(6), and 7.x before 7.0(4); allows remote attackers to cause a denial of service (TCP services outage) via a large number of TCP connections, related to "tracking of network connections," aka Bug IDs CSCsq22534 and CSCsw52371. | 7.8 |
2009-08-27 | CVE-2009-2051 | Cisco | Unspecified vulnerability in Cisco IOS and Unified Communications Manager Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), and 7.x before 7.1(2) allow remote attackers to cause a denial of service (device reload or voice-services outage) via a malformed SIP INVITE message that triggers an improper call to the sipSafeStrlen function, aka Bug IDs CSCsz40392 and CSCsz43987. | 7.8 |
2009-08-27 | CVE-2009-2050 | Cisco | Unspecified vulnerability in Cisco Unified Communications Manager Cisco Unified Communications Manager (aka CUCM, formerly CallManager) before 6.1(1) allows remote attackers to cause a denial of service (voice-services outage) via a malformed header in a SIP message, aka Bug ID CSCsi46466. | 7.8 |
2009-08-26 | CVE-2008-7090 | Pligg | Path Traversal vulnerability in Pligg CMS Multiple directory traversal vulnerabilities in Pligg 9.9 and earlier allow remote attackers to (1) determine the existence of arbitrary files via a .. | 7.8 |
2009-08-25 | CVE-2008-7065 | Siemens | Gigaset VoIP Phones SIP Remote Denial of Service vulnerability in Siemens Siemens C450 IP and C475 IP VoIP devices allow remote attackers to cause a denial of service (disconnected calls and device reboot) via a crafted SIP packet to UDP port 5060. | 7.8 |
2009-08-28 | CVE-2008-7120 | Mrcgiguy | SQL Injection vulnerability in Mrcgiguy HOT Links Sql-PHP SQL injection vulnerability in Mr. | 7.5 |
2009-08-28 | CVE-2008-7119 | Webidsupport | SQL Injection vulnerability in Webidsupport Webid 0.5.4 SQL injection vulnerability in item.php in WeBid auction script 0.5.4 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2009-08-28 | CVE-2008-7116 | Webidsupport | SQL Injection vulnerability in Webidsupport Webid 0.5.4 SQL injection vulnerability in the admin panel (admin/) in WeBid auction script 0.5.4 allows remote attackers to execute arbitrary SQL commands via the username. | 7.5 |
2009-08-27 | CVE-2008-7102 | Dotnetnuke | Improper Input Validation vulnerability in Dotnetnuke DotNetNuke 2.0 through 4.8.4 allows remote attackers to load .ascx files instead of skin files, and possibly access privileged functionality, via unknown vectors related to parameter validation. | 7.5 |
2009-08-27 | CVE-2008-7097 | Qsoft INC | SQL Injection vulnerability in Qsoft-Inc K-Rate Multiple SQL injection vulnerabilities in Qsoft K-Rate Premium allow remote attackers to execute arbitrary SQL commands via (1) the $id variable in admin/includes/dele_cpac.php, (2) $ord[order_id] variable in payments/payment_received.php, (3) $id variable in includes/functions.php, and (4) unspecified variables in modules/chat.php, as demonstrated via the (a) show parameter in an online action to index.php; (b) PATH_INTO to the room/ handler; (c) image and (d) id parameters in a vote action to index.php; (e) PATH_INFO to the blog/ handler; and (f) id parameter in a blog_edit action to index.php. | 7.5 |
2009-08-27 | CVE-2009-2978 | Sugarcrm | SQL Injection vulnerability in Sugarcrm SQL injection vulnerability in SugarCRM 4.5.1o and earlier, 5.0.0k and earlier, and 5.2.0g and earlier, allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2009-08-26 | CVE-2008-7091 | Pligg | SQL Injection vulnerability in Pligg CMS Multiple SQL injection vulnerabilities in Pligg 9.9 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to vote.php, which is not properly handled in libs/link.php; (2) id parameter to trackback.php; (3) an unspecified parameter to submit.php; (4) requestTitle variable in a query to story.php; (5) requestID and (6) requestTitle variables in recommend.php; (7) categoryID parameter to cloud.php; (8) title parameter to out.php; (9) username parameter to login.php; (10) id parameter to cvote.php; and (11) commentid parameter to edit.php. | 7.5 |
2009-08-26 | CVE-2008-7087 | Openpro | Code Injection vulnerability in Openpro 1.3.1 PHP remote file inclusion vulnerability in search_wA.php in OpenPro 1.3.1 allows remote attackers to execute arbitrary PHP code via a URL in the LIBPATH parameter. | 7.5 |
2009-08-26 | CVE-2008-7086 | Maianscriptworld | Improper Authentication vulnerability in Maianscriptworld Maian Greetings 2.1 Maian Greetings 2.1 allows remote attackers to bypass authentication and gain administrative privileges by setting the mecard_admin_cookie cookie to admin. | 7.5 |
2009-08-26 | CVE-2008-7085 | Thehockeystop | SQL Injection vulnerability in Thehockeystop Hockeystats Online 2.0 Multiple SQL injection vulnerabilities in TheHockeyStop HockeySTATS Online 2.0 Basic and Advanced allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in the viewpage action to the default URI, probably index.php, or (2) divid parameter in the schedule action to index.php. | 7.5 |
