Weekly Vulnerabilities Reports > April 26 to May 2, 2010
Overview
84 new vulnerabilities reported during this period, including 3 critical vulnerabilities and 20 high severity vulnerabilities. This weekly summary report vulnerabilities in 81 products from 68 vendors including Joomla, Moodle, Drupal, IBM, and HP. Vulnerabilities are notably categorized as "Cross-site Scripting", "Path Traversal", "SQL Injection", "Improper Input Validation", and "Cross-Site Request Forgery (CSRF)".
- 80 reported vulnerabilities are remotely exploitables.
- 32 reported vulnerabilities have public exploit available.
- 49 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 74 reported vulnerabilities are exploitable by an anonymous user.
- Joomla has the most reported vulnerabilities, with 13 reported vulnerabilities.
- Mozilla has the most reported critical vulnerabilities, with 1 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
3 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2010-04-29 | CVE-2010-1608 | IBM | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Lotus Notes 8.5/8.5.1/8.5.1.1 Stack-based buffer overflow in IBM Lotus Notes 8.5 and 8.5fp1, and possibly other versions, allows remote attackers to execute arbitrary code via unknown attack vectors, as demonstrated by the vd_ln module in VulnDisco 9.0. | 10.0 |
2010-04-29 | CVE-2010-1597 | Zipgenius | Buffer Errors vulnerability in Zipgenius 6.3.1.2552 Stack-based buffer overflow in zgtips.dll in ZipGenius 6.3.1.2552 allows user-assisted remote attackers to execute arbitrary code via a ZIP file containing an entry with a long filename. | 9.3 |
2010-04-28 | CVE-2010-1585 | Mozilla | Improper Input Validation vulnerability in Mozilla Firefox, Seamonkey and Thunderbird The nsIScriptableUnescapeHTML.parseFragment method in the ParanoidFragmentSink protection mechanism in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 does not properly sanitize HTML in a chrome document, which makes it easier for remote attackers to execute arbitrary JavaScript with chrome privileges via a javascript: URI in input to an extension, as demonstrated by a javascript:alert sequence in (1) the HREF attribute of an A element or (2) the ACTION attribute of a FORM element. | 9.3 |
20 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2010-04-29 | CVE-2010-1615 | Moodle | SQL Injection vulnerability in Moodle Multiple SQL injection vulnerabilities in Moodle 1.8.x before 1.8.12 and 1.9.x before 1.9.8 allow remote attackers to execute arbitrary SQL commands via vectors related to (1) the add_to_log function in mod/wiki/view.php in the wiki module, or (2) "data validation in some forms elements" related to lib/form/selectgroups.php. | 7.5 |
2010-04-29 | CVE-2010-1605 | Ncrypted | SQL Injection vulnerability in Ncrypted NCT Jobs Portal Script Multiple SQL injection vulnerabilities in isearch.php in NCT Jobs Portal Script allow remote attackers to execute arbitrary SQL commands via the (1) anyword and (2) cityname parameters. | 7.5 |
2010-04-29 | CVE-2010-1603 | Zimbllc Joomla | Path Traversal vulnerability in Zimbllc COM Zimbcore 0.1 Directory traversal vulnerability in the ZiMB Core (aka ZiMBCore or com_zimbcore) component 0.1 in the ZiMB Manager collection for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. | 7.5 |
2010-04-29 | CVE-2010-1602 | Zimbllc Joomla | Path Traversal vulnerability in Zimbllc COM Zimbcomment 0.8.1 Directory traversal vulnerability in the ZiMB Comment (com_zimbcomment) component 0.8.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. | 7.5 |
2010-04-29 | CVE-2010-1600 | Thefactory Joomla | SQL Injection vulnerability in Thefactory COM Mediamall 1.0.4 SQL injection vulnerability in the Media Mall Factory (com_mediamall) component 1.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter to index.php. | 7.5 |
2010-04-29 | CVE-2010-1599 | Nkinfoweb | SQL Injection vulnerability in Nkinfoweb 2.5/5.2.2.0 SQL injection vulnerability in loadorder.php in NKInFoWeb 2.5 and 5.2.2.0 allows remote attackers to execute arbitrary SQL commands via the id_sp parameter. | 7.5 |
