Weekly Vulnerabilities Reports > January 4 to 10, 2010
Overview
75 new vulnerabilities reported during this period, including 8 critical vulnerabilities and 24 high severity vulnerabilities. This weekly summary report vulnerabilities in 69 products from 59 vendors including Joomla, IBM, Zenphoto, Drupal, and Verbatim. Vulnerabilities are notably categorized as "Cross-site Scripting", "SQL Injection", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Permissions, Privileges, and Access Controls", and "Path Traversal".
- 70 reported vulnerabilities are remotely exploitables.
- 29 reported vulnerabilities have public exploit available.
- 43 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 72 reported vulnerabilities are exploitable by an anonymous user.
- Joomla has the most reported vulnerabilities, with 8 reported vulnerabilities.
- IBM has the most reported critical vulnerabilities, with 4 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
8 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2010-01-09 | CVE-2010-0276 | IBM | Security vulnerability in IBM Domino web Access, Lotus Domino and Lotus Inotes IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 does not properly handle navigation of the "Try Lotus iNotes anyway" link from the page that reports use of an unsupported browser, which has unspecified impact and attack vectors, aka SPR LSHR7TBMQU. | 10.0 |
2010-01-09 | CVE-2010-0275 | IBM | Security vulnerability in IBM Lotus Domino Web Access Ultra-light Mode in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 does not properly handle script commands in the status-alerts URL, which has unspecified impact and attack vectors, aka SPR LSHR7TBM58. | 10.0 |
2010-01-09 | CVE-2010-0274 | IBM | Security vulnerability in IBM Lotus Domino Web Access Unspecified vulnerability in the Edit Contact scene in Ultra-light Mode in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 has unknown impact and attack vectors, aka SPR LSHR7TBLY5. | 10.0 |
2010-01-09 | CVE-2009-4594 | IBM | Remote Security vulnerability in Lotus iNotes Unspecified vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.131 for Domino 8.0.x has unknown impact and attack vectors, aka SPR SDOY7RHBNH. | 10.0 |
2010-01-08 | CVE-2009-4009 | Powerdns | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Powerdns Recursor Buffer overflow in PowerDNS Recursor before 3.1.7.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted packets. | 10.0 |
2010-01-08 | CVE-2009-3952 | Adobe | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Illustrator Buffer overflow in Adobe Illustrator CS3 13.0.3 and earlier and Illustrator CS4 14.0.0 allows attackers to execute arbitrary code via unspecified vectors. | 10.0 |
2010-01-06 | CVE-2009-4581 | Roseonlinecms | Path Traversal vulnerability in Roseonlinecms Directory traversal vulnerability in modules/admincp.php in RoseOnlineCMS 3 B1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the admin parameter. | 9.8 |
2010-01-04 | CVE-2009-4549 | Cdmi | Buffer Errors vulnerability in Cdmi A2 Media Player PRO 2.51 Stack-based buffer overflow in A2 Media Player Pro 2.51 allows remote attackers to execute arbitrary code via a long string in a (1) .m3u or (2) .m3l playlist file. | 9.3 |
24 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2010-01-08 | CVE-2010-0012 | Transmissionbt Debian Opensuse | Path Traversal vulnerability in multiple products Directory traversal vulnerability in libtransmission/metainfo.c in Transmission 1.22, 1.34, 1.75, and 1.76 allows remote attackers to overwrite arbitrary files via a .. | 8.8 |
2010-01-09 | CVE-2010-0013 | Adium Pidgin Fedoraproject Suse Opensuse Redhat | Path Traversal vulnerability in multiple products Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. | 7.5 |
2010-01-08 | CVE-2009-4486 | Novell | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Imanager Stack-based buffer overflow in the eDirectory plugin in Novell iManager before 2.7.3 allows remote attackers to execute arbitrary code via vectors that trigger long arguments to an unspecified sub-application, related to importing and exporting from a schema. | 7.5 |