2009-08-25 | CVE-2009-2960 | Cuteflow | Permissions, Privileges, and Access Controls vulnerability in Cuteflow 2.10.3/2.11.0C CuteFlow 2.10.3 and 2.11.0_c does not properly restrict access to pages/edituser.php, which allows remote attackers to modify usernames and passwords via a direct request. | 7.5 |
2009-08-25 | CVE-2008-7083 | Revou | SQL Injection vulnerability in Revou Micro Blogging Twitter Clone Multiple SQL injection vulnerabilities in ReVou Micro Blogging Twitter clone allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields. | 7.5 |
2009-08-25 | CVE-2008-7077 | Relative | SQL Injection vulnerability in Relative Sailplanner 0.3A Multiple SQL injection vulnerabilities in SailPlanner 0.3a allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields. | 7.5 |
2009-08-25 | CVE-2008-7075 | Kalptaru Infotech | SQL Injection vulnerability in Kalptaru Infotech Stararticles 6.0 Multiple SQL injection vulnerabilities in Kalptaru Infotech Ltd. | 7.5 |
2009-08-25 | CVE-2008-7071 | Chipmunk Scripts | SQL Injection vulnerability in Chipmunk-Scripts Chipmunk Topsites SQL injection vulnerability in authenticate.php in Chipmunk Topsites allows remote attackers to execute arbitrary SQL commands via the username parameter, related to login.php. | 7.5 |
2009-08-25 | CVE-2008-7069 | Paul Arbogast | Information Exposure vulnerability in Paul Arbogast Accms All Club CMS (ACCMS) 0.0.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain database configuration information, including credentials, via a direct request to accms.dat. | 7.5 |
2009-08-25 | CVE-2008-7067 | Pagetreecms | Code Injection vulnerability in Pagetreecms Page Tree CMS 0.0.2Beta PHP remote file inclusion vulnerability in admin/plugins/Online_Users/main.php in PageTree CMS 0.0.2 BETA 0001 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[PT_Config][dir][data] parameter. | 7.5 |
2009-08-25 | CVE-2008-7066 | 2Enetworx | Permissions, Privileges, and Access Controls vulnerability in 2Enetworx Openforum 0.66 OpenForum 0.66 Beta allows remote attackers to bypass authentication and reset passwords of other users via a direct request with the update parameter set to 1 and modified user and password parameters. | 7.5 |
2009-08-24 | CVE-2008-7059 | Aled Owen | SQL Injection vulnerability in Aled Owen One-News SQL injection vulnerability in index.php in One-News Beta 2 allows remote attackers to execute arbitrary SQL commands via the q parameter. | 7.5 |
2009-08-24 | CVE-2009-2951 | Phenotype CMS | Cryptographic Issues vulnerability in Phenotype-Cms Phenotype CMS Phenotype CMS before 2.9 does not use a random salt value for password encryption, which makes it easier for context-dependent attackers to determine cleartext passwords. | 7.5 |
2009-08-24 | CVE-2008-7051 | Ajsquare | Improper Authentication vulnerability in Ajsquare AJ Article AJ Square AJ Article allows remote attackers to bypass authentication and access administrator functionality via a direct request to (1) user.php, (2) articles.php, (3) articlesuspend.php, (4) site.php, (5) statistics.php, (6) mail.php, (7) category.php, (8) subcategory.php, (9) changepassword.php, (10) polling.php, and (11) logo.php in admin/. | 7.5 |
2009-08-24 | CVE-2008-7050 | Wowraidmanager | Credentials Management vulnerability in Wowraidmanager The password_check function in auth/auth_phpbb3.php in WoW Raid Manager 3.5.1 before Patch 1, when using PHPBB3 authentication, (1) does not invoke the CheckPassword function with the required arguments, which always triggers an authentication failure, and (2) returns true instead of false when an authentication failure occurs, which allows remote attackers to bypass authentication and gain privileges with an arbitrary password. | 7.5 |
2009-08-24 | CVE-2008-7049 | Natterchat | SQL Injection vulnerability in Natterchat 1.1/1.12 Multiple SQL injection vulnerabilities in login.asp in NatterChat 1.1 and 1.12 allow remote attackers to execute arbitrary SQL commands via the (1) txtUsername parameter (aka Username) and (2) txtPassword parameter (aka Password) in a form generated by home.asp. | 7.5 |
2009-08-24 | CVE-2008-7047 | Natterchat | Improper Authentication vulnerability in Natterchat 1.1 NatterChat 1.1 allows remote attackers to bypass authentication and gain administrator privileges to read or delete rooms and messages via a direct request to admin/home.asp. | 7.5 |
2009-08-24 | CVE-2008-7044 | Ajsquare | SQL Injection vulnerability in Ajsquare Free Polling Script SQL injection vulnerability in admin/include/newpoll.php in AJ Square Free Polling Script (AJPoll) Database version allows remote attackers to execute arbitrary SQL commands via the ques parameter. | 7.5 |
