Weekly Vulnerabilities Reports > October 31 to November 6, 2011

Overview

128 new vulnerabilities reported during this period, including 18 critical vulnerabilities and 65 high severity vulnerabilities. This weekly summary report vulnerabilities in 140 products from 90 vendors including Joomla, Investintech, Iscripts, HP, and 2Daybiz. Vulnerabilities are notably categorized as "SQL Injection", "Cross-site Scripting", "Resource Management Errors", "Improper Restriction of Operations within the Bounds of a Memory Buffer", and "Code Injection".

  • 122 reported vulnerabilities are remotely exploitables.
  • 63 reported vulnerabilities have public exploit available.
  • 89 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 122 reported vulnerabilities are exploitable by an anonymous user.
  • Joomla has the most reported vulnerabilities, with 17 reported vulnerabilities.
  • Investintech has the most reported critical vulnerabilities, with 8 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

18 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2011-11-03 CVE-2011-3992 Dlink Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Dlink products

Buffer overflow in the SSH server functionality on the D-Link DES-3800 with firmware before 4.50B052, DWL-2100AP with firmware before 2.50RC548, and DWL-3200AP with firmware before 2.55RC549 allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors.

10.0
2011-11-02 CVE-2011-3167 HP Unspecified vulnerability in HP Openview Network Node Manager 7.51/7.53

Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1210.

10.0
2011-11-02 CVE-2011-3166 HP Unspecified vulnerability in HP Openview Network Node Manager 7.51/7.53

Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1209.

10.0
2011-11-02 CVE-2011-3165 HP Unspecified vulnerability in HP Openview Network Node Manager 7.51/7.53

Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1208.

10.0
2011-11-02 CVE-2011-1919 GE Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in GE Intelligent Platforms Proficy Historian

Multiple stack-based buffer overflows in GE Intelligent Platforms Proficy Applications before 4.4.1 SIM 101 and 5.x before 5.0 SIM 43 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted TCP message traffic to (1) PRProficyMgr.exe in Proficy Server Manager, (2) PRGateway.exe in Proficy Server Gateway, (3) PRRDS.exe in Proficy Remote Data Service, or (4) PRLicenseMgr.exe in Proficy Server License Manager.

10.0
2011-11-02 CVE-2011-1918 GE Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in GE Intelligent Platforms Proficy Historian

Stack-based buffer overflow in the Data Archiver service in GE Intelligent Platforms Proficy Historian before 3.5 SIM 17 and 4.x before 4.0 SIM 12 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted TCP message traffic.

10.0
2011-11-01 CVE-2011-4214 Oneorzero Improper Authentication vulnerability in Oneorzero Aims 2.7.0

OneOrZero Action & Information Management System (AIMS) 2.7.0 allows remote attackers to bypass authentication and obtain administrator privileges via a crafted oozimsrememberme cookie.

10.0
2011-11-04 CVE-2011-3991 Ffftp Unspecified vulnerability in Ffftp 1.98

Untrusted search path vulnerability in FFFTP 1.98a and earlier allows local users to execute arbitrary code via unspecified functions.

9.3
2011-11-04 CVE-2011-3402 Microsoft Unspecified vulnerability in Microsoft products

Unspecified vulnerability in the TrueType font parsing engine in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via crafted font data in a Word document or web page, as exploited in the wild in November 2011 by Duqu, aka "TrueType Font Parsing Vulnerability."

9.3
2011-11-03 CVE-2011-4005 Cisco Cross-Site Request Forgery (CSRF) vulnerability in Cisco products

Cross-site request forgery (CSRF) vulnerability in the Services Ready Platform Configuration Utility web interface on the Cisco Small Business SRP521W, SRP526W, and SRP527W with firmware before 1.1.24 and the Small Business SRP541W, SRP546W, and SRP547W with firmware before 1.2.1 allows remote attackers to hijack the authentication of administrators for requests that execute arbitrary commands, aka Bug ID CSCtr45124.

9.3
2011-11-01 CVE-2011-4223 Investintech Unspecified vulnerability in Investintech Absolute PDF Server

Unspecified vulnerability in Investintech.com Absolute PDF Server allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document.

9.3
2011-11-01 CVE-2011-4222 Investintech Unspecified vulnerability in Investintech Able2Extract and Able2Extract Server

Unspecified vulnerability in Investintech.com Able2Extract and Able2Extract Server allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted document.

9.3
2011-11-01 CVE-2011-4221 Investintech Unspecified vulnerability in Investintech Able2Doc

Unspecified vulnerability in Investintech.com Able2Doc and Able2Doc Professional allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted document.

9.3
2011-11-01 CVE-2011-4220 Investintech Permissions, Privileges, and Access Controls vulnerability in Investintech Slimpdf Reader

Investintech.com SlimPDF Reader does not properly restrict the arguments to unspecified function calls, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document.

9.3
2011-11-01 CVE-2011-4219 Investintech Resource Management Errors vulnerability in Investintech Slimpdf Reader

Investintech.com SlimPDF Reader does not prevent faulting-address data from affecting branch selection, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document.