2010-01-08 | CVE-2010-0273 | SUN | Unspecified vulnerability in SUN Java System web Server 7.0 Unspecified vulnerability in Sun Java System Web Server 7.0 Update 6 on Linux allows remote attackers to execute arbitrary code by sending a process memory address and crafted data to TCP port 80, as demonstrated by the vd_sjws2 module in VulnDisco. | 7.5 |
2010-01-08 | CVE-2010-0272 | SUN | Buffer Errors vulnerability in SUN Java System web Server 7.0 Heap-based buffer overflow in Sun Java System Web Server 7.0 Update 6 on Linux allows remote attackers to discover process memory locations via crafted data to TCP port 80, as demonstrated by the vd_sjws2 module in VulnDisco. | 7.5 |
2010-01-08 | CVE-2009-4010 | Powerdns | Remote Cache Poisoning vulnerability in PowerDNS Recursor Unspecified vulnerability in PowerDNS Recursor before 3.1.7.2 allows remote attackers to spoof DNS data via crafted zones. | 7.5 |
2010-01-07 | CVE-2009-4592 | Secureideas | Remote Security vulnerability in Base Unspecified vulnerability in base_local_rules.php in Basic Analysis and Security Engine (BASE) before 1.4.4 allows remote attackers to include arbitrary local files via unknown vectors. | 7.5 |
2010-01-07 | CVE-2009-4591 | Secureideas | SQL Injection vulnerability in Secureideas Base SQL injection vulnerability in Basic Analysis and Security Engine (BASE) before 1.4.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-01-06 | CVE-2010-0157 | Joomla Joomlabiblestudy | Path Traversal vulnerability in Joomlabiblestudy COM Biblestudy 6.1 Directory traversal vulnerability in the Bible Study (com_biblestudy) component 6.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. | 7.5 |
2010-01-06 | CVE-2009-4584 | Dbmasters | Improper Authentication vulnerability in Dbmasters DB Masters Multimedia Links Directory 3.1.3 admin.php in dB Masters Multimedia Links Directory 3.1.3 allows remote attackers to bypass authentication and gain administrative access via a certain value of the admin_log cookie. | 7.5 |
2010-01-06 | CVE-2009-4583 | Joomla | SQL Injection vulnerability in Joomla COM Dhforum SQL injection vulnerability in the DhForum (com_dhforum) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a grouplist action to index.php. | 7.5 |
2010-01-06 | CVE-2009-4582 | Xoops | SQL Injection vulnerability in Xoops Dictionary 2.0.18 SQL injection vulnerability in detail.php in the Dictionary module for XOOPS 2.0.18 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2010-01-06 | CVE-2009-4576 | Joomla Cmstactics | SQL Injection vulnerability in Cmstactics COM Beeheard SQL injection vulnerability in the BeeHeard (com_beeheard) component 1.x for Joomla! allows remote attackers to execute arbitrary SQL commands via the category_id parameter in a suggestions action to index.php. | 7.5 |
2010-01-06 | CVE-2009-4574 | I Escorts | SQL Injection vulnerability in I-Escorts Directory Script SQL injection vulnerability in country_escorts.php in I-Escorts Directory Script allows remote attackers to execute arbitrary SQL commands via the country_id parameter. | 7.5 |
2010-01-05 | CVE-2009-4571 | Phpshop | SQL Injection vulnerability in PHPshop 0.8.1 Multiple SQL injection vulnerabilities in index.php in PhpShop 0.8.1 allow remote attackers to execute arbitrary SQL commands via the (1) module_id parameter in an admin/function_list action, the (2) vendor_id parameter in a vendor/vendor_form action, the (3) module_id parameter in an admin/module_form action, the (4) user_id parameter in an admin/user_form action, the (5) vendor_category_id parameter in a vendor/vendor_category_form action, the (6) user_id parameter in a store/user_form action, the (7) payment_method_id parameter in a store/payment_method_form action, the (8) tax_rate_id parameter in a tax/tax_form action, or the (9) category parameter in a shop/browse action. | 7.5 |
2010-01-05 | CVE-2009-4569 | Elkagroup | SQL Injection vulnerability in Elkagroup Image Gallery SQL injection vulnerability in elkagroup Image Gallery allows remote attackers to execute arbitrary SQL commands via the id parameter to the default URI under news/. | 7.5 |
2010-01-04 | CVE-2009-4566 | Zenphoto | SQL Injection vulnerability in Zenphoto 1.2.5 SQL injection vulnerability in index.php in Zenphoto 1.2.5 allows remote attackers to execute arbitrary SQL commands via the title parameter in a news action. | 7.5 |