2010-04-28 | CVE-2010-1595 | Ocsinventory NG | SQL Injection vulnerability in Ocsinventory-Ng OCS Inventory NG 1.02.1 Multiple SQL injection vulnerabilities in ocsreports/index.php in OCS Inventory NG 1.02.1 allow remote attackers to execute arbitrary SQL commands via the (1) c, (2) val_1, or (3) onglet_bis parameter. | 7.5 |
2010-04-28 | CVE-2010-1588 | Vpasp | SQL Injection vulnerability in Vpasp Vp-Asp Shopping Cart 5.50/6.00 SQL injection vulnerability in the Getwebsess function in shopsessionsubs.asp in Rocksalt International VP-ASP Shopping Cart 6.50 and earlier allows remote attackers to execute arbitrary SQL commands via the websess parameter. | 7.5 |
2010-04-28 | CVE-2010-1428 | Redhat | Unspecified vulnerability in Redhat Jboss Enterprise Application Platform 4.2.0/4.3.0 The Web Console (aka web-console) in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to obtain sensitive information via an unspecified request that uses a different method. | 7.5 |
2010-04-27 | CVE-2010-1559 | Martin Hess Joomla | SQL Injection vulnerability in Martin Hess COM Sermonspeaker 3.2.1 SQL injection vulnerability in the SermonSpeaker (com_sermonspeaker) component before 3.2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a speakerpopup action to index.php. | 7.5 |
2010-04-27 | CVE-2009-4830 | Openx | Improper Authentication vulnerability in Openx 2.8.1/2.8.2 Unspecified vulnerability in OpenX 2.8.1 and 2.8.2 allows remote attackers to bypass authentication and obtain access to an Administrator account via unknown vectors, possibly related to www/admin/install.php, www/admin/install-plugins.php, and other www/admin/ files. | 7.5 |
2010-04-27 | CVE-2009-4824 | Kolab | Unspecified vulnerability in Kolab Groupware Server Image Upload Form Unspecified vulnerability in Kolab Webclient before 1.2.0 in Kolab Server before 2.2.3 allows attackers to have an unspecified impact via vectors related to an "image upload form." | 7.5 |
2010-04-26 | CVE-2010-1538 | Bluestrikeweb | SQL Injection vulnerability in Bluestrikeweb PHPraincheck SQL injection vulnerability in print_raincheck.php in phpRAINCHECK 1.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2010-04-26 | CVE-2010-1537 | Francois Bissonnette | Path Traversal vulnerability in Francois Bissonnette PHPcdb Multiple directory traversal vulnerabilities in phpCDB 1.0 and earlier allow remote attackers to include and execute arbitrary local files via a .. | 7.5 |
2010-04-26 | CVE-2010-1535 | Peter Hocherl Joomla | Path Traversal vulnerability in Peter Hocherl COM Travelbook 1.0.1 Directory traversal vulnerability in the TRAVELbook (com_travelbook) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. | 7.5 |
2010-04-26 | CVE-2010-1533 | Peter Hocherl Joomla | Path Traversal vulnerability in Peter Hocherl COM Tweetla 1.0.1 Directory traversal vulnerability in the TweetLA (com_tweetla) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files via a .. | 7.5 |
2010-04-26 | CVE-2010-1531 | Redcomponent Joomla | Path Traversal vulnerability in Redcomponent COM Redshop Directory traversal vulnerability in the redSHOP (com_redshop) component 1.0.x for Joomla! allows remote attackers to read arbitrary files via a .. | 7.5 |
2010-04-26 | CVE-2010-1529 | Freestyle Joomla | SQL Injection vulnerability in Freestyle Faqs Lite 1.3 SQL injection vulnerability in the Freestyle FAQs Lite (com_fsf) component, possibly 1.3, for Joomla! allows remote attackers to execute arbitrary SQL commands via the faqid parameter in an faq action to index.php. | 7.5 |
2010-04-29 | CVE-2009-4832 | Deslock | Permissions, Privileges, and Access Controls vulnerability in Deslock Deslock+ 4.0.2 The dlpcrypt.sys kernel driver 0.1.1.27 in DESlock+ 4.0.2 allows local users to gain privileges via a crafted IOCTL 0x80012010 request to the DLPCryptCore device. | 7.2 |
2010-04-28 | CVE-2010-1591 | Rising Global | Improper Input Validation vulnerability in Rising-Global Rising Antivirus 2008/2009/2010 Beijing Rising International Rising Antivirus 2008 through 2010 does not properly validate input to certain IOCTLs, including 0x83003C07, which allows local users to gain privileges via crafted IOCTL requests to the (1) HookCont.sys, (2) HookNtos.sys, (3) HOOKREG.sys, or (4) HookSys.sys device driver; or the (5) RsNTGdi.sys kernel module, reachable through \Device\RSNTGDI. | 7.2 |