2009-08-24 | CVE-2008-7042 | Freshscripts | Code Injection vulnerability in Freshscripts Fresh Email Script 1.0/1.11 PHP remote file inclusion vulnerability in url.php in FreshScripts Fresh Email Script 1.0 through 1.11 allows remote attackers to execute arbitrary PHP code via a URL in the tmp_sid parameter. | 7.5 |
2009-08-24 | CVE-2008-7041 | Ajsquare | Improper Authentication vulnerability in Ajsquare AJ Classifieds AJ Classifieds allows remote attackers to bypass authentication and gain administrator privileges via a direct request to admin/home.php. | 7.5 |
2009-08-24 | CVE-2008-7040 | Wordpress Yellowswordfish | SQL Injection vulnerability in Yellowswordfish Simple Forum SQL injection vulnerability in ahah/sf-profile.php in the Yellow Swordfish Simple Forum module for Wordpress allows remote attackers to execute arbitrary SQL commands via the u parameter. | 7.5 |
2009-08-24 | CVE-2008-7038 | Phpnuke Maxdev | SQL Injection vulnerability in Maxdev MY Egallery SQL injection vulnerability in the My_eGallery module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the gid parameter in a showgall action to modules.php. | 7.5 |
2009-08-24 | CVE-2008-7037 | ITN Microsoft | Improper Input Validation vulnerability in ITN News Gadget 1.06 The Sidebar gadget in ITN News Gadget (aka ITN Hub Gadget) 1.06 for Windows Vista, and possibly other versions before 1.23, allows remote web servers or man-in-the-middle attackers to execute arbitrary commands via script in a short_title response. | 7.5 |
2009-08-24 | CVE-2008-7034 | Tigran Abrahamyan | Code Injection vulnerability in Tigran Abrahamyan PHPecho CMS 2.0 PHP remote file inclusion vulnerability in kernel/smarty/Smarty.class.php in PHPEcho CMS 2.0 rc3 allows remote attackers to execute arbitrary PHP code via a URL in unspecified vectors that modify the _smarty_compile_path variable in the fetch function. | 7.5 |
2009-08-24 | CVE-2008-7033 | Galore Joomla | SQL Injection vulnerability in Galore COM Simpleshop SQL injection vulnerability in the Simple Shop Galore (com_simpleshop) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the section parameter in a section action to index.php, a different vulnerability than CVE-2008-2568. | 7.5 |
2009-08-24 | CVE-2008-7030 | Site2Nite | SQL Injection vulnerability in Site2Nite Real Estate web Multiple SQL injection vulnerabilities in Site2Nite Real Estate Web allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password field to an unspecified component, possibly agentlist.asp. | 7.5 |
2009-08-24 | CVE-2003-1574 | Tiki | Improper Authentication vulnerability in Tiki Tikiwiki Cms/Groupware 1.6.1 TikiWiki 1.6.1 allows remote attackers to bypass authentication by entering a valid username with an arbitrary password, possibly related to the Internet Explorer "Remember Me" feature. | 7.5 |
2009-08-27 | CVE-2009-2861 | Cisco | Denial-Of-Service vulnerability in Cisco Aironet Ap1100 and Aironet Ap1200 The Over-the-Air Provisioning (OTAP) functionality on Cisco Aironet Lightweight Access Point 1100 and 1200 devices does not properly implement access-point association, which allows remote attackers to spoof a controller and cause a denial of service (service outage) via crafted remote radio management (RRM) packets, aka "SkyJack" or Bug ID CSCtb56664. | 7.3 |
2009-08-28 | CVE-2008-7107 | Eset | Improper Input Validation vulnerability in Eset Smart Security 3.0.667.0 easdrv.sys in ESET Smart Security 3.0.667.0 allows local users to cause a denial of service (crash) via a crafted IOCTL 0x222003 request to the \\.\easdrv device interface. | 7.2 |
2009-08-28 | CVE-2009-3000 | SUN | Resource Management Errors vulnerability in SUN Opensolaris and Solaris The sockfs module in the kernel in Sun Solaris 10 and OpenSolaris snv_41 through snv_122, when Network Cache Accelerator (NCA) logging is enabled, allows remote attackers to cause a denial of service (panic) via unspecified web-server traffic that triggers a NULL pointer dereference in the nl7c_http_log function, related to "improper http response handling." | 7.1 |
65 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2009-08-27 | CVE-2008-7096 | Intel | Permissions, Privileges, and Access Controls vulnerability in Intel Bios Intel Desktop and Intel Mobile Boards with BIOS firmware DQ35JO, DQ35MP, DP35DP, DG33FB, DG33BU, DG33TL, MGM965TW, D945GCPE, and DX38BT allows local administrators with ring 0 privileges to gain additional privileges and modify code that is running in System Management Mode, or access hypervisory memory as demonstrated at Black Hat 2008 by accessing certain remapping registers in Xen 3.3. | 6.9 |
2009-08-28 | CVE-2008-7114 | Ifusionservices | SQL Injection vulnerability in Ifusionservices Ifdate SQL injection vulnerability in members_search.php in iFusion Services iFdate 2.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the name field. | 6.8 |
2009-08-27 | CVE-2008-7099 | Qsoft INC | Remote Security vulnerability in K-Rate Unspecified vulnerability in the Manage Templates feature in Qsoft K-Rate Premium allows remote attackers to execute arbitrary PHP code via unknown vectors. | 6.8 |