9.3
2011-11-01 CVE-2011-4218 Investintech Resource Management Errors vulnerability in Investintech Slimpdf Reader

Investintech.com SlimPDF Reader does not prevent faulting-instruction data from affecting write operations, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document.

9.3
2011-11-01 CVE-2011-4217 Investintech Permissions, Privileges, and Access Controls vulnerability in Investintech Slimpdf Reader

Investintech.com SlimPDF Reader does not properly restrict read operations during block data moves, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document.

9.3
2011-11-01 CVE-2011-4216 Investintech Permissions, Privileges, and Access Controls vulnerability in Investintech Slimpdf Reader

Investintech.com SlimPDF Reader does not properly restrict write operations, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document.

9.3

65 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2011-11-01 CVE-2011-0941 Cisco Resource Management Errors vulnerability in Cisco IOS and Unified Communications Manager

Memory leak in Cisco Unified Communications Manager (CUCM) 6.x before 6.1(5)su2, 7.x before 7.1(5b)su3, 8.x before 8.0(3a)su1, and 8.5 before 8.5(1), and Cisco IOS 12.4 and 15.1, allows remote attackers to cause a denial of service (memory consumption and process failure or device reload) via a malformed SIP message, aka Bug IDs CSCti75128 and CSCtj09179.

7.8
2011-11-04 CVE-2011-4066 SIR SQL Injection vulnerability in SIR Gnuboard

SQL injection vulnerability in bbs/tb.php in Gnuboard 4.33.02 and earlier allows remote attackers to execute arbitrary SQL commands via the PATH_INFO.

7.5
2011-11-04 CVE-2011-3989 Hiroyuki Oyama SQL Injection vulnerability in Hiroyuki Oyama Dbd::Mysqlpp 0.01/0.02/0.03

SQL injection vulnerability in DBD::mysqlPP 0.04 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5
2011-11-04 CVE-2011-1513 E107 OS Command Injection vulnerability in E107

Static code injection vulnerability in install_.php in e107 CMS 0.7.24 and probably earlier versions, when the installation script is not removed, allows remote attackers to inject arbitrary PHP code into e107_config.php via a crafted MySQL server name.

7.5
2011-11-03 CVE-2011-3379 PHP Code Injection vulnerability in PHP 5.3.7/5.3.8

The is_a function in PHP 5.3.7 and 5.3.8 triggers a call to the __autoload function, which makes it easier for remote attackers to execute arbitrary code by providing a crafted URL and leveraging potentially unsafe behavior in certain PEAR packages and custom autoloaders.

7.5
2011-11-02 CVE-2010-5041 John Bradshaw
Nucleuscms
SQL Injection vulnerability in John Bradshaw NP Gallery Plugin 0.94

SQL injection vulnerability in index.php in the NP_Gallery plugin 0.94 for Nucleus allows remote attackers to execute arbitrary SQL commands via the id parameter in a plugin action.

7.5
2011-11-02 CVE-2010-5039 Scriptsfeed SQL Injection vulnerability in Scriptsfeed Recipes Listing Portal 1.0

SQL injection vulnerability in control/admin_login.php in ScriptsFeed Recipes Listing Portal 1.0 allows remote attackers to execute arbitrary SQL commands via the loginid parameter (aka the UserName field).

7.5
2011-11-02 CVE-2010-5038 Groonesworld Code Injection vulnerability in Groonesworld Simple Contact Form

PHP remote file inclusion vulnerability in contact/contact.php in Groone's Simple Contact Form allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter.

7.5
2011-11-02 CVE-2010-5037 Michau Enterprises SQL Injection vulnerability in Michau Enterprises Sensesites Commonsense CMS

SQL injection vulnerability in article.php in SenseSites CommonSense CMS allows remote attackers to execute arbitrary SQL commands via the article_id parameter.

7.5
2011-11-02 CVE-2010-5036 Iscripts SQL Injection vulnerability in Iscripts Eswap 2.0

SQL injection vulnerability in addsale.php in iScripts eSwap 2.0 allows remote attackers to execute arbitrary SQL commands via the type parameter.

7.5
2011-11-02 CVE-2010-5034 Iscripts SQL Injection vulnerability in Iscripts Easybiller 1.1

SQL injection vulnerability in viewhistorydetail.php in iScripts EasyBiller 1.1 allows remote attackers to execute arbitrary SQL commands via the planid parameter.

7.5
2011-11-02 CVE-2010-5033 Fusebox SQL Injection vulnerability in Fusebox 5.5.1

SQL injection vulnerability in ProductList.cfm in Fusebox 5.5.1 allows remote attackers to execute arbitrary SQL commands via the CatDisplay parameter.

7.5
2011-11-02 CVE-2010-5032 Tamlyncreative
Joomla
SQL Injection vulnerability in Tamlyncreative COM Bfquiztrial

SQL injection vulnerability in the BF Quiz (com_bfquiztrial) component before 1.3.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a bfquiztrial action to index.php.

7.5
2011-11-02 CVE-2010-5029 Codefabrik SQL Injection vulnerability in Codefabrik Ecomat CMS 5.0

SQL injection vulnerability in index.php in Ecomat CMS 5.0 allows remote attackers to execute arbitrary SQL commands via the show parameter in a web action.