2010-01-04 | CVE-2009-4565 | Sendmail | Cryptographic Issues vulnerability in Sendmail sendmail before 8.14.4 does not properly handle a '\0' character in a Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and (2) allows remote attackers to bypass intended access restrictions via a crafted client certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. | 7.5 |
2010-01-04 | CVE-2009-4560 | Worms League | SQL Injection vulnerability in Worms-League Webleague 2.2.0 SQL injection vulnerability in profile.php in WebLeague 2.2.0 allows remote attackers to execute arbitrary SQL commands via the name parameter. | 7.5 |
2010-01-04 | CVE-2009-4551 | Intesync | SQL Injection vulnerability in Intesync Miniweb 2.0 SQL injection vulnerability in the Survey Pro module for Miniweb 2.0 allows remote attackers to execute arbitrary SQL commands via the campaign_id parameter in a results action to index.php. | 7.5 |
2010-01-04 | CVE-2009-4550 | Joomla Kunena | SQL Injection vulnerability in Kunena Forum 1.5.3/1.5.4 SQL injection vulnerability in the Kunena Forum (com_kunena) component 1.5.3 and 1.5.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the func parameter to index.php. | 7.5 |
2010-01-04 | CVE-2009-4546 | Logoshows | Improper Input Validation vulnerability in Logoshows BBS 2.0 globepersonnel_login.asp in Logoshows BBS 2.0 allows remote attackers to bypass authentication and gain administrative access by setting the (1) pb_username (aka pb%5Fusername) and (2) level cookies. | 7.5 |
2010-01-04 | CVE-2009-4541 | Isolsoft | Code Injection vulnerability in Isolsoft Support Center 2.5 Multiple PHP remote file inclusion vulnerabilities in IsolSoft Support Center 2.5 allow remote attackers to execute arbitrary PHP code via a URL in the lang parameter to (1) newticket.php or (2) rempass.php, or a URL in the lang parameter in an adduser action to (3) index.php. | 7.5 |
2010-01-04 | CVE-2009-4556 | Quickheal | Permissions, Privileges, and Access Controls vulnerability in Quickheal Antivirus Plus 2009 and Total Security 2009 Quick Heal AntiVirus Plus 2009 10.00 SP1 and Quick Heal Total Security 2009 10.00 SP1 use weak permissions (Everyone: Full Control) for the product files, which allows local users to gain privileges by replacing executables with Trojan horse programs, as demonstrated by replacing quhlpsvc.exe. | 7.2 |
40 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2010-01-05 | CVE-2009-4572 | Phpshop | Cross-Site Request Forgery (CSRF) vulnerability in PHPshop 0.8.1 Cross-site request forgery (CSRF) vulnerability in PhpShop 0.8.1 allows remote attackers to hijack the authentication of arbitrary users for requests that invoke the cartAdd function in a shop/cart action to the default URI. | 6.8 |
2010-01-04 | CVE-2009-4564 | Zenphoto | SQL Injection vulnerability in Zenphoto 1.2.5 SQL injection vulnerability in index.php in Zenphoto 1.2.5, when the ZenPage plugin is enabled, allows remote attackers to execute arbitrary SQL commands via the category parameter, related to a URI under news/category/. | 6.8 |
2010-01-04 | CVE-2009-4561 | Worms League | SQL Injection vulnerability in Worms-League Webleague 2.2.0 Multiple SQL injection vulnerabilities in Admin/index.php in WebLeague 2.2.0, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. | 6.8 |
2010-01-04 | CVE-2009-4555 | K Factor | Cross-Site Request Forgery (CSRF) vulnerability in K-Factor Agoracart 5.2.005/5.2.006 Multiple cross-site request forgery (CSRF) vulnerabilities in AgoraCart 5.2.005 and 5.2.006 and AgoraCart GOLD 5.5.005 allow remote attackers to hijack the authentication of administrators for requests that (1) modify a .htaccess file via an unspecified request to protected/manager.cgi or (2) change the password of an administrative account. | 6.8 |
2010-01-04 | CVE-2009-4543 | Cromosoft | Code Injection vulnerability in Cromosoft Facil Helpdesk 2.3 PHP remote file inclusion vulnerability in index.php in Cromosoft Technologies Facil Helpdesk 2.3 Lite allows remote attackers to execute arbitrary PHP code via a URL in the lng parameter. | 6.8 |