2009-08-26 | CVE-2008-7093 | Unica | Path Traversal vulnerability in Unica Affinium Campaign 7.2.1.0.55 Multiple directory traversal vulnerabilities in Unica Affinium Campaign 7.2.1.0.55 allow remote attackers to (1) create arbitrary directories or files via a .. | 6.8 |
2009-08-25 | CVE-2009-2964 | Squirrelmail | Cross-Site Request Forgery (CSRF) vulnerability in Squirrelmail Multiple cross-site request forgery (CSRF) vulnerabilities in SquirrelMail 1.4.19 and earlier, and NaSMail before 1.7, allow remote attackers to hijack the authentication of unspecified victims via features such as send message and change preferences, related to (1) functions/mailbox_display.php, (2) src/addrbook_search_html.php, (3) src/addressbook.php, (4) src/compose.php, (5) src/folders.php, (6) src/folders_create.php, (7) src/folders_delete.php, (8) src/folders_rename_do.php, (9) src/folders_rename_getname.php, (10) src/folders_subscribe.php, (11) src/move_messages.php, (12) src/options.php, (13) src/options_highlight.php, (14) src/options_identities.php, (15) src/options_order.php, (16) src/search.php, and (17) src/vcard.php. | 6.8 |
2009-08-25 | CVE-2008-7082 | Mybboard | Cross-Site Request Forgery (CSRF) vulnerability in Mybboard Mybb 1.4.3 MyBB (aka MyBulletinBoard) 1.4.3 includes the sensitive my_post_key parameter in URLs to moderation.php with the (1) mergeposts, (2) split, and (3) deleteposts actions, which allows remote attackers to steal the token and bypass the cross-site request forgery (CSRF) protection mechanism to hijack the authentication of moderators by reading the token from the HTTP Referer header. | 6.8 |
2009-08-25 | CVE-2008-7073 | Rssmodule Ekkaia | Code Injection vulnerability in multiple products PHP remote file inclusion vulnerability in lib/action/rss.php in RSS module 0.1 for Pie Web M{a,e}sher, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the lib parameter. | 6.8 |
2009-08-25 | CVE-2008-7062 | Lovecms | Permissions, Privileges, and Access Controls vulnerability in Lovecms 1.6.2 Unrestricted file upload vulnerability in admin/index.php in Download Manager module 1.0 for LoveCMS 1.6.2 Final allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in uploads/. | 6.8 |
2009-08-24 | CVE-2008-7058 | Grayscalecms | Cross-Site Request Forgery (CSRF) vulnerability in Grayscalecms Bandsite CMS 1.1.4 Cross-site request forgery (CSRF) vulnerability in BandSite CMS 1.1.4 allows remote attackers to hijack the authentication of administrators and force a logout via adminpanel/logout.php. | 6.8 |
2009-08-24 | CVE-2008-7032 | F5 | Cross-Site Request Forgery (CSRF) vulnerability in F5 Big-Ip 9.4.3 Web Management Console Cross-site request forgery (CSRF) vulnerability in the web management console in F5 BIG-IP 9.4.3 allows remote attackers to hijack the authentication of administrators for requests that create new administrators and execute shell commands, as demonstrated using tmui/Control/form. | 6.8 |
2009-08-27 | CVE-2008-7100 | Dotnetnuke | Security Bypass and Information Disclosure vulnerability in DotNetNuke Unspecified vulnerability in DotNetNuke 4.4.1 through 4.8.4 allows remote authenticated users to bypass authentication and gain privileges via unknown vectors related to a "unique id" for user actions and improper validation of a "user identity." | 6.5 |
2009-08-26 | CVE-2008-7088 | Photopost | Improper Input Validation vulnerability in Photopost Vbgallery 2.4.2 Unrestricted file upload vulnerability in upload.php in PhotoPost vBGallery 2.4.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension followed by a safe extension, then accessing it via a direct request to the file in a certain path. | 6.5 |
2009-08-25 | CVE-2008-7076 | Kalptaru Infotech | Permissions, Privileges, and Access Controls vulnerability in Kalptaru Infotech Stararticles 6.0 Unrestricted file upload vulnerability in user.modify.profile.php in Kalptaru Infotech Ltd. | 6.5 |
2009-08-24 | CVE-2008-7052 | Preprojects | Improper Input Validation vulnerability in Preprojects PRE Real Estate Listings Unrestricted file upload vulnerability in profile.php in Pre Projects Pre Real Estate Listings allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a profile logo, then accessing it via a direct request to the file in re_images/. | 6.5 |
2009-08-28 | CVE-2008-7113 | Kyoceramita | Cryptographic Issues vulnerability in Kyoceramita Scanner File Utility 3.3.0.1 The Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 uses a small space of predictable user identification numbers for access control, which allows remote attackers to upload documents via a brute force attack. | 6.4 |