7.5
2011-11-02 CVE-2010-5028 Harmistechnology
Joomla
SQL Injection vulnerability in Harmistechnology COM Jejob 1.0

SQL injection vulnerability in the JExtensions JE Job (com_jejob) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an item action to index.php.

7.5
2011-11-02 CVE-2010-5023 Cramerdev SQL Injection vulnerability in Cramerdev Digital Interchange Calendar 5.8.5

SQL injection vulnerability in index.asp in Digital Interchange Calendar 5.8.5 allows remote attackers to execute arbitrary SQL commands via the intDivisionID parameter.

7.5
2011-11-02 CVE-2010-5022 Harmistechnology
Joomla
SQL Injection vulnerability in Harmistechnology COM Jesubmit 1.4

SQL injection vulnerability in the JExtensions JE Story Submit (com_jesubmit) component 1.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the view parameter to index.php.

7.5
2011-11-02 CVE-2010-5021 Cramerdev SQL Injection vulnerability in Cramerdev Document Library 5.8.5

SQL injection vulnerability in view_group.asp in Digital Interchange Document Library 5.8.5 allows remote attackers to execute arbitrary SQL commands via the intGroupID parameter.

7.5
2011-11-02 CVE-2010-5020 Netartmedia SQL Injection vulnerability in Netartmedia Iboutique 4.0

SQL injection vulnerability in index.php in NetArt Media iBoutique 4.0 allows remote attackers to execute arbitrary SQL commands via the page parameter.

7.5
2011-11-02 CVE-2010-5019 2Daybiz SQL Injection vulnerability in 2Daybiz Online Classified Script

SQL injection vulnerability in view_photo.php in 2daybiz Online Classified Script allows remote attackers to execute arbitrary SQL commands via the alb parameter.

7.5
2011-11-02 CVE-2010-5017 Eliteladders SQL Injection vulnerability in Eliteladders Elite Gaming Ladders 3.0

SQL injection vulnerability in stats.php in Elite Gaming Ladders 3.0 allows remote attackers to execute arbitrary SQL commands via the account parameter.

7.5
2011-11-02 CVE-2010-5016 Eliteladders SQL Injection vulnerability in Eliteladders Elite Gaming Ladders 3.0/3.2/3.5

SQL injection vulnerability in matchdb.php in Elite Gaming Ladders 3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the match parameter.

7.5
2011-11-02 CVE-2010-5015 2Daybiz SQL Injection vulnerability in 2Daybiz Network Community Script

SQL injection vulnerability in view_photo.php in 2daybiz Network Community Script allows remote attackers to execute arbitrary SQL commands via the alb parameter.

7.5
2011-11-02 CVE-2010-5014 Eliteladders SQL Injection vulnerability in Eliteladders Elite Gaming Ladders 3.5

SQL injection vulnerability in standings.php in Elite Gaming Ladders 3.5 allows remote attackers to execute arbitrary SQL commands via the ladder[id] parameter.

7.5
2011-11-02 CVE-2010-5013 Mckenziecreations SQL Injection vulnerability in Mckenziecreations Virtual Real Estate Manager 3.5

SQL injection vulnerability in listing_detail.asp in Mckenzie Creations Virtual Real Estate Manager (VRM) 3.5 allows remote attackers to execute arbitrary SQL commands via the Lid parameter.

7.5
2011-11-02 CVE-2010-5012 David Noguera Gutierrez SQL Injection vulnerability in David Noguera Gutierrez Dalogin 2.2/2.2.5

SQL injection vulnerability in new.php in DaLogin 2.2 and 2.2.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2011-11-02 CVE-2010-5011 Schoolmation SQL Injection vulnerability in Schoolmation 2.3

SQL injection vulnerability in schoolmv2/html/studentmain.php in SchoolMation 2.3 allows remote attackers to execute arbitrary SQL commands via the session parameter.

7.5
2011-11-02 CVE-2010-5009 UT Files SQL Injection vulnerability in Ut-Files Utstats

SQL injection vulnerability in index.php in UTStats Beta 4 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter in a matchp action.

7.5
2011-11-02 CVE-2010-5008 Denaliintranet SQL Injection vulnerability in Denaliintranet Brightsuite Groupware 5.4

SQL injection vulnerability in pages/contact_list_mail_form.asp in BrightSuite Groupware 5.4 allows remote attackers to execute arbitrary SQL commands via the ContactID parameter.

7.5
2011-11-02 CVE-2010-5006 Emophp SQL Injection vulnerability in Emophp EMO Realty Manager

SQL injection vulnerability in googlemap/index.php in EMO Realty Manager allows remote attackers to execute arbitrary SQL commands via the cat1 parameter.

7.5
2011-11-02 CVE-2010-5004 2Daybiz SQL Injection vulnerability in 2Daybiz Polls Script

SQL injection vulnerability in searchvote.php in 2daybiz Polls (aka Advanced Poll) Script allows remote attackers to execute arbitrary SQL commands via the category parameter.