57 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2010-04-28 | CVE-2010-1592 | Sisoftware | Improper Input Validation vulnerability in Sisoftware Sandra sandra.sys 15.18.1.1 and earlier in the Sandra Device Driver in SiSoftware Sandra 16.10.2010.1 and earlier allows local users to gain privileges or cause a denial of service (system crash) via unspecified vectors involving "Model-Specific Registers." | 6.9 |
2010-04-29 | CVE-2010-1613 | Moodle | Improper Authentication vulnerability in Moodle Moodle 1.8.x and 1.9.x before 1.9.8 does not enable the "Regenerate session id during login" setting by default, which makes it easier for remote attackers to conduct session fixation attacks. | 6.8 |
2010-04-29 | CVE-2010-1611 | Alegrocart | Cross-Site Request Forgery (CSRF) vulnerability in Alegrocart 1.1 Cross-site request forgery (CSRF) vulnerability in AlegroCart 1.1 allows remote attackers to hijack the authentication of the administrator for requests that reset the administrator password via a POST to admin/ with an update action. | 6.8 |
2010-04-29 | CVE-2010-1610 | Opencart | Cross-Site Request Forgery (CSRF) vulnerability in Opencart 1.4 Cross-site request forgery (CSRF) vulnerability in index.php in OpenCart 1.4 allows remote attackers to hijack the authentication of an application administrator for requests that create an administrative account via a POST request with the route parameter set to "user/user/insert." NOTE: some of these details are obtained from third party information. | 6.8 |
2010-04-29 | CVE-2010-1607 | Paysyspro Joomla | Path Traversal vulnerability in Paysyspro COM WMI 1.5.0 Directory traversal vulnerability in wmi.php in the Webmoney Web Merchant Interface (aka WMI or com_wmi) component 1.5.0 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |
2010-04-29 | CVE-2010-1604 | Ncrypted | SQL Injection vulnerability in Ncrypted NCT Jobs Portal Script Multiple SQL injection vulnerabilities in admin_login.php in NCT Jobs Portal Script allow remote attackers to execute arbitrary SQL commands via the (1) user parameter (aka login field) and (2) passwd parameter (aka password field). | 6.8 |
2010-04-29 | CVE-2010-1598 | Silisoftware | Improper Input Validation vulnerability in Silisoftware PHPthumb() 1.7.9 phpThumb.php in phpThumb() 1.7.9 and possibly other versions, when ImageMagick is installed, allows remote attackers to execute arbitrary commands via the fltr[] parameter, as discovered in the wild in April 2010. | 6.8 |
2010-04-28 | CVE-2010-1596 | Sitracker | Improper Authentication vulnerability in Sitracker Support Incident Tracker Support Incident Tracker before 3.51, when using LDAP authentication with anonymous binds, allows remote attackers to bypass authentication via an empty password. | 6.8 |
2010-04-28 | CVE-2010-1037 | HP | Cross-Site Request Forgery (CSRF) vulnerability in HP Systems Insight Manager Cross-site request forgery (CSRF) vulnerability in HP System Insight Manager before 6.0 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | 6.8 |
2010-04-27 | CVE-2009-4828 | Phpwebscripts | Cross-Site Request Forgery (CSRF) vulnerability in PHPwebscripts AD Manager PRO 3.0 Cross-site request forgery (CSRF) vulnerability in administration/admins.php in Ad Manager Pro (aka AdManagerPro) 3.0 allows remote attackers to hijack the authentication of administrators for requests that create new administrative users via an admin_created action. | 6.8 |
2010-04-27 | CVE-2009-4827 | Scriptez | Cross-Site Request Forgery (CSRF) vulnerability in Scriptez Mail Manager PRO Cross-site request forgery (CSRF) vulnerability in admin.php in Mail Manager Pro allows remote attackers to hijack the authentication of administrators for requests that change the admin password via a change action. | 6.8 |