2010-01-04 | CVE-2009-4540 | Bpowerhouse | SQL Injection vulnerability in Bpowerhouse Mini CMS 1.0.1 SQL injection vulnerability in page.php in Mini CMS 1.0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 6.8 |
2010-01-09 | CVE-2010-0277 | Adium Pidgin | Resource Management Errors vulnerability in multiple products slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.6, including 2.6.4, and Adium 1.3.8 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a malformed MSNSLP INVITE request in an SLP message, a different issue than CVE-2010-0013. | 5.0 |
2010-01-07 | CVE-2010-0220 | Mozilla | Resource Management Errors vulnerability in Mozilla Firefox The nsObserverList::FillObserverArray function in xpcom/ds/nsObserverList.cpp in Mozilla Firefox before 3.5.7 allows remote attackers to cause a denial of service (application crash) via a crafted web site that triggers memory consumption and an accompanying Low Memory alert dialog, and also triggers attempted removal of an observer from an empty observers array. | 5.0 |
2010-01-07 | CVE-2009-4593 | Jesse Smith | Remote Denial of Service vulnerability in Bftpd The bftpdutmp_log function in bftpdutmp.c in Bftpd before 2.4 does not place a '\0' character at the end of the string value of the ut.bu_host structure member, which might allow remote attackers to cause a denial of service (daemon crash) via unspecified vectors. | 5.0 |
2010-01-07 | CVE-2009-4587 | Cherokee | Denial-Of-Service vulnerability in Cherokee 0.5.4 Cherokee Web Server 0.5.4 allows remote attackers to cause a denial of service (daemon crash) via an MS-DOS reserved word in a URI, as demonstrated by the AUX reserved word. | 5.0 |
2010-01-06 | CVE-2009-4585 | Aspindir | Permissions, Privileges, and Access Controls vulnerability in Aspindir Uranyumsoft Listing Service UranyumSoft Listing Service stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for database/db.mdb. | 5.0 |
2010-01-05 | CVE-2009-3734 | S2Sys | Unspecified vulnerability in S2Sys Linear Emerge Access Control System 2.5 Unspecified vulnerability in the management console in the S2 Security Linear eMerge Access Control System 2.5.x allows remote attackers to cause a denial of service (configuration reset) via a request to a crafted URI. | 5.0 |
2010-01-04 | CVE-2009-4558 | Unleashedmind Drupal | Permissions, Privileges, and Access Controls vulnerability in Unleashedmind IMG Assist The Image Assist module 5.x-1.x before 5.x-1.8, 5.x-2.x before 2.0-alpha4, 6.x-1.x before 6.x-1.1, 6.x-2.x before 2.0-alpha4, and 6.x-3.x-dev before 2009-07-15, a module for Drupal, does not properly enforce privilege requirements for unspecified pages, which allows remote attackers to read the (1) title or (2) body of an arbitrary node via unknown vectors. | 5.0 |
2010-01-04 | CVE-2009-4553 | Rjvmedia | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Rjvmedia Irehearse Stack-based buffer overflow in iRehearse allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long string in a .m3u playlist file. | 5.0 |
2010-01-04 | CVE-2009-4545 | Logoshows | Permissions, Privileges, and Access Controls vulnerability in Logoshows BBS 2.0 Logoshows BBS 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for database/globepersonnel.mdb. | 5.0 |
2010-01-08 | CVE-2010-0271 | SUN | Permissions, Privileges, and Access Controls vulnerability in SUN Opensolaris hald in Sun OpenSolaris snv_51 through snv_130 does not have the proc_audit privilege during unspecified attempts to write to the auditing log, which makes it easier for physically proximate attackers to avoid detection of changes to the set of connected hardware devices supporting the Hardware Abstraction Layer (HAL) specification. | 4.6 |
2010-01-07 | CVE-2010-0229 | Verbatim | Credentials Management vulnerability in Verbatim Corporate Secure Verbatim Corporate Secure and Corporate Secure FIPS Edition USB flash drives do not prevent password replay attacks, which allows physically proximate attackers to access the cleartext drive contents by providing a key that was captured in a USB data stream at an earlier time. | 4.6 |
2010-01-07 | CVE-2010-0228 | Verbatim | Cryptographic Issues vulnerability in Verbatim Corporate Secure Verbatim Corporate Secure and Corporate Secure FIPS Edition USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key. | 4.6 |