7.5
2011-11-02 CVE-2010-5000 JOE Pieruccini SQL Injection vulnerability in JOE Pieruccini Mclogin System 1.1/1.2

SQL injection vulnerability in login/login_index.php in MCLogin System 1.1 and 1.2 allows remote attackers to execute arbitrary SQL commands via the myusername parameter (aka Username field) in a do_login action.

7.5
2011-11-02 CVE-2010-4998 Maulana AL Matien Code Injection vulnerability in Maulana AL Matien Ardeacore PHP Framework 2.2

PHP remote file inclusion vulnerability in ardeaCore/lib/core/ardeaInit.php in ardeaCore PHP Framework 2.2 allows remote attackers to execute arbitrary PHP code via a URL in the pathForArdeaCore parameter.

7.5
2011-11-02 CVE-2010-4997 Olykit SQL Injection vulnerability in Olykit Swoopo Clone 2010

SQL injection vulnerability in index.php in OlyKit Swoopo Clone 2010 allows remote attackers to execute arbitrary SQL commands via the id parameter in a product action.

7.5
2011-11-02 CVE-2011-4075 Phpldapadmin Project Code Injection vulnerability in PHPldapadmin Project PHPldapadmin

The masort function in lib/functions.php in phpLDAPadmin 1.2.x before 1.2.2 allows remote attackers to execute arbitrary PHP code via the orderby parameter (aka sortby variable) in a query_engine action to cmd.php, as exploited in the wild in October 2011.

7.5
2011-11-01 CVE-2010-5003 Autartica
Joomla
SQL Injection vulnerability in Autartica COM Autartimonial 1.0.8

SQL injection vulnerability in the AutarTimonial (com_autartimonial) component 1.0.8 for Joomla! allows remote attackers to execute arbitrary SQL commands via the limit parameter in an autartimonial action to index.php.

7.5
2011-11-01 CVE-2010-5001 Esoftpro SQL Injection vulnerability in Esoftpro Online Contact Manager 3.0

SQL injection vulnerability in view.php in esoftpro Online Contact Manager 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2011-11-01 CVE-2010-4999 Esoftpro SQL Injection vulnerability in Esoftpro Online Photo PRO 2.0

SQL injection vulnerability in index.php in esoftpro Online Photo Pro 2.0 allows remote attackers to execute arbitrary SQL commands via the section parameter.

7.5
2011-11-01 CVE-2010-4996 Esoftpro SQL Injection vulnerability in Esoftpro Online Guestbook PRO 5.1

SQL injection vulnerability in ogp_show.php in esoftpro Online Guestbook Pro 5.1 allows remote attackers to execute arbitrary SQL commands via the search parameter.

7.5
2011-11-01 CVE-2010-4995 Neojoomla
Joomla
SQL Injection vulnerability in Neojoomla COM Neorecruit 1.6.4

SQL injection vulnerability in the NeoRecruit (com_neorecruit) component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in an offer_view action to index.php, a different vector than CVE-2007-4506.

7.5
2011-11-01 CVE-2010-4994 Instantphp
Joomla
SQL Injection vulnerability in Instantphp Jobs PRO 1.6.4

SQL injection vulnerability in the Jobs Pro component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the detailed_results parameter to search_jobs.html.

7.5
2011-11-01 CVE-2010-4993 KAY Messerschmidt
Joomla
SQL Injection vulnerability in KAY Messerschmidt COM Eventcal 1.6.4

SQL injection vulnerability in the eventcal (com_eventcal) component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php.

7.5
2011-11-01 CVE-2010-4992 Paymentsplus
Joomla
SQL Injection vulnerability in Paymentsplus Payments Plus 2.1.5

SQL injection vulnerability in the Payments Plus component 2.1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the type parameter to add.html.

7.5
2011-11-01 CVE-2010-4991 Ninjaforge
Joomla
SQL Injection vulnerability in Ninjaforge Ninjamonials

SQL injection vulnerability in the NinjaMonials (com_ninjamonials) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a display action to index.php.

7.5
2011-11-01 CVE-2010-4990 B Elektro
Joomla
SQL Injection vulnerability in B-Elektro COM Addressbook

SQL injection vulnerability in the Front-edit Address Book (com_addressbook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a contact action to index.php.

7.5
2011-11-01 CVE-2010-4989 Farsi CMS SQL Injection vulnerability in Farsi-Cms Ziggurat Farsi CMS

SQL injection vulnerability in main.asp in Ziggurat Farsi CMS allows remote attackers to execute arbitrary SQL commands via the grp parameter.

7.5
2011-11-01 CVE-2010-4988 Familycms Code Injection vulnerability in Familycms Family Connections WHO IS Chatting 2.2.3

PHP remote file inclusion vulnerability in mod_chatting/themes/default/header.php in Family Connections Who is Chatting 2.2.3 allows remote attackers to execute arbitrary PHP code via a URL in the TMPL[path] parameter.

7.5
2011-11-01 CVE-2010-4987 Kmsoft SQL Injection vulnerability in Kmsoft Guestbook

SQL injection vulnerability in default.asp in KMSoft Guestbook (aka GBook) allows remote attackers to execute arbitrary SQL commands via the p parameter.

