Weekly Vulnerabilities Reports > October 31 to November 6, 2011
Overview
125 new vulnerabilities reported during this period, including 17 critical vulnerabilities and 64 high severity vulnerabilities. This weekly summary report vulnerabilities in 134 products from 88 vendors including Joomla, Investintech, Iscripts, HP, and 2Daybiz. Vulnerabilities are notably categorized as "SQL Injection", "Cross-site Scripting", "Resource Management Errors", "Improper Restriction of Operations within the Bounds of a Memory Buffer", and "Code Injection".
- 119 reported vulnerabilities are remotely exploitables.
- 62 reported vulnerabilities have public exploit available.
- 88 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 119 reported vulnerabilities are exploitable by an anonymous user.
- Joomla has the most reported vulnerabilities, with 17 reported vulnerabilities.
- Investintech has the most reported critical vulnerabilities, with 8 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
17 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2011-11-03 | CVE-2011-3992 | Dlink | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Dlink products Buffer overflow in the SSH server functionality on the D-Link DES-3800 with firmware before 4.50B052, DWL-2100AP with firmware before 2.50RC548, and DWL-3200AP with firmware before 2.55RC549 allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors. | 10.0 |
2011-11-02 | CVE-2011-3167 | HP | Unspecified vulnerability in HP Openview Network Node Manager 7.51/7.53 Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1210. | 10.0 |
2011-11-02 | CVE-2011-3166 | HP | Unspecified vulnerability in HP Openview Network Node Manager 7.51/7.53 Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1209. | 10.0 |
2011-11-02 | CVE-2011-3165 | HP | Unspecified vulnerability in HP Openview Network Node Manager 7.51/7.53 Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1208. | 10.0 |
2011-11-02 | CVE-2011-1919 | GE | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in GE Intelligent Platforms Proficy Historian Multiple stack-based buffer overflows in GE Intelligent Platforms Proficy Applications before 4.4.1 SIM 101 and 5.x before 5.0 SIM 43 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted TCP message traffic to (1) PRProficyMgr.exe in Proficy Server Manager, (2) PRGateway.exe in Proficy Server Gateway, (3) PRRDS.exe in Proficy Remote Data Service, or (4) PRLicenseMgr.exe in Proficy Server License Manager. | 10.0 |
2011-11-02 | CVE-2011-1918 | GE | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in GE Intelligent Platforms Proficy Historian Stack-based buffer overflow in the Data Archiver service in GE Intelligent Platforms Proficy Historian before 3.5 SIM 17 and 4.x before 4.0 SIM 12 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted TCP message traffic. | 10.0 |
2011-11-01 | CVE-2011-4214 | Oneorzero | Improper Authentication vulnerability in Oneorzero Aims 2.7.0 OneOrZero Action & Information Management System (AIMS) 2.7.0 allows remote attackers to bypass authentication and obtain administrator privileges via a crafted oozimsrememberme cookie. | 10.0 |
2011-11-04 | CVE-2011-3991 | Ffftp | Unspecified vulnerability in Ffftp 1.98 Untrusted search path vulnerability in FFFTP 1.98a and earlier allows local users to execute arbitrary code via unspecified functions. | 9.3 |
2011-11-03 | CVE-2011-4005 | Cisco | Cross-Site Request Forgery (CSRF) vulnerability in Cisco products Cross-site request forgery (CSRF) vulnerability in the Services Ready Platform Configuration Utility web interface on the Cisco Small Business SRP521W, SRP526W, and SRP527W with firmware before 1.1.24 and the Small Business SRP541W, SRP546W, and SRP547W with firmware before 1.2.1 allows remote attackers to hijack the authentication of administrators for requests that execute arbitrary commands, aka Bug ID CSCtr45124. | 9.3 |
2011-11-01 | CVE-2011-4223 | Investintech | Unspecified vulnerability in Investintech Absolute PDF Server Unspecified vulnerability in Investintech.com Absolute PDF Server allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document. | 9.3 |