2010-04-27 | CVE-2009-4826 | Scriptsez | Cross-Site Request Forgery (CSRF) vulnerability in Scriptsez Mini Hosting Panel Cross-site request forgery (CSRF) vulnerability in hosting/admin_ac.php in ScriptsEz Mini Hosting Panel allows remote attackers to hijack the authentication of administrators for requests that alter administrative settings via a cp action. | 6.8 |
2010-04-27 | CVE-2009-4819 | Stoverud | Unspecified vulnerability in Stoverud PHPhotoalbum 0.3/0.4/0.5 Multiple unrestricted file upload vulnerabilities in upload.php in PHPhotoalbum allow remote attackers to execute arbitrary code by uploading a file with a (1) .php.pgif or (2) .php.pjpeg double extension, then accessing it via a direct request to the file in albums/userpics/. | 6.8 |
2010-04-27 | CVE-2009-4818 | Phpsimplicity | Unspecified vulnerability in PHPsimplicity Simplicity of Upload 1.3.2 Unrestricted file upload vulnerability in upload.php in PHPSimplicity Simplicity oF Upload 1.3.2 allows remote attackers to execute arbitrary PHP code by uploading a file with a double extension, as demonstrated by .php.gif. | 6.8 |
2010-04-27 | CVE-2009-4817 | Element IT | Unspecified vulnerability in Element-It Ultimate Uploader 1.3.0 Unrestricted file upload vulnerability in Element-IT Ultimate Uploader 1.3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in upload/. | 6.8 |
2010-04-26 | CVE-2010-1542 | Dragonfrugal | Cross-Site Request Forgery (CSRF) vulnerability in Dragonfrugal DFD Cart Multiple cross-site request forgery (CSRF) vulnerabilities in admin/configure.php in DFD Cart 1.198, 1.197, and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) conduct cross-site scripting (XSS) attacks or (2) change unspecified settings. | 6.8 |
2010-04-26 | CVE-2010-1528 | Uiga | Code Injection vulnerability in Uiga Proxy PHP remote file inclusion vulnerability in include/template.php in Uiga Proxy, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the content parameter. | 6.8 |
2010-04-28 | CVE-2010-1038 | HP | Remote Privilege Escalation vulnerability in HP Systems Insight Manager Unspecified vulnerability in HP System Insight Manager before 6.0 allows remote authenticated users to gain privileges via unknown vectors. | 6.5 |
2010-04-29 | CVE-2009-4833 | Oracle | Improper Input Validation vulnerability in Oracle Mysql Connector/Net MySQL Connector/NET before 6.0.4, when using encryption, does not verify SSL certificates during connection, which allows remote attackers to perform a man-in-the-middle attack with a spoofed SSL certificate. | 5.8 |
2010-04-29 | CVE-2009-4831 | Cerulean Studios | Improper Certificate Validation vulnerability in Cerulean Studios Trillian 3.1 Cerulean Studios Trillian 3.1 Basic does not check SSL certificates during MSN authentication, which allows remote attackers to obtain MSN credentials via a man-in-the-middle attack with a spoofed SSL certificate. | 5.8 |
2010-04-28 | CVE-2010-0738 | Redhat | Unspecified vulnerability in Redhat Jboss Enterprise Application Platform 4.2.0/4.3.0 The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method. | 5.3 |
2010-04-29 | CVE-2010-1612 | IBM Qlogic | Denial of Service vulnerability in IBM Datapower XS40 Malformed ICMP Packet The IBM WebSphere DataPower XML Accelerator XA35, Low Latency Appliance XM70, Integration Appliance XI50, B2B Appliance XB60, and XML Security Gateway XS40 SOA Appliances before 3.8.0.0, when a QLOGIC Ethernet interface is used, allow remote attackers to cause a denial of service (interface outage) via malformed ICMP packets to the 0.0.0.0 destination IP address. | 5.0 |
2010-04-29 | CVE-2010-1601 | Joomlamart Joomla | Path Traversal vulnerability in Joomlamart COM Jacomment Directory traversal vulnerability in the JA Comment (com_jacomment) component for Joomla! allows remote attackers to read arbitrary files via a .. | 5.0 |
2010-04-28 | CVE-2010-1589 | Vpasp | Path Traversal vulnerability in Vpasp Vp-Asp Shopping Cart 5.50/6.00 Directory traversal vulnerability in shopsessionsubs.asp in Rocksalt International VP-ASP Shopping Cart 6.50 and earlier might allow remote attackers to determine the existence of arbitrary files via directory traversal sequences in the client's DNS hostname (aka the REMOTE_HOST variable), related to the CookielessGenerateFilename and CookielessReadFile functions. | 5.0 |