7.5
2011-11-01 CVE-2010-4986 Cafuego SQL Injection vulnerability in Cafuego Simple Document Management System 1.1.4/1.1.5/1.1.6

SQL injection vulnerability in detail.php in Simple Document Management System (SDMS) allows remote attackers to execute arbitrary SQL commands via the doc_id parameter.

7.5
2011-11-01 CVE-2010-4984 Mykazaam SQL Injection vulnerability in Mykazaam Notes Management System

SQL injection vulnerability in notes.php in My Kazaam Notes Management System allows remote attackers to execute arbitrary SQL commands via vectors involving the "Enter Reference Number Below" text box.

7.5
2011-11-01 CVE-2010-4983 Iscripts SQL Injection vulnerability in Iscripts Cybermatch 1.0

SQL injection vulnerability in profile.php in iScripts CyberMatch 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2011-11-01 CVE-2010-4982 Mykazaam SQL Injection vulnerability in Mykazaam Address & Contact Organizer

SQL injection vulnerability in address_book/contacts.php in My Kazaam Address & Contact Organizer allows remote attackers to execute arbitrary SQL commands via the var1 parameter.

7.5
2011-11-01 CVE-2010-4981 Yourfreeworld SQL Injection vulnerability in Yourfreeworld Banner Management

SQL injection vulnerability in trackads.php in YourFreeWorld Banner Management allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2011-11-01 CVE-2010-4980 Iscripts SQL Injection vulnerability in Iscripts Reservelogic 1.0

SQL injection vulnerability in packagedetails.php in iScripts ReserveLogic 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter.

7.5
2011-11-01 CVE-2010-4979 Nicholas Berry SQL Injection vulnerability in Nicholas Berry Candid

SQL injection vulnerability in image/view.php in CANDID allows remote attackers to execute arbitrary SQL commands via the image_id parameter.

7.5
2011-11-01 CVE-2010-4977 Miniwork
Joomla
SQL Injection vulnerability in Miniwork COM Canteen 1.0

SQL injection vulnerability in menu.php in the Canteen (com_canteen) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the mealid parameter to index.php.

7.5
2011-11-01 CVE-2010-4975 Techjoomla
Joomla
SQL Injection vulnerability in Techjoomla COM Socialads

SQL injection vulnerability in the Techjoomla SocialAds For JomSocial (com_socialads) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the ads description field in a showad action to index.php.

7.5
2011-11-01 CVE-2010-4974 Brotherscripts SQL Injection vulnerability in Brotherscripts Auto Dealer

SQL injection vulnerability in info.php in BrotherScripts (BS) and ScriptsFeed Auto Dealer allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2011-11-01 CVE-2010-4972 Ypninc SQL Injection vulnerability in Ypninc Jokescript

SQL injection vulnerability in index.php in YPNinc JokeScript allows remote attackers to execute arbitrary SQL commands via the ypncat_id parameter.

7.5
2011-11-01 CVE-2010-4970 Wikiwebhelp SQL Injection vulnerability in Wikiwebhelp Wiki web Help 0.28

SQL injection vulnerability in handlers/getpage.php in Wiki Web Help 0.28 allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2011-11-01 CVE-2010-4969 Brotherscripts SQL Injection vulnerability in Brotherscripts Business Directory

SQL injection vulnerability in articlesdetails.php in BrotherScripts (BS) Business Directory allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2011-11-01 CVE-2010-4968 Webmaster Tips
Joomla
SQL Injection vulnerability in Webmaster-Tips COM Wmtpic 1.0

SQL injection vulnerability in the webmaster-tips.net Flash Gallery (com_wmtpic) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php.

7.5
2011-11-01 CVE-2011-4215 Oneorzero SQL Injection vulnerability in Oneorzero Aims 2.7.0

SQL injection vulnerability in lib/ooz_access.php in OneOrZero Action & Information Management System (AIMS) 2.7.0 allows remote attackers to execute arbitrary SQL commands via the cookieName variable.

7.5
2011-11-01 CVE-2011-1915 Infor SQL Injection vulnerability in Infor Eclient and Enspire Distribution Management Solution

SQL injection vulnerability in eClient 7.3.2.3 in Enspire Distribution Management Solution 7.3.2.7 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5
2011-11-04 CVE-2011-3330 Schneider Electric Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Schneider-Electric products

Buffer overflow in the UnitelWay Windows Device Driver, as used in Schneider Electric Unity Pro 6 and earlier, OPC Factory Server 3.34, Vijeo Citect 7.20 and earlier, Telemecanique Driver Pack 2.6 and earlier, Monitor Pro 7.6 and earlier, and PL7 Pro 4.5 and earlier, allows local users, and possibly remote attackers, to execute arbitrary code via an unspecified system parameter.

7.2

44 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2011-11-04 CVE-2011-3364 Gnome Unspecified vulnerability in Gnome Ifcfg-Rh Plug-In

Incomplete blacklist vulnerability in the svEscape function in settings/plugins/ifcfg-rh/shvar.c in the ifcfg-rh plug-in for GNOME NetworkManager 0.9.1, 0.9.0, 0.8.1, and possibly other versions, when PolicyKit is configured to allow users to create new connections, allows local users to execute arbitrary commands via a newline character in the name for a new network connection, which is not properly handled when writing to the ifcfg file.