2011-11-01 | CVE-2011-4222 | Investintech | Unspecified vulnerability in Investintech Able2Extract and Able2Extract Server Unspecified vulnerability in Investintech.com Able2Extract and Able2Extract Server allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted document. | 9.3 |
2011-11-01 | CVE-2011-4221 | Investintech | Unspecified vulnerability in Investintech Able2Doc Unspecified vulnerability in Investintech.com Able2Doc and Able2Doc Professional allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted document. | 9.3 |
2011-11-01 | CVE-2011-4220 | Investintech | Permissions, Privileges, and Access Controls vulnerability in Investintech Slimpdf Reader Investintech.com SlimPDF Reader does not properly restrict the arguments to unspecified function calls, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document. | 9.3 |
2011-11-01 | CVE-2011-4219 | Investintech | Resource Management Errors vulnerability in Investintech Slimpdf Reader Investintech.com SlimPDF Reader does not prevent faulting-address data from affecting branch selection, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document. | 9.3 |
2011-11-01 | CVE-2011-4218 | Investintech | Resource Management Errors vulnerability in Investintech Slimpdf Reader Investintech.com SlimPDF Reader does not prevent faulting-instruction data from affecting write operations, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document. | 9.3 |
2011-11-01 | CVE-2011-4217 | Investintech | Permissions, Privileges, and Access Controls vulnerability in Investintech Slimpdf Reader Investintech.com SlimPDF Reader does not properly restrict read operations during block data moves, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document. | 9.3 |
2011-11-01 | CVE-2011-4216 | Investintech | Permissions, Privileges, and Access Controls vulnerability in Investintech Slimpdf Reader Investintech.com SlimPDF Reader does not properly restrict write operations, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document. | 9.3 |
64 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2011-11-01 | CVE-2011-0941 | Cisco | Resource Management Errors vulnerability in Cisco IOS and Unified Communications Manager Memory leak in Cisco Unified Communications Manager (CUCM) 6.x before 6.1(5)su2, 7.x before 7.1(5b)su3, 8.x before 8.0(3a)su1, and 8.5 before 8.5(1), and Cisco IOS 12.4 and 15.1, allows remote attackers to cause a denial of service (memory consumption and process failure or device reload) via a malformed SIP message, aka Bug IDs CSCti75128 and CSCtj09179. | 7.8 |
2011-11-04 | CVE-2011-4066 | SIR | SQL Injection vulnerability in SIR Gnuboard SQL injection vulnerability in bbs/tb.php in Gnuboard 4.33.02 and earlier allows remote attackers to execute arbitrary SQL commands via the PATH_INFO. | 7.5 |
2011-11-04 | CVE-2011-3989 | Hiroyuki Oyama | SQL Injection vulnerability in Hiroyuki Oyama Dbd::Mysqlpp 0.01/0.02/0.03 SQL injection vulnerability in DBD::mysqlPP 0.04 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2011-11-04 | CVE-2011-1513 | E107 | OS Command Injection vulnerability in E107 Static code injection vulnerability in install_.php in e107 CMS 0.7.24 and probably earlier versions, when the installation script is not removed, allows remote attackers to inject arbitrary PHP code into e107_config.php via a crafted MySQL server name. | 7.5 |
2011-11-03 | CVE-2011-3379 | PHP | Code Injection vulnerability in PHP 5.3.7/5.3.8 The is_a function in PHP 5.3.7 and 5.3.8 triggers a call to the __autoload function, which makes it easier for remote attackers to execute arbitrary code by providing a crafted URL and leveraging potentially unsafe behavior in certain PEAR packages and custom autoloaders. | 7.5 |
2011-11-02 | CVE-2010-5041 | John Bradshaw Nucleuscms | SQL Injection vulnerability in John Bradshaw NP Gallery Plugin 0.94 SQL injection vulnerability in index.php in the NP_Gallery plugin 0.94 for Nucleus allows remote attackers to execute arbitrary SQL commands via the id parameter in a plugin action. | 7.5 |