2010-01-07 | CVE-2010-0227 | Verbatim | Credentials Management vulnerability in Verbatim Corporate Secure Verbatim Corporate Secure and Corporate Secure FIPS Edition USB flash drives validate passwords with a program running on the host computer rather than the device hardware, which allows physically proximate attackers to access the cleartext drive contents via a modified program. | 4.6 |
2010-01-07 | CVE-2009-3742 | Liferay | Cross-Site Scripting vulnerability in Liferay Portal Cross-site scripting (XSS) vulnerability in Liferay Portal before 5.3.0 allows remote attackers to inject arbitrary web script or HTML via the p_p_id parameter. | 4.3 |
2010-01-07 | CVE-2009-4497 | Malcom BOX | Cross-Site Scripting vulnerability in Malcom BOX LXR Cross Referencer 0.9.5/0.9.6 Cross-site scripting (XSS) vulnerability in LXR Cross Referencer 0.9.5 and 0.9.6 allows remote attackers to inject arbitrary web script or HTML via the i parameter to the ident program. | 4.3 |
2010-01-07 | CVE-2009-4590 | Secureideas | Cross-Site Scripting vulnerability in Secureideas Base Cross-site scripting (XSS) vulnerability in base_local_rules.php in Basic Analysis and Security Engine (BASE) before 1.4.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2010-01-07 | CVE-2009-4589 | Mediawiki | Cross-Site Scripting vulnerability in Mediawiki Mediawik and Mediawiki Cross-site scripting (XSS) vulnerability in the Special:Block implementation in the getContribsLink function in SpecialBlockip.php in MediaWiki 1.14.0 and 1.15.0 allows remote attackers to inject arbitrary web script or HTML via the ip parameter. | 4.3 |
2010-01-07 | CVE-2009-4586 | Wowd | Cross-Site Scripting vulnerability in Wowd 1.2 Multiple cross-site scripting (XSS) vulnerabilities in index.html in Wowd client before 1.3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) sortby, (2) tags, or (3) ctx parameter in a search action. | 4.3 |
2010-01-06 | CVE-2009-4580 | Hastablog | Cross-Site Scripting vulnerability in Hastablog Hasta Blog 2.3 Multiple cross-site scripting (XSS) vulnerabilities in Hasta Blog 2.3 allow remote attackers to inject arbitrary web script or HTML via the id parameter to (1) yorumyaz.php and (2) blog.php. | 4.3 |
2010-01-06 | CVE-2009-4579 | Joomla Mambo Foundation | Cross-Site Scripting vulnerability in Joomla COM Artistavenue Cross-site scripting (XSS) vulnerability in the Artist avenue (com_artistavenue) component for Joomla! and Mambo allows remote attackers to inject arbitrary web script or HTML via the Itemid parameter to index.php. | 4.3 |
2010-01-06 | CVE-2009-4578 | Joomla Mambo Foundation Facileforms | Cross-Site Scripting vulnerability in Facileforms Cross-site scripting (XSS) vulnerability in the Facileforms (com_facileforms) component for Joomla! and Mambo allows remote attackers to inject arbitrary web script or HTML via the Itemid parameter to index.php. | 4.3 |
2010-01-06 | CVE-2009-4575 | Joomla Qproje | Cross-Site Scripting vulnerability in Qproje COM Qpersonel 1.2 Cross-site scripting (XSS) vulnerability in the Q-Personel (com_qpersonel) component 1.0.2 RC2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the personel_sira parameter in a sirala action to index.php. | 4.3 |
2010-01-06 | CVE-2009-4573 | Joomlabear Joomla | Cross-Site Scripting vulnerability in Joomlabear MOD Joomulus 2.0 Multiple cross-site scripting (XSS) vulnerabilities in the Joomulus (mod_joomulus) module 2.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the tagcloud parameter in a tags action to (1) tagcloud_ell.swf, (2) tagcloud_eng.swf, (3) tagcloud_por.swf, (4) tagcloud_rus.swf, and possibly (5) tagcloud_jpn.swf. | 4.3 |
2010-01-05 | CVE-2009-4570 | Phpshop | Cross-Site Scripting vulnerability in PHPshop 0.8.1 Cross-site scripting (XSS) vulnerability in PhpShop 0.8.1 allows remote attackers to inject arbitrary web script or HTML via the order_id parameter in an order/order_print action to the default URI. | 4.3 |