6.9
2011-11-04 CVE-2011-3581 Nlnetlabs Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Nlnetlabs Ldns

Heap-based buffer overflow in the ldns_rr_new_frm_str_internal function in ldns before 1.6.11 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Resource Record (RR) with an unknown type containing input that is longer than a specified length.

6.8
2011-11-04 CVE-2011-3164 HP Local Privilege Escalation vulnerability in HP Hp-Ux Containers A.03.00/A.03.00.002/A.03.01

Unspecified vulnerability in HP-UX Containers (formerly HP-UX Secure Resource Partitions (SRP)) A.03.00, A.03.00.002, and A.03.01, when running with patch PHKL_42310, allows local users to gain privileges via unknown vectors.

6.8
2011-11-03 CVE-2011-3994 Skyarc Cross-Site Request Forgery (CSRF) vulnerability in Skyarc products

Cross-site request forgery (CSRF) vulnerability in SKYARC MTCMS before 5.252, and the MultiFileUploader 0.44 and earlier, DuplicateEntry 1.2 and earlier, MailPack 1.741 and earlier, and AutoTagging 0.08 and earlier plugins for Movable Type, allows remote attackers to hijack the authentication of arbitrary users for requests that modify data.

6.8
2011-11-02 CVE-2010-5040 John Bradshaw
Nucleuscms
Code Injection vulnerability in John Bradshaw NP Gallery Plugin 0.94

PHP remote file inclusion vulnerability in nucleus/plugins/NP_gallery.php in the NP_Gallery plugin 0.94 for Nucleus allows remote attackers to execute arbitrary PHP code via a URL in the DIR_NUCLEUS parameter.

6.8
2011-11-02 CVE-2010-5026 Sfiab SQL Injection vulnerability in Sfiab Science Fair in A BOX 2.0.6/2.2.0

SQL injection vulnerability in winners.php in Science Fair In A Box (SFIAB) 2.0.6 and 2.2.0 allows remote attackers to execute arbitrary SQL commands via the type parameter.

6.8
2011-11-04 CVE-2011-3616 Conky Link Following vulnerability in Conky

The getSkillname function in the eve module in Conky 1.8.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on /tmp/.cesf.

6.3
2011-11-02 CVE-2010-5044 Kanich
Joomla
SQL Injection vulnerability in Kanich COM Searchlog 3.1.0

SQL injection vulnerability in models/log.php in the Search Log (com_searchlog) component 3.1.0 for Joomla! allows remote authenticated users, with Public Back-end privileges, to execute arbitrary SQL commands via the search parameter in a log action to administrator/index.php.

6.0
2011-11-02 CVE-2010-5043 Blueconstantmedia
Joomla
SQL Injection vulnerability in Blueconstantmedia COM Djartgallery 0.9.1

SQL injection vulnerability in the DJ-ArtGallery (com_djartgallery) component 0.9.1 for Joomla! allows remote authenticated users to execute arbitrary SQL commands via the cid[] parameter in an editItem action to administrator/index.php.

6.0
2011-11-02 CVE-2010-5024 Cutesite SQL Injection vulnerability in Cutesite CMS 1.2.3/1.5.0

SQL injection vulnerability in manage/add_user.php in CuteSITE CMS 1.2.3 and 1.5.0 allows remote authenticated users, with Read privileges, to execute arbitrary SQL commands via the user_id parameter.

6.0
2011-11-03 CVE-2011-3993 Skyarc Permissions, Privileges, and Access Controls vulnerability in Skyarc products

SKYARC MTCMS before 5.252, and the MultiFileUploader 0.44 and earlier, DuplicateEntry 1.2 and earlier, MailPack 1.741 and earlier, and AutoTagging 0.08 and earlier plugins for Movable Type, uses weak permissions, which allows remote authenticated users to modify files and settings via unspecified vectors.

5.5
2011-11-03 CVE-2011-2676 ARK WEB
SIX Apart
Improper Authentication vulnerability in Ark-Web products

The A-Form and A-Form bamboo before 1.3.6 and 2.x before 2.0.3, and A-Form PC and PC/Mobile before 3.1, plug-ins for Movable Type do not require administrative authentication, which allows remote authenticated users to modify data via unspecified vectors.

5.5
2011-11-03 CVE-2011-3996 Controlsystemworks Resource Management Errors vulnerability in Controlsystemworks Csworks

The LiveData Service in CSWorks before 2.0.4115.1 allows remote attackers to cause a denial of service (service crash) via crafted TCP packets.

5.0
2011-11-03 CVE-2011-4078 Roundcube
PHP
Resource Management Errors vulnerability in Roundcube Webmail

include/iniset.php in Roundcube Webmail 0.5.4 and earlier, when PHP 5.3.7 or 5.3.8 is used, allows remote attackers to trigger a GET request for an arbitrary URL, and cause a denial of service (resource consumption and inbox outage), via a Subject header containing only a URL, a related issue to CVE-2011-3379.