2011-11-02 | CVE-2010-5039 | Scriptsfeed | SQL Injection vulnerability in Scriptsfeed Recipes Listing Portal 1.0 SQL injection vulnerability in control/admin_login.php in ScriptsFeed Recipes Listing Portal 1.0 allows remote attackers to execute arbitrary SQL commands via the loginid parameter (aka the UserName field). | 7.5 |
2011-11-02 | CVE-2010-5038 | Groonesworld | Code Injection vulnerability in Groonesworld Simple Contact Form PHP remote file inclusion vulnerability in contact/contact.php in Groone's Simple Contact Form allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter. | 7.5 |
2011-11-02 | CVE-2010-5037 | Michau Enterprises | SQL Injection vulnerability in Michau Enterprises Sensesites Commonsense CMS SQL injection vulnerability in article.php in SenseSites CommonSense CMS allows remote attackers to execute arbitrary SQL commands via the article_id parameter. | 7.5 |
2011-11-02 | CVE-2010-5036 | Iscripts | SQL Injection vulnerability in Iscripts Eswap 2.0 SQL injection vulnerability in addsale.php in iScripts eSwap 2.0 allows remote attackers to execute arbitrary SQL commands via the type parameter. | 7.5 |
2011-11-02 | CVE-2010-5034 | Iscripts | SQL Injection vulnerability in Iscripts Easybiller 1.1 SQL injection vulnerability in viewhistorydetail.php in iScripts EasyBiller 1.1 allows remote attackers to execute arbitrary SQL commands via the planid parameter. | 7.5 |
2011-11-02 | CVE-2010-5033 | Fusebox | SQL Injection vulnerability in Fusebox 5.5.1 SQL injection vulnerability in ProductList.cfm in Fusebox 5.5.1 allows remote attackers to execute arbitrary SQL commands via the CatDisplay parameter. | 7.5 |
2011-11-02 | CVE-2010-5032 | Tamlyncreative Joomla | SQL Injection vulnerability in Tamlyncreative COM Bfquiztrial SQL injection vulnerability in the BF Quiz (com_bfquiztrial) component before 1.3.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a bfquiztrial action to index.php. | 7.5 |
2011-11-02 | CVE-2010-5029 | Codefabrik | SQL Injection vulnerability in Codefabrik Ecomat CMS 5.0 SQL injection vulnerability in index.php in Ecomat CMS 5.0 allows remote attackers to execute arbitrary SQL commands via the show parameter in a web action. | 7.5 |
2011-11-02 | CVE-2010-5028 | Harmistechnology Joomla | SQL Injection vulnerability in Harmistechnology COM Jejob 1.0 SQL injection vulnerability in the JExtensions JE Job (com_jejob) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an item action to index.php. | 7.5 |
2011-11-02 | CVE-2010-5023 | Cramerdev | SQL Injection vulnerability in Cramerdev Digital Interchange Calendar 5.8.5 SQL injection vulnerability in index.asp in Digital Interchange Calendar 5.8.5 allows remote attackers to execute arbitrary SQL commands via the intDivisionID parameter. | 7.5 |
2011-11-02 | CVE-2010-5022 | Harmistechnology Joomla | SQL Injection vulnerability in Harmistechnology COM Jesubmit 1.4 SQL injection vulnerability in the JExtensions JE Story Submit (com_jesubmit) component 1.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the view parameter to index.php. | 7.5 |
2011-11-02 | CVE-2010-5021 | Cramerdev | SQL Injection vulnerability in Cramerdev Document Library 5.8.5 SQL injection vulnerability in view_group.asp in Digital Interchange Document Library 5.8.5 allows remote attackers to execute arbitrary SQL commands via the intGroupID parameter. | 7.5 |
2011-11-02 | CVE-2010-5020 | Netartmedia | SQL Injection vulnerability in Netartmedia Iboutique 4.0 SQL injection vulnerability in index.php in NetArt Media iBoutique 4.0 allows remote attackers to execute arbitrary SQL commands via the page parameter. | 7.5 |
2011-11-02 | CVE-2010-5019 | 2Daybiz | SQL Injection vulnerability in 2Daybiz Online Classified Script SQL injection vulnerability in view_photo.php in 2daybiz Online Classified Script allows remote attackers to execute arbitrary SQL commands via the alb parameter. | 7.5 |