2010-04-28 | CVE-2010-1587 | Apache | Improper Input Validation vulnerability in Apache Activemq The Jetty ResourceHandler in Apache ActiveMQ 5.x before 5.3.2 and 5.4.x before 5.4.0 allows remote attackers to read JSP source code via a // (slash slash) initial substring in a URI for (1) admin/index.jsp, (2) admin/queues.jsp, or (3) admin/topics.jsp. | 5.0 |
2010-04-27 | CVE-2009-4825 | 8Pixel | Permissions, Privileges, and Access Controls vulnerability in 8Pixel Simple Blog 4.0 8pixel.net Blog 4 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for App_Data/sb.mdb. | 5.0 |
2010-04-27 | CVE-2009-4821 | Dlink | Improper Authentication vulnerability in Dlink Dir-615 3.10Na The D-Link DIR-615 with firmware 3.10NA does not require administrative authentication for apply.cgi, which allows remote attackers to (1) change the admin password via the admin_password parameter, (2) disable the security requirement for the Wi-Fi network via unspecified vectors, or (3) modify DNS settings via unspecified vectors. | 5.0 |
2010-04-27 | CVE-2009-4820 | Aspindir | Permissions, Privileges, and Access Controls vulnerability in Aspindir Angelo-Emlak 1.0 Angelo-Emlak 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for veribaze/angelo.mdb. | 5.0 |
2010-04-27 | CVE-2009-4816 | Andy Stedemos | Path Traversal vulnerability in Andy Stedemos the Uploader 2.0.0 Directory traversal vulnerability in api/download_checker.php in MegaLab The Uploader 2.0 allows remote attackers to read arbitrary files via a .. | 5.0 |
2010-04-27 | CVE-2009-4812 | Wolfram | Information Exposure vulnerability in Wolfram Webmathematica 2.3/3.0 Wolfram Research webMathematica allows remote attackers to obtain sensitive information via a direct request to the MSP script, which reveals the installation path in an error message. | 5.0 |
2010-04-26 | CVE-2010-1544 | Acme RCA | Improper Input Validation vulnerability in multiple products micro_httpd on the RCA DCM425 cable modem allows remote attackers to cause a denial of service (device reboot) via a long string to TCP port 80. | 5.0 |
2010-04-26 | CVE-2010-1540 | Myblog Joomla | Path Traversal vulnerability in Myblog COM Myblog 3.0.329 Directory traversal vulnerability in index.php in the MyBlog (com_myblog) component 3.0.329 for Joomla! allows remote attackers to read arbitrary files via a .. | 5.0 |
2010-04-26 | CVE-2010-1534 | Joomla Batjo Joomla | Path Traversal vulnerability in Joomla.Batjo COM Shoutbox 1.2/1.3 Directory traversal vulnerability in the Shoutbox Pro (com_shoutbox) component for Joomla! allows remote attackers to read arbitrary files via a .. | 5.0 |
2010-04-26 | CVE-2010-1532 | Givesight Joomla | Path Traversal vulnerability in Givesight COM Powermail 1.53 Directory traversal vulnerability in the givesight PowerMail Pro (com_powermail) component 1.5.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. | 5.0 |
2010-04-27 | CVE-2010-0105 | Apple | Local Denial of Service vulnerability in Apple Mac OS X HFS Hard Links The hfs implementation in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 supports hard links to directories and does not prevent certain deeply nested directory structures, which allows local users to cause a denial of service (filesystem corruption) via a crafted application that calls the mkdir and link functions, related to the fsck_hfs program in the diskdev_cmds component. | 4.9 |
2010-04-29 | CVE-2010-1619 | Moodle | Cross-Site Scripting vulnerability in Moodle Cross-site scripting (XSS) vulnerability in the fix_non_standard_entities function in the KSES HTML text cleaning library (weblib.php), as used in Moodle 1.8.x before 1.8.12 and 1.9.x before 1.9.8, allows remote attackers to inject arbitrary web script or HTML via crafted HTML entities. | 4.3 |
2010-04-29 | CVE-2010-1618 | JA SIG Moodle | Cross-Site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the phpCAS client library before 1.1.0, as used in Moodle 1.8.x before 1.8.12 and 1.9.x before 1.9.8, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, which is not properly handled in an error message. | 4.3 |