5.0
2011-11-03 CVE-2011-3995 Tasofro Unspecified vulnerability in Tasofro Touhou-Hisouten

Unspecified vulnerability in Twilight Frontier Touhou Hisouten 1.06 and earlier allows remote attackers to cause a denial of service (daemon crash) via unknown network traffic.

5.0
2011-11-03 CVE-2011-3987 Daemon Tools Resource Management Errors vulnerability in Daemon-Tools Daemon Tools

dtsoftbus01.sys in DAEMON Tools Lite before 4.41.3, Pro Standard before 4.41.0315, and Pro Advanced before 4.41.0315 allows local users to cause a denial of service (system crash) via an invalid DeviceIoControl request to \\.\dtsoftbusctl.

4.9
2011-11-04 CVE-2011-3594 Pidgin Buffer Errors vulnerability in Pidgin Libpurple and Pidgin

The g_markup_escape_text function in the SILC protocol plug-in in libpurple 2.10.0 and earlier, as used in Pidgin and possibly other products, allows remote attackers to cause a denial of service (crash) via invalid UTF-8 sequences that trigger use of invalid pointers and an out-of-bounds read, related to interactions with certain versions of glib2.

4.3
2011-11-03 CVE-2011-4277 Courseforum Cross-Site Scripting vulnerability in Courseforum Projectforum 7.0.1.3038

Cross-site scripting (XSS) vulnerability in CourseForum ProjectForum 7.0.1.3038 allows remote attackers to inject arbitrary web script or HTML via a crafted name of an object within a more object on a wiki page.

4.3
2011-11-03 CVE-2011-3986 Pligg Cross-Site Scripting vulnerability in Pligg CMS

Cross-site scripting (XSS) vulnerability in Pligg before 1.2.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2011-11-03 CVE-2011-4102 Wireshark Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Wireshark

Heap-based buffer overflow in the erf_read_header function in wiretap/erf.c in the ERF file parser in Wireshark 1.4.0 through 1.4.9 and 1.6.x before 1.6.3 allows remote attackers to cause a denial of service (application crash) via a malformed file.

4.3
2011-11-03 CVE-2011-4101 Wireshark Denial of Service vulnerability in Wireshark Infiniband Dissector

The dissect_infiniband_common function in epan/dissectors/packet-infiniband.c in the Infiniband dissector in Wireshark 1.4.0 through 1.4.9 and 1.6.x before 1.6.3 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed packet.

4.3
2011-11-03 CVE-2011-4100 Wireshark Resource Management Errors vulnerability in Wireshark 1.6.0/1.6.1/1.6.2

The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.3 does not initialize a certain variable, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.

4.3
2011-11-03 CVE-2011-4274 ARK WEB
Sixapart
Cross-Site Scripting vulnerability in Ark-Web A-Form PC and A-Form PC Mobile

Cross-site scripting (XSS) vulnerability in the A-Form PC and PC/Mobile before 3.1 plug-ins for Movable Type allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-2676.

4.3
2011-11-03 CVE-2011-4273 Goahead Cross-Site Scripting vulnerability in Goahead Webserver 2.1.8

Multiple cross-site scripting (XSS) vulnerabilities in GoAhead Webserver 2.18 allow remote attackers to inject arbitrary web script or HTML via (1) the group parameter to goform/AddGroup, related to addgroup.asp; (2) the url parameter to goform/AddAccessLimit, related to addlimit.asp; or the (3) user (aka User ID) or (4) group parameter to goform/AddUser, related to adduser.asp.

4.3
2011-11-02 CVE-2010-5045 Sellatsite Cross-Site Scripting vulnerability in Sellatsite Smart ASP Survey

Cross-site scripting (XSS) vulnerability in poll/default.asp in Smart ASP Survey allows remote attackers to inject arbitrary web script or HTML via the catid parameter.

4.3
2011-11-02 CVE-2010-5042 Blueconstantmedia
Joomla
Cross-Site Scripting vulnerability in Blueconstantmedia COM Djartgallery 0.9.1

Cross-site scripting (XSS) vulnerability in the DJ-ArtGallery (com_djartgallery) component 0.9.1 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the cid[] parameter in an editItem action to administrator/index.php.

4.3
2011-11-02 CVE-2010-5035 Iscripts Cross-Site Scripting vulnerability in Iscripts Eswap 2.0

Cross-site scripting (XSS) vulnerability in search.php in iScripts eSwap 2.0 allows remote attackers to inject arbitrary web script or HTML via the txtHomeSearch parameter (aka the search field).

4.3
2011-11-02 CVE-2010-5031 Filenice Cross-Site Scripting vulnerability in Filenice 1.1

Cross-site scripting (XSS) vulnerability in index.php in fileNice 1.1 allows remote attackers to inject arbitrary web script or HTML via the sstring parameter (aka the Search Box).

4.3
2011-11-02 CVE-2010-5030 Codefabrik Cross-Site Scripting vulnerability in Codefabrik Ecomat CMS 5.0

Cross-site scripting (XSS) vulnerability in index.php in Ecomat CMS 5.0 allows remote attackers to inject arbitrary web script or HTML via the lang parameter in a web action.