2011-11-02 | CVE-2010-5017 | Eliteladders | SQL Injection vulnerability in Eliteladders Elite Gaming Ladders 3.0 SQL injection vulnerability in stats.php in Elite Gaming Ladders 3.0 allows remote attackers to execute arbitrary SQL commands via the account parameter. | 7.5 |
2011-11-02 | CVE-2010-5016 | Eliteladders | SQL Injection vulnerability in Eliteladders Elite Gaming Ladders 3.0/3.2/3.5 SQL injection vulnerability in matchdb.php in Elite Gaming Ladders 3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the match parameter. | 7.5 |
2011-11-02 | CVE-2010-5015 | 2Daybiz | SQL Injection vulnerability in 2Daybiz Network Community Script SQL injection vulnerability in view_photo.php in 2daybiz Network Community Script allows remote attackers to execute arbitrary SQL commands via the alb parameter. | 7.5 |
2011-11-02 | CVE-2010-5014 | Eliteladders | SQL Injection vulnerability in Eliteladders Elite Gaming Ladders 3.5 SQL injection vulnerability in standings.php in Elite Gaming Ladders 3.5 allows remote attackers to execute arbitrary SQL commands via the ladder[id] parameter. | 7.5 |
2011-11-02 | CVE-2010-5013 | Mckenziecreations | SQL Injection vulnerability in Mckenziecreations Virtual Real Estate Manager 3.5 SQL injection vulnerability in listing_detail.asp in Mckenzie Creations Virtual Real Estate Manager (VRM) 3.5 allows remote attackers to execute arbitrary SQL commands via the Lid parameter. | 7.5 |
2011-11-02 | CVE-2010-5012 | David Noguera Gutierrez | SQL Injection vulnerability in David Noguera Gutierrez Dalogin 2.2/2.2.5 SQL injection vulnerability in new.php in DaLogin 2.2 and 2.2.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2011-11-02 | CVE-2010-5011 | Schoolmation | SQL Injection vulnerability in Schoolmation 2.3 SQL injection vulnerability in schoolmv2/html/studentmain.php in SchoolMation 2.3 allows remote attackers to execute arbitrary SQL commands via the session parameter. | 7.5 |
2011-11-02 | CVE-2010-5009 | UT Files | SQL Injection vulnerability in Ut-Files Utstats SQL injection vulnerability in index.php in UTStats Beta 4 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter in a matchp action. | 7.5 |
2011-11-02 | CVE-2010-5008 | Denaliintranet | SQL Injection vulnerability in Denaliintranet Brightsuite Groupware 5.4 SQL injection vulnerability in pages/contact_list_mail_form.asp in BrightSuite Groupware 5.4 allows remote attackers to execute arbitrary SQL commands via the ContactID parameter. | 7.5 |
2011-11-02 | CVE-2010-5006 | Emophp | SQL Injection vulnerability in Emophp EMO Realty Manager SQL injection vulnerability in googlemap/index.php in EMO Realty Manager allows remote attackers to execute arbitrary SQL commands via the cat1 parameter. | 7.5 |
2011-11-02 | CVE-2010-5004 | 2Daybiz | SQL Injection vulnerability in 2Daybiz Polls Script SQL injection vulnerability in searchvote.php in 2daybiz Polls (aka Advanced Poll) Script allows remote attackers to execute arbitrary SQL commands via the category parameter. | 7.5 |
2011-11-02 | CVE-2010-5000 | JOE Pieruccini | SQL Injection vulnerability in JOE Pieruccini Mclogin System 1.1/1.2 SQL injection vulnerability in login/login_index.php in MCLogin System 1.1 and 1.2 allows remote attackers to execute arbitrary SQL commands via the myusername parameter (aka Username field) in a do_login action. | 7.5 |
2011-11-02 | CVE-2010-4998 | Maulana AL Matien | Code Injection vulnerability in Maulana AL Matien Ardeacore PHP Framework 2.2 PHP remote file inclusion vulnerability in ardeaCore/lib/core/ardeaInit.php in ardeaCore PHP Framework 2.2 allows remote attackers to execute arbitrary PHP code via a URL in the pathForArdeaCore parameter. | 7.5 |
2011-11-02 | CVE-2010-4997 | Olykit | SQL Injection vulnerability in Olykit Swoopo Clone 2010 SQL injection vulnerability in index.php in OlyKit Swoopo Clone 2010 allows remote attackers to execute arbitrary SQL commands via the id parameter in a product action. | 7.5 |
2011-11-01 | CVE-2010-5003 | Autartica Joomla | SQL Injection vulnerability in Autartica COM Autartimonial 1.0.8 SQL injection vulnerability in the AutarTimonial (com_autartimonial) component 1.0.8 for Joomla! allows remote attackers to execute arbitrary SQL commands via the limit parameter in an autartimonial action to index.php. | 7.5 |