2010-04-29 | CVE-2010-1614 | Moodle | Cross-Site Scripting vulnerability in Moodle Multiple cross-site scripting (XSS) vulnerabilities in Moodle 1.8.x before 1.8.12 and 1.9.x before 1.9.8 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) the Login-As feature or (2) when the global search feature is enabled, unspecified global search forms in the Global Search Engine. | 4.3 |
2010-04-29 | CVE-2010-0817 | Microsoft | Cross-Site Scripting vulnerability in Microsoft Sharepoint Server and Sharepoint Services Cross-site scripting (XSS) vulnerability in _layouts/help.aspx in Microsoft SharePoint Server 2007 12.0.0.6421 and possibly earlier, and SharePoint Services 3.0 SP1 and SP2, versions, allows remote attackers to inject arbitrary web script or HTML via the cid0 parameter. | 4.3 |
2010-04-29 | CVE-2010-1609 | SAP | Cross-Site Scripting vulnerability in SAP Netweaver 4.0/7.0 Cross-site scripting (XSS) vulnerability in SAP NetWeaver 2004 before SP21 and 2004s before SP13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2010-04-29 | CVE-2010-1606 | Ncrypted | Cross-Site Scripting vulnerability in Ncrypted NCT Jobs Portal Script Multiple cross-site scripting (XSS) vulnerabilities in NCT Jobs Portal Script allow remote attackers to inject arbitrary web script or HTML via the (1) search, (2) Keywords, (3) Tags, or (4) Desired City field. | 4.3 |
2010-04-28 | CVE-2010-1594 | Ocsinventory NG | Cross-Site Scripting vulnerability in Ocsinventory-Ng OCS Inventory NG 1.02.1 Multiple cross-site scripting (XSS) vulnerabilities in ocsreports/index.php in OCS Inventory NG 1.02.1 allow remote attackers to inject arbitrary web script or HTML via (1) the query string, (2) the BASE parameter, or (3) the ega_1 parameter. | 4.3 |
2010-04-28 | CVE-2010-1593 | Silverstripe | Cross-Site Scripting vulnerability in Silverstripe Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe before 2.3.5 allow remote attackers to inject arbitrary web script or HTML via (1) the CommenterURL parameter to PostCommentForm, and in the Forum module before 0.2.5 in SilverStripe before 2.3.5 allow remote attackers to inject arbitrary web script or HTML via (2) the Search parameter to forums/search (aka the search script). | 4.3 |
2010-04-28 | CVE-2010-1590 | Vpasp | Cross-Site Scripting vulnerability in Vpasp Vp-Asp Shopping Cart 5.50/6.00 Cross-site scripting (XSS) vulnerability in shopsessionsubs.asp in Rocksalt International VP-ASP Shopping Cart 6.50 and earlier might allow remote attackers to inject arbitrary web script or HTML via the client's DNS hostname (aka the REMOTE_HOST variable), related to the CookielessGenerateFilename and CookielessReadFile functions. | 4.3 |
2010-04-28 | CVE-2010-1586 | HP | Improper Input Validation vulnerability in HP System Management Homepage Open redirect vulnerability in red2301.html in HP System Management Homepage (SMH) 2.x.x.x allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the RedirectUrl parameter. | 4.3 |
2010-04-28 | CVE-2010-1036 | HP | Cross-Site Scripting vulnerability in HP Systems Insight Manager Cross-site scripting (XSS) vulnerability in HP System Insight Manager before 6.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2010-04-27 | CVE-2009-4823 | Cpanel | Cross-Site Scripting vulnerability in Cpanel Cross-site scripting (XSS) vulnerability in frontend/x3/files/fileop.html in cPanel 11.0 through 11.24.7 allows remote attackers to inject arbitrary web script or HTML via the fileop parameter. | 4.3 |
2010-04-27 | CVE-2009-4822 | Kasseler CMS | Cross-Site Scripting vulnerability in Kasseler-Cms Kasseler CMS 1.3.4 Multiple cross-site scripting (XSS) vulnerabilities in index.php in Kasseler CMS 1.3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) do, (2) id, and (3) uname parameters. | 4.3 |
2010-04-27 | CVE-2009-4814 | Wolfram | Cross-Site Scripting vulnerability in Wolfram Webmathematica 2.3/3.0 Cross-site scripting (XSS) vulnerability in Wolfram Research webMathematica allows remote attackers to inject arbitrary web script or HTML via the URI to the MSP script. | 4.3 |