2009-08-27 | CVE-2009-2973 | Cryptographic Issues vulnerability in Google Chrome Google Chrome before 2.0.172.43 does not prevent SSL connections to a site with an X.509 certificate signed with the (1) MD2 or (2) MD4 algorithm, which makes it easier for man-in-the-middle attackers to spoof arbitrary HTTPS servers via a crafted certificate, a related issue to CVE-2009-2409. | 6.4 | |
2009-08-25 | CVE-2008-7068 | PHP | Improper Input Validation vulnerability in PHP The dba_replace function in PHP 5.2.6 and 4.x allows context-dependent attackers to cause a denial of service (file truncation) via a key with the NULL byte. | 6.4 |
2009-08-24 | CVE-2008-7046 | Ajsquare | Improper Authentication vulnerability in Ajsquare Free Polling Script AJ Square Free Polling Script (AJPoll) allows remote attackers to bypass authentication and create new polls via a direct request to admin/include/newpoll.php, a different vector than CVE-2008-7045. | 6.4 |
2009-08-24 | CVE-2008-7045 | Ajsquare | Improper Authentication vulnerability in Ajsquare Free Polling Script AJ Square Free Polling Script (AJPoll) Database version allows remote attackers to bypass authentication and reset poll votes via a direct request to admin/resetvote.php. | 6.4 |
2009-08-24 | CVE-2008-7029 | Alilg | Improper Input Validation vulnerability in Alilg Aliboard Beta Unrestricted file upload vulnerability in usercp.php in AlilG Application AliBoard Beta allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as an avatar, then accessing it via a direct request to the file in uploads/avatars/. | 6.0 |
2009-08-24 | CVE-2008-7055 | Visualshapers | Path Traversal vulnerability in Visualshapers Ezcontents 2.0.3 module.php in ezContents 2.0.3 allows remote attackers to bypass the directory traversal protection mechanism to include and execute arbitrary local files via "....//" (doubled dot dot slash) sequences in the link parameter, which is not properly filtered using the str_replace function. | 5.1 |
2009-08-24 | CVE-2008-7054 | Visualshapers | Path Traversal vulnerability in Visualshapers Ezcontents 2.0.3 Multiple directory traversal vulnerabilities in ezContents 2.0.3 allow remote attackers to include and execute arbitrary local files via the (1) gsLanguage and (2) language_home parameters to modules/diary/showdiary.php; (3) admin_home, (4) gsLanguage, and (5) language_home parameters to modules/diary/showdiarydetail.php; (6) gsLanguage and (7) language_home parameters to modules/diary/submit_diary.php; (8) admin_home parameter to modules/news/news_summary.php; (9) nLink, (10) gsLanguage, and (11) language_home parameters to modules/news/inlinenews.php; and possibly other unspecified vectors in (12) diary/showeventlist.php, (13) gallery/showgallery.php, (14) reviews/showreviews.php, (15) gallery/showgallerydetails.php, (16) reviews/showreviewsdetails.php, (17) news/shownewsdetails.php, (18) gallery/submit_gallery.php, (19) guestbook/submit_guestbook.php, (20) reviews/submit_reviews.php, (21) news/submit_news.php, (22) diary/inlineeventlist.php, and (23) news/archivednews_summary.php in modules/, related to the lack of directory traversal protection in modules/moduleSec.php. | 5.1 |
2009-08-28 | CVE-2008-7118 | Webidsupport | Permissions, Privileges, and Access Controls vulnerability in Webidsupport Webid 0.5.4 WeBid auction script 0.5.4 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain SQL query logs via a direct request for logs/cron.log. | 5.0 |
2009-08-28 | CVE-2008-7117 | Webidsupport | Permissions, Privileges, and Access Controls vulnerability in Webidsupport Webid 0.5.4 eledicss.php in WeBid auction script 0.5.4 allows remote attackers to modify arbitrary cascading style sheets (CSS) files via a certain request with the file parameter set to style.css. | 5.0 |
2009-08-28 | CVE-2008-7112 | Kyoceramita | Improper Input Validation vulnerability in Kyoceramita Scanner File Utility 3.3.0.1 The Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 allows remote attackers to cause a denial of service (hang or crash) via invalid field length values in a malformed (1) document or (2) request. | 5.0 |
2009-08-27 | CVE-2008-7106 | Sophos | Unspecified vulnerability in Sophos Puremessage for Microsoft Exchange 3.0 The installation of Sophos PureMessage for Microsoft Exchange 3.0 before 3.0.2, when both anti-virus and anti-spam are supported, does not create or launch the associated scan engines when the system is under heavy load, which has unspecified impact, probably remote bypass of scanner protection or a denial of service (message loss or delay). | 5.0 |
2009-08-27 | CVE-2008-7105 | Sophos | Denial Of Service vulnerability in Sophos Puremessage for Microsoft Exchange 3.0 Sophos PureMessage for Microsoft Exchange 3.0 before 3.0.2 allows remote attackers to cause a denial of service (EdgeTransport.exe termination) via a TNEF-encoded message with a crafted rich text body that is not properly handled during conversion to plain text. | 5.0 |