2011-11-01 | CVE-2010-5001 | Esoftpro | SQL Injection vulnerability in Esoftpro Online Contact Manager 3.0 SQL injection vulnerability in view.php in esoftpro Online Contact Manager 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2011-11-01 | CVE-2010-4999 | Esoftpro | SQL Injection vulnerability in Esoftpro Online Photo PRO 2.0 SQL injection vulnerability in index.php in esoftpro Online Photo Pro 2.0 allows remote attackers to execute arbitrary SQL commands via the section parameter. | 7.5 |
2011-11-01 | CVE-2010-4996 | Esoftpro | SQL Injection vulnerability in Esoftpro Online Guestbook PRO 5.1 SQL injection vulnerability in ogp_show.php in esoftpro Online Guestbook Pro 5.1 allows remote attackers to execute arbitrary SQL commands via the search parameter. | 7.5 |
2011-11-01 | CVE-2010-4995 | Neojoomla Joomla | SQL Injection vulnerability in Neojoomla COM Neorecruit 1.6.4 SQL injection vulnerability in the NeoRecruit (com_neorecruit) component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in an offer_view action to index.php, a different vector than CVE-2007-4506. | 7.5 |
2011-11-01 | CVE-2010-4994 | Instantphp Joomla | SQL Injection vulnerability in Instantphp Jobs PRO 1.6.4 SQL injection vulnerability in the Jobs Pro component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the detailed_results parameter to search_jobs.html. | 7.5 |
2011-11-01 | CVE-2010-4993 | KAY Messerschmidt Joomla | SQL Injection vulnerability in KAY Messerschmidt COM Eventcal 1.6.4 SQL injection vulnerability in the eventcal (com_eventcal) component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. | 7.5 |
2011-11-01 | CVE-2010-4992 | Paymentsplus Joomla | SQL Injection vulnerability in Paymentsplus Payments Plus 2.1.5 SQL injection vulnerability in the Payments Plus component 2.1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the type parameter to add.html. | 7.5 |
2011-11-01 | CVE-2010-4991 | Ninjaforge Joomla | SQL Injection vulnerability in Ninjaforge Ninjamonials SQL injection vulnerability in the NinjaMonials (com_ninjamonials) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a display action to index.php. | 7.5 |
2011-11-01 | CVE-2010-4990 | B Elektro Joomla | SQL Injection vulnerability in B-Elektro COM Addressbook SQL injection vulnerability in the Front-edit Address Book (com_addressbook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a contact action to index.php. | 7.5 |
2011-11-01 | CVE-2010-4989 | Farsi CMS | SQL Injection vulnerability in Farsi-Cms Ziggurat Farsi CMS SQL injection vulnerability in main.asp in Ziggurat Farsi CMS allows remote attackers to execute arbitrary SQL commands via the grp parameter. | 7.5 |
2011-11-01 | CVE-2010-4988 | Familycms | Code Injection vulnerability in Familycms Family Connections WHO IS Chatting 2.2.3 PHP remote file inclusion vulnerability in mod_chatting/themes/default/header.php in Family Connections Who is Chatting 2.2.3 allows remote attackers to execute arbitrary PHP code via a URL in the TMPL[path] parameter. | 7.5 |
2011-11-01 | CVE-2010-4987 | Kmsoft | SQL Injection vulnerability in Kmsoft Guestbook SQL injection vulnerability in default.asp in KMSoft Guestbook (aka GBook) allows remote attackers to execute arbitrary SQL commands via the p parameter. | 7.5 |
2011-11-01 | CVE-2010-4986 | Cafuego | SQL Injection vulnerability in Cafuego Simple Document Management System 1.1.4/1.1.5/1.1.6 SQL injection vulnerability in detail.php in Simple Document Management System (SDMS) allows remote attackers to execute arbitrary SQL commands via the doc_id parameter. | 7.5 |
2011-11-01 | CVE-2010-4984 | Mykazaam | SQL Injection vulnerability in Mykazaam Notes Management System SQL injection vulnerability in notes.php in My Kazaam Notes Management System allows remote attackers to execute arbitrary SQL commands via vectors involving the "Enter Reference Number Below" text box. | 7.5 |