4.3
2011-11-02 CVE-2010-5027 Sfiab Cross-Site Scripting vulnerability in Sfiab Science Fair in A BOX 2.0.6/2.2.0

Cross-site scripting (XSS) vulnerability in winners.php in Science Fair In A Box (SFIAB) 2.0.6 and 2.2.0 allows remote attackers to inject arbitrary web script or HTML via the type parameter.

4.3
2011-11-02 CVE-2010-5025 Cutesite Cross-Site Scripting vulnerability in Cutesite CMS 1.2.3/1.5.0

Cross-site scripting (XSS) vulnerability in manage/main.php in CuteSITE CMS 1.2.3 and 1.5.0 allows remote attackers to inject arbitrary web script or HTML via the fld_path parameter.

4.3
2011-11-02 CVE-2010-5018 2Daybiz Cross-Site Scripting vulnerability in 2Daybiz Online Classified Script

Cross-site scripting (XSS) vulnerability in products/classified/headersearch.php in 2daybiz Online Classified Script allows remote attackers to inject arbitrary web script or HTML via the sid parameter.

4.3
2011-11-02 CVE-2010-5010 Schoolmation Cross-Site Scripting vulnerability in Schoolmation 2.3

Cross-site scripting (XSS) vulnerability in schoolmv2/html/studentmain.php in SchoolMation 2.3 allows remote attackers to inject arbitrary web script or HTML via the session parameter.

4.3
2011-11-02 CVE-2010-5007 UT Files Cross-Site Scripting vulnerability in Ut-Files Utstats

Cross-site scripting (XSS) vulnerability in pages/match_report.php in UTStats Beta 4 and earlier allows remote attackers to inject arbitrary web script or HTML via the mid parameter.

4.3
2011-11-02 CVE-2010-5005 Rayzz Cross-Site Scripting vulnerability in Rayzz Photoz

Cross-site scripting (XSS) vulnerability in members/profileCommentsResponse.php in Rayzz Photoz allows remote attackers to inject arbitrary web script or HTML via the profileCommentTextArea parameter.

4.3
2011-11-02 CVE-2010-4971 Videowhisper
Joomla
Cross-Site Scripting vulnerability in Videowhisper PHP 2 WAY Video Chat

Cross-site scripting (XSS) vulnerability in VideoWhisper PHP 2 Way Video Chat component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the r parameter to index.php.

4.3
2011-11-02 CVE-2011-4074 Phpldapadmin Project Cross-Site Scripting vulnerability in PHPldapadmin Project PHPldapadmin

Cross-site scripting (XSS) vulnerability in cmd.php in phpLDAPadmin 1.2.x before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via an _debug command.

4.3
2011-11-02 CVE-2011-3320 GE Cross-Site Scripting vulnerability in GE Intelligent Platforms Proficy Historian

Cross-site scripting (XSS) vulnerability in the Web Administrator component in GE Intelligent Platforms Proficy Historian 4.x and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.

4.3
2011-11-01 CVE-2010-5002 Exponentcms Cross-Site Scripting vulnerability in Exponentcms Exponent CMS 0.97.0

Cross-site scripting (XSS) vulnerability in modules/slideshowmodule/slideshow.js.php in Exponent CMS 0.97.0 allows remote attackers to inject arbitrary web script or HTML via the u parameter.

4.3
2011-11-01 CVE-2010-4985 Mykazaam Cross-Site Scripting vulnerability in Mykazaam Notes Management System

Cross-site scripting (XSS) vulnerability in notes.php in My Kazaam Notes Management System allows remote attackers to inject arbitrary web script or HTML via vectors involving the "Enter Reference Number Below" text box.

4.3
2011-11-01 CVE-2010-4978 Nicholas Berry Cross-Site Scripting vulnerability in Nicholas Berry Candid

Cross-site scripting (XSS) vulnerability in image/view.php in CANDID allows remote attackers to inject arbitrary web script or HTML via the image_id parameter.

4.3
2011-11-01 CVE-2010-4976 Metinfo Cross-Site Scripting vulnerability in Metinfo 3.0

Cross-site scripting (XSS) vulnerability in search/search.php in MetInfo 3.0 allows remote attackers to inject arbitrary web script or HTML via the searchword parameter (aka Search Box field).

4.3
2011-11-01 CVE-2010-4973 Sourcefabric Cross-Site Scripting vulnerability in Sourcefabric Campsite 3.4.0

Cross-site scripting (XSS) vulnerability in the search feature in Campsite 3.4.0 allows remote attackers to inject arbitrary web script or HTML via the f_search_keywords parameter.

4.3
2011-11-01 CVE-2011-4064 Phpmyadmin Cross-Site Scripting vulnerability in PHPmyadmin

Cross-site scripting (XSS) vulnerability in the setup interface in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to inject arbitrary web script or HTML via a crafted value.

4.3

1 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2011-11-04 CVE-2011-3171 Pureftpd
Suse
Path Traversal vulnerability in Pureftpd Pure-Ftpd

Directory traversal vulnerability in pure-FTPd 1.0.22 and possibly other versions, when running on SUSE Linux Enterprise Server and possibly other operating systems, when the Netware OES remote server feature is enabled, allows local users to overwrite arbitrary files via unknown vectors.

3.6