2009-08-27 | CVE-2008-7104 | Sophos | Denial Of Service vulnerability in Sophos Puremessage for Microsoft Exchange 3.0 Sophos PureMessage Scanner service (PMScanner.exe) in PureMessage for Microsoft Exchange 3.0 before 3.0.2 allows remote attackers to cause a denial of service (message queue delay and incomplete spam rule update) via a crafted (1) RTF or (2) PDF file. | 5.0 |
2009-08-27 | CVE-2008-7101 | Dotnetnuke | Security Bypass and Information Disclosure vulnerability in DotNetNuke Unspecified vulnerability in DotNetNuke 4.0 through 4.8.4 and 5.0 allows remote attackers to obtain sensitive information (portal number) by accessing the install wizard page via unknown vectors. | 5.0 |
2009-08-27 | CVE-2009-2975 | Microsoft Mozilla | Denial-Of-Service vulnerability in Mozilla Firefox 3.5.2 Mozilla Firefox 3.5.2 on Windows XP, in some situations possibly involving an incompletely configured protocol handler, does not properly implement setting the document.location property to a value specifying a protocol associated with an external application, which allows remote attackers to cause a denial of service (memory consumption) via vectors involving a series of function calls that set this property, as demonstrated by (1) the chromehtml: protocol and (2) the aim: protocol. | 5.0 |
2009-08-27 | CVE-2009-2974 | Denial-Of-Service vulnerability in Chrome Google Chrome 1.0.154.65, 1.0.154.48, and earlier allows remote attackers to (1) cause a denial of service (application hang) via vectors involving a chromehtml: URI value for the document.location property or (2) cause a denial of service (application hang and CPU consumption) via vectors involving a series of function calls that set a chromehtml: URI value for the document.location property. | 5.0 | |
2009-08-26 | CVE-2008-7094 | Unica | Resource Management Errors vulnerability in Unica Affinium Campaign 7.2.1.0.55 Campaign/CampaignListener in the listener server in Unica Affinium Campaign 7.2.1.0.55 allows remote attackers to cause a denial of service (server crash) via a crafted length field that triggers (1) connection exhaustion or (2) memory allocation failure. | 5.0 |
2009-08-26 | CVE-2008-7084 | Hirschelectronics | Path Traversal vulnerability in Hirschelectronics Velocity Security Management System 1.0 Directory traversal vulnerability in the web server 1.0 in Velocity Security Management System allows remote attackers to read arbitrary files via a .. | 5.0 |
2009-08-25 | CVE-2008-7080 | Phpclassifiedsscript | Permissions, Privileges, and Access Controls vulnerability in PHPclassifiedsscript PHP Classifieds Script Team PHP PHP Classifieds Script stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain database credentials via a direct request for admin/backup/datadump.sql. | 5.0 |
2009-08-25 | CVE-2008-7063 | Ocean12Tech | Information Exposure vulnerability in Ocean12Tech FAQ Manager PRO Ocean12 FAQ Manager Pro stores sensitive data under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for admin/o12faq.mdb. | 5.0 |
2009-08-24 | CVE-2008-7056 | Grayscalecms | Permissions, Privileges, and Access Controls vulnerability in Grayscalecms Bandsite CMS 1.1.4 BandSite CMS 1.1.4 does not perform access control for adminpanel/phpmydump.php, which allows remote attackers to obtain copies of the database via a direct request. | 5.0 |
2009-08-24 | CVE-2009-2956 | IBM | Information Exposure vulnerability in IBM Websphere Commerce Suite The (1) Net.Commerce and (2) Net.Data components in IBM WebSphere Commerce Suite store sensitive information under the web root with insufficient access control, which allows remote attackers to discover passwords, and database and filesystem details, via direct requests for configuration files. | 5.0 |
2009-08-24 | CVE-2009-2955 | Improper Input Validation vulnerability in Google Chrome Google Chrome 1.0.154.48 and earlier allows remote attackers to cause a denial of service (CPU consumption and application hang) via JavaScript code with a long string value for the hash property (aka location.hash), a related issue to CVE-2008-5715. | 5.0 | |
2009-08-24 | CVE-2009-2954 | Microsoft | Improper Input Validation vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer 6.0.2900.2180 and earlier allows remote attackers to cause a denial of service (CPU consumption and application hang) via JavaScript code with a long string value for the hash property (aka location.hash), a related issue to CVE-2008-5715. | 5.0 |
2009-08-24 | CVE-2009-2953 | Mozilla | Resource Management Errors vulnerability in Mozilla Firefox Mozilla Firefox 3.0.6 through 3.0.13, and 3.5.x, allows remote attackers to cause a denial of service (CPU consumption) via JavaScript code with a long string value for the hash property (aka location.hash), a related issue to CVE-2008-5715. | 5.0 |
2009-08-24 | CVE-2009-2952 | SUN | Local Denial Of Service vulnerability in SUN Opensolaris and Solaris Unspecified vulnerability in the pollwakeup function in Sun Solaris 10, and OpenSolaris before snv_51, allows local users to cause a denial of service (panic) via unknown vectors. | 4.9 |