2011-11-01 | CVE-2010-4983 | Iscripts | SQL Injection vulnerability in Iscripts Cybermatch 1.0 SQL injection vulnerability in profile.php in iScripts CyberMatch 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2011-11-01 | CVE-2010-4982 | Mykazaam | SQL Injection vulnerability in Mykazaam Address & Contact Organizer SQL injection vulnerability in address_book/contacts.php in My Kazaam Address & Contact Organizer allows remote attackers to execute arbitrary SQL commands via the var1 parameter. | 7.5 |
2011-11-01 | CVE-2010-4981 | Yourfreeworld | SQL Injection vulnerability in Yourfreeworld Banner Management SQL injection vulnerability in trackads.php in YourFreeWorld Banner Management allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2011-11-01 | CVE-2010-4980 | Iscripts | SQL Injection vulnerability in Iscripts Reservelogic 1.0 SQL injection vulnerability in packagedetails.php in iScripts ReserveLogic 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter. | 7.5 |
2011-11-01 | CVE-2010-4979 | Nicholas Berry | SQL Injection vulnerability in Nicholas Berry Candid SQL injection vulnerability in image/view.php in CANDID allows remote attackers to execute arbitrary SQL commands via the image_id parameter. | 7.5 |
2011-11-01 | CVE-2010-4977 | Miniwork Joomla | SQL Injection vulnerability in Miniwork COM Canteen 1.0 SQL injection vulnerability in menu.php in the Canteen (com_canteen) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the mealid parameter to index.php. | 7.5 |
2011-11-01 | CVE-2010-4975 | Techjoomla Joomla | SQL Injection vulnerability in Techjoomla COM Socialads SQL injection vulnerability in the Techjoomla SocialAds For JomSocial (com_socialads) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the ads description field in a showad action to index.php. | 7.5 |
2011-11-01 | CVE-2010-4974 | Brotherscripts | SQL Injection vulnerability in Brotherscripts Auto Dealer SQL injection vulnerability in info.php in BrotherScripts (BS) and ScriptsFeed Auto Dealer allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2011-11-01 | CVE-2010-4972 | Ypninc | SQL Injection vulnerability in Ypninc Jokescript SQL injection vulnerability in index.php in YPNinc JokeScript allows remote attackers to execute arbitrary SQL commands via the ypncat_id parameter. | 7.5 |
2011-11-01 | CVE-2010-4970 | Wikiwebhelp | SQL Injection vulnerability in Wikiwebhelp Wiki web Help 0.28 SQL injection vulnerability in handlers/getpage.php in Wiki Web Help 0.28 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2011-11-01 | CVE-2010-4969 | Brotherscripts | SQL Injection vulnerability in Brotherscripts Business Directory SQL injection vulnerability in articlesdetails.php in BrotherScripts (BS) Business Directory allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2011-11-01 | CVE-2010-4968 | Webmaster Tips Joomla | SQL Injection vulnerability in Webmaster-Tips COM Wmtpic 1.0 SQL injection vulnerability in the webmaster-tips.net Flash Gallery (com_wmtpic) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. | 7.5 |
2011-11-01 | CVE-2011-4215 | Oneorzero | SQL Injection vulnerability in Oneorzero Aims 2.7.0 SQL injection vulnerability in lib/ooz_access.php in OneOrZero Action & Information Management System (AIMS) 2.7.0 allows remote attackers to execute arbitrary SQL commands via the cookieName variable. | 7.5 |
2011-11-01 | CVE-2011-1915 | Infor | SQL Injection vulnerability in Infor Eclient and Enspire Distribution Management Solution SQL injection vulnerability in eClient 7.3.2.3 in Enspire Distribution Management Solution 7.3.2.7 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2011-11-04 | CVE-2011-3330 | Schneider Electric | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Schneider-Electric products Buffer overflow in the UnitelWay Windows Device Driver, as used in Schneider Electric Unity Pro 6 and earlier, OPC Factory Server 3.34, Vijeo Citect 7.20 and earlier, Telemecanique Driver Pack 2.6 and earlier, Monitor Pro 7.6 and earlier, and PL7 Pro 4.5 and earlier, allows local users, and possibly remote attackers