2010-04-27 | CVE-2009-4813 | Mybboard | Cross-Site Scripting vulnerability in Mybboard Mybb 1.4.10 Cross-site scripting (XSS) vulnerability in myps.php in MyBB (aka MyBulletinBoard) 1.4.10 allows remote attackers to inject arbitrary web script or HTML via the username parameter in a donate action. | 4.3 |
2010-04-26 | CVE-2010-1543 | Etracker Drupal | Cross-Site Scripting vulnerability in Etracker 6.X1.0/6.X1.Xdev Cross-site scripting (XSS) vulnerability in the eTracker module before 6.x-1.2 for Drupal allows remote attackers to inject arbitrary web script or HTML by appending a crafted string to an arbitrary URL associated with the Drupal site. | 4.3 |
2010-04-26 | CVE-2010-1541 | Dragonfrugal | Cross-Site Scripting vulnerability in Dragonfrugal DFD Cart Multiple cross-site scripting (XSS) vulnerabilities in DFD Cart 1.198, 1.197, and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) category and (2) list_quantity parameters to index.php, and the (3) category parameter to your.order.php. | 4.3 |
2010-04-29 | CVE-2010-1617 | Moodle | Permissions, Privileges, and Access Controls vulnerability in Moodle user/view.php in Moodle 1.8.x before 1.8.12 and 1.9.x before 1.9.8 does not properly check a role, which allows remote authenticated users to obtain the full names of other users via the course profile page. | 4.0 |
2010-04-29 | CVE-2010-1616 | Moodle | Unspecified vulnerability in Moodle Moodle 1.8.x and 1.9.x before 1.9.8 can create new roles when restoring a course, which allows teachers to create new accounts even if they do not have the moodle/user:create capability. | 4.0 |
2010-04-27 | CVE-2010-1560 | IBM | Buffer Errors vulnerability in IBM DB2 8.2/9.1 Buffer overflow in the REPEAT function in IBM DB2 9.1 before FP9 allows remote authenticated users to cause a denial of service (trap) via unspecified vectors. | 4.0 |
2010-04-27 | CVE-2010-0772 | IBM | Unspecified vulnerability in IBM Websphere MQ 7.0.0/7.0.1/7.0.1.1 Unspecified vulnerability in the channel process in IBM WebSphere MQ 7.0 before 7.0.1.2 allows remote authenticated users to cause a denial of service (daemon crash) via "incorrect channel control data." | 4.0 |
2010-04-27 | CVE-2009-4815 | Solarwinds | Path Traversal vulnerability in Solarwinds Serv-U File Server Directory traversal vulnerability in Serv-U before 9.2.0.1 allows remote authenticated users to read arbitrary files via unspecified vectors. | 4.0 |
4 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2010-04-27 | CVE-2009-4829 | James Glasgow John Vandervort Drupal | Cross-Site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the Automated Logout module 6.x-1.x before 6.x-1.7 and 6.x-2.x before 6.x-2.3 for Drupal allows remote authenticated users with administer autologout privileges to inject arbitrary web script or HTML via unspecified vectors. | 2.1 |
2010-04-26 | CVE-2010-1539 | John Vandyk Drupal | Cross-Site Scripting vulnerability in John Vandyk Workflow Cross-site scripting (XSS) vulnerability in the Workflow module 5.x-2.x before 5.x-2.6 and 6.x-1.x before 6.x-1.4 for Drupal, when used with the Token module, might allow remote authenticated users to inject arbitrary web script or HTML via a certain Comment field. | 2.1 |
2010-04-26 | CVE-2010-1536 | Mearra Drupal | Cross-Site Scripting vulnerability in Mearra Addthis Cross-site scripting (XSS) vulnerability in the AddThis Button module 5.x before 5.x-2.2 and 6.x before 6.x-2.9 for Drupal allows remote authenticated users, with administer addthis privileges, to inject arbitrary web script or HTML via unspecified vectors. | 2.1 |
2010-04-26 | CVE-2010-1530 | Reyero Drupal | Cross-Site Scripting vulnerability in Reyero I18N Multiple cross-site scripting (XSS) vulnerabilities in the Internationalization module 6.x before 6.x-1.4 for Drupal allow remote authenticated users, with translate interface or administer blocks privileges, to inject arbitrary web script or HTML via (1) strings used in block translation or (2) the untranslated input. | 2.1 |