2009-08-28 | CVE-2009-3008 | Christophe Thibault | Unspecified vulnerability in Christophe Thibault K-Meleon 1.5.3 K-Meleon 1.5.3 allows context-dependent attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary file: URL after a victim has visited any file: URL, as demonstrated by a visit to a file: document written by the attacker. | 4.3 |
2009-08-28 | CVE-2009-3007 | Flock Mozilla | Remote Security vulnerability in SeaMonkey Mozilla Firefox 3.5.1 and SeaMonkey 1.1.17, and Flock 2.5.1, allow context-dependent attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary file: URL after a victim has visited any file: URL, as demonstrated by a visit to a file: document written by the attacker. | 4.3 |
2009-08-28 | CVE-2009-3006 | Maxthon | Remote Security vulnerability in Maxthon Browser 2.5.3.80 Maxthon Browser 2.5.3.80 UNICODE allows remote attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary URL on the web site visited by the victim, as demonstrated by a visit to an attacker-controlled web page, which triggers a spoofed login form for the site containing that page. | 4.3 |
2009-08-28 | CVE-2009-3005 | Lunascape | Remote Security vulnerability in Lunascape 5.1.3/5.1.4 Lunascape 5.1.3 and 5.1.4 allows remote attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary URL on the web site visited by the victim, as demonstrated by a visit to an attacker-controlled web page, which triggers a spoofed login form for the site containing that page. | 4.3 |
2009-08-28 | CVE-2009-3004 | Avant Force | Remote Security vulnerability in Avant Force Avant Browser 11.7 Avant Browser 11.7 Builds 35 and 36 allows remote attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary URL on the web site visited by the victim, as demonstrated by a visit to an attacker-controlled web page, which triggers a spoofed login form for the site containing that page. | 4.3 |
2009-08-28 | CVE-2009-3003 | Microsoft | Unspecified vulnerability in Microsoft Internet Explorer 6/7/8 Microsoft Internet Explorer 6 through 8 allows remote attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary URL on the web site visited by the victim, as demonstrated by a visit to an attacker-controlled web page, which triggers a spoofed login form for the site containing that page. | 4.3 |
2009-08-28 | CVE-2008-7121 | Mrcgiguy | Cross-Site Scripting vulnerability in Mrcgiguy HOT Links Sql-PHP 3 Cross-site scripting (XSS) vulnerability in Mr. | 4.3 |
2009-08-28 | CVE-2008-7108 | Phpcart | Cross-Site Scripting vulnerability in PHPcart 3.4 Multiple cross-site scripting (XSS) vulnerabilities in Carmosa phpCart 3.4 through 4.6.4 allow remote attackers to inject arbitrary web script or HTML via the (1) quantity or (2) Add Engraving fields to the default URI; (3) Quantity field to phpcart.php; (4) Name, (5) Company, (6) Address, (7) City, and (8) Province/State fields in a checkout action to phpcart.php; and other unspecified vectors. | 4.3 |
2009-08-27 | CVE-2008-7098 | Qsoft INC | Cross-Site Scripting vulnerability in Qsoft-Inc K-Rate Multiple cross-site scripting (XSS) vulnerabilities in Qsoft K-Rate Premium allow remote attackers to inject arbitrary web script or HTML via the blog, possibly the (1) Title and (2) Text fields; (3) the gallery, possibly the Description field in Your Pictures; (4) the forum, possibly the Your Message field when posting a new thread; or (5) the vote parameter in a view action to index.php. | 4.3 |
2009-08-26 | CVE-2009-2967 | Buildbot | Cross-Site Scripting vulnerability in Buildbot Multiple cross-site scripting (XSS) vulnerabilities in Buildbot 0.7.6 through 0.7.11p2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, different vulnerabilities than CVE-2009-2959. | 4.3 |
2009-08-26 | CVE-2008-7092 | Unica | Cross-Site Scripting vulnerability in Unica Affinium Campaign 7.2.1.0.55 Multiple cross-site scripting (XSS) vulnerabilities in Unica Affinium Campaign 7.2.1.0.55 allow remote attackers to inject arbitrary web script or HTML via a Javascript event in the (1) url, (2) PageName, and (3) title parameters in a CustomBookMarkLink action to Campaign/Campaign; (4) a Javascript event in the displayIcon parameter to Campaign/updateOfferTemplateSubmit.do (aka the templates web page); (5) crafted input to Campaign/CampaignListener (aka the listener server), which is not properly handled when displaying the status log; and (6) id parameter to Campaign/campaignDetails.do, (7) id parameter to Campaign/offerDetails.do, (8) function parameter to Campaign/Campaign, (9) sessionID parameter to Campaign/runAllFlowchart.do, (10) id parameter in an edit action to Campaign/updateOfferTemplatePage.do, (11) Frame parameter in a LoadFrame action to Campaign/Campaign, (12) affiniumUserName parameter to manager/jsp/test.jsp, (13) affiniumUserName parameter to Campaign/main.do, and possibly other vectors. | 4.3 |