2010-01-05 | CVE-2009-4568 | Webmin | Cross-Site Scripting vulnerability in Webmin Usermin and Webmin Cross-site scripting (XSS) vulnerability in Webmin before 1.500 and Usermin before 1.430 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2010-01-04 | CVE-2009-4563 | Zenphoto | Cross-Site Scripting vulnerability in Zenphoto 1.2.5 Cross-site request forgery (CSRF) vulnerability in zp-core/admin-options.php in Zenphoto 1.2.5 allows remote attackers to hijack the authentication of administrators for requests that change the administrative password via the 0-adminpass and 0-adminpass_2 parameters in a saveoptions action. | 4.3 |
2010-01-04 | CVE-2009-4562 | Zenphoto | Cross-Site Scripting vulnerability in Zenphoto 1.2.5 Cross-site scripting (XSS) vulnerability in zp-core/admin.php in Zenphoto 1.2.5 allows remote attackers to inject arbitrary web script or HTML via the from parameter. | 4.3 |
2010-01-04 | CVE-2009-4554 | Snitz Communications | Cross-Site Scripting vulnerability in Snitz Communications Snitz Forums 2000 3.4.07 Multiple cross-site scripting (XSS) vulnerabilities in Snitz Forums 2000 3.4.07 allow remote attackers to inject arbitrary web script or HTML via (1) the url parameter to pop_send_to_friend.asp, related to a crafted onload attribute of an IMG element; or (2) an onload attribute in a sound tag. | 4.3 |
2010-01-04 | CVE-2009-4552 | Intesync | Cross-Site Scripting vulnerability in Intesync Miniweb 2.0 Cross-site scripting (XSS) vulnerability in the Survey Pro module for Miniweb 2.0 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php. | 4.3 |
2010-01-04 | CVE-2009-4548 | Viart | Cross-Site Scripting vulnerability in Viart Helpdesk 3.3.2/3.4.7 Multiple cross-site scripting (XSS) vulnerabilities in ViArt Helpdesk 3.x allow remote attackers to inject arbitrary web script or HTML via the category_id parameter to (1) products.php, (2) article.php, (3) product_details.php, or (4) reviews.php; the (5) forum_id parameter to forum.php; or the (6) search_category_id parameter to products_search.php. | 4.3 |
2010-01-04 | CVE-2009-4547 | Viart | Cross-Site Scripting vulnerability in Viart CMS 3.3.2 Multiple cross-site scripting (XSS) vulnerabilities in ViArt CMS 3.x allow remote attackers to inject arbitrary web script or HTML via the (1) category_id parameter to forums.php, or the forum_id parameter to (2) forum.php or (3) forum_topic_new.php. | 4.3 |
2010-01-04 | CVE-2009-4544 | Cromosoft | Cross-Site Scripting vulnerability in Cromosoft Facil Helpdesk 2.3 Cross-site scripting (XSS) vulnerability in kbase/kbase.php in Cromosoft Technologies Facil Helpdesk 2.3 Lite allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. | 4.3 |
2010-01-04 | CVE-2009-4542 | Isolsoft | Cross-Site Scripting vulnerability in Isolsoft Support Center 2.5 Cross-site scripting (XSS) vulnerability in newticket.php in IsolSoft Support Center 2.5 allows remote attackers to inject arbitrary web script or HTML via the lang parameter. | 4.3 |
2010-01-04 | CVE-2009-4539 | Sqlitemanager | Cross-Site Scripting vulnerability in Sqlitemanager 1.2.0 Cross-site scripting (XSS) vulnerability in main.php in SQLiteManager 1.2.0 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter. | 4.3 |
3 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2010-01-05 | CVE-2009-4567 | Viscacha | Cross-Site Scripting vulnerability in Viscacha 0.8 Multiple cross-site scripting (XSS) vulnerabilities in editprofile.php in Viscacha 0.8 Gold allow remote authenticated users to inject arbitrary web script or HTML via the (1) skype, (2) yahoo, (3) aol, (4) msn, or (5) jabber parameter in a profile2 action. | 3.5 |
2010-01-04 | CVE-2009-4559 | Nanwich Drupal | Cross-Site Scripting vulnerability in Nanwich Submitted BY Cross-site scripting (XSS) vulnerability in the Submitted By module 6.x before 6.x-1.3 for Drupal allows remote authenticated users, with "administer content types" privileges, to inject arbitrary web script or HTML via an input string for "submitted by" text. | 3.5 |
2010-01-04 | CVE-2009-4557 | Unleashedmind Drupal | Cross-Site Scripting vulnerability in Unleashedmind IMG Assist Cross-site scripting (XSS) vulnerability in the Image Assist module 5.x-1.x before 5.x-1.8, 5.x-2.x before 2.0-alpha4, 6.x-1.x before 6.x-1.1, 6.x-2.x before 2.0-alpha4, and 6.x-3.x-dev before 2009-07-15, a module for Drupal, allows remote authenticated users, with image-node creation privileges, to inject arbitrary web script or HTML via a node title. | 2.1 |