2009-08-26 | CVE-2008-7089 | Pligg | Cross-Site Scripting vulnerability in Pligg CMS Cross-site scripting (XSS) vulnerability in Pligg 9.9 and earlier allows remote attackers to inject arbitrary web script or HTML via the keyword parameter in a search action to user.php and other unspecified vectors. | 4.3 |
2009-08-25 | CVE-2009-2966 | Kaspersky | Resource Management Errors vulnerability in Kaspersky Anti-Virus and Kaspersky Internet Security avp.exe in Kaspersky Internet Security 9.0.0.459 and Anti-Virus 9.0.0.463 allows remote attackers to cause a denial of service (CPU consumption and network connectivity loss) via an HTTP URL request that contains a large number of dot "." characters. | 4.3 |
2009-08-25 | CVE-2009-2965 | Radvision | Cross-Site Scripting vulnerability in Radvision Scopia 5.7 Cross-site scripting (XSS) vulnerability in entry/index.jsp in Radvision Scopia 5.7, and possibly other versions before SD 7.0.100, allows remote attackers to inject arbitrary web script or HTML via the page parameter. | 4.3 |
2009-08-25 | CVE-2009-2959 | Buildbot | Cross-Site Scripting vulnerability in Buildbot Cross-site scripting (XSS) vulnerability in the waterfall web status view (status/web/waterfall.py) in Buildbot 0.7.6 through 0.7.11p1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2009-08-25 | CVE-2008-7072 | Chipmunk Scripts | Cross-Site Scripting vulnerability in Chipmunk-Scripts Chipmunk Topsites Cross-site scripting (XSS) vulnerability in index.php in Chipmunk Topsites allows remote attackers to inject arbitrary web script or HTML via the start parameter. | 4.3 |
2009-08-24 | CVE-2008-7061 | Resource Management Errors vulnerability in Google Chrome 0.2.149.29 The tooltip manager (chrome/views/tooltip_manager.cc) in Google Chrome 0.2.149.29 Build 1798 and possibly other versions before 0.2.149.30 allows remote attackers to cause a denial of service (CPU consumption or crash) via a tag with a long title attribute, which is not properly handled when displaying a tooltip, a different vulnerability than CVE-2008-6994. | 4.3 | |
2009-08-24 | CVE-2008-7060 | ONE News | Cross-Site Scripting vulnerability in One-News Multiple cross-site scripting (XSS) vulnerabilities in One-News Beta 2 allow remote attackers to inject arbitrary HTML and web script via the (1) title or (2) content parameters in a news item to add.php, and the (3) itemnum, (4) author, or (5) comment parameters in a comment to index.php. | 4.3 |
2009-08-24 | CVE-2008-7057 | Grayscalecms | Cross-Site Scripting vulnerability in Grayscalecms Bandsite CMS 1.1.4 Cross-site scripting (XSS) vulnerability in merchandise.php in BandSite CMS 1.1.4 allows remote attackers to inject arbitrary HTML or web script via the type parameter. | 4.3 |
2009-08-24 | CVE-2008-7048 | Natterchat | Cross-Site Scripting vulnerability in Natterchat 1.12 Multiple cross-site scripting (XSS) vulnerabilities in NatterChat 1.12 allow remote attackers to inject arbitrary web script or HTML via the (1) txtUsername parameter to registerDo.asp, as invoked from register.asp, or (2) txtRoomName parameter to room_new.asp. | 4.3 |
2009-08-24 | CVE-2008-7043 | Freshscripts | Cross-Site Scripting vulnerability in Freshscripts Fresh Email Script 1.0/1.11 Cross-site scripting (XSS) vulnerability in register.php in FreshScripts Fresh Email Script 1.0 through 1.11 allows remote attackers to inject arbitrary web script or HTML via the Email parameter. | 4.3 |
2009-08-24 | CVE-2008-7039 | Gelatocms | Cross-Site Scripting vulnerability in Gelatocms 0.95 Cross-site scripting (XSS) vulnerability in admin/comments.php in Gelato CMS 0.95 allows remote attackers to inject arbitrary web script or HTML via the content parameter in a comment. | 4.3 |
2009-08-24 | CVE-2008-7036 | E Xoops Bcoos | Cross-Site Scripting vulnerability in multiple products Multiple cross-site scripting (XSS) vulnerabilities in index.php in DevTracker module 3.0 for bcoos 1.1.11 and earlier, and DevTracker module 0.20 for E-XooPS 1.0.8 and earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) direction and (2) order_by parameters. | 4.3 |
2009-08-24 | CVE-2008-7035 | Phpraider Simple Machines | Cross-Site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in an unspecified component in Simple Machines phpRaider 1.0.7 allows remote attackers to inject arbitrary web script or HTML via the resistance field. | 4.3 |
1 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2009-08-27 | CVE-2009-2977 | Cisco | Cryptographic Issues vulnerability in Cisco Cs-Mars The Cisco Security Monitoring, Analysis and Response System (CS-MARS) 6.0.4 and earlier stores cleartext passwords in log/sysbacktrace.## files within error-logs.tar.gz archives, which allows context-dependent attackers to obtain sensitive information by reading these files. | 3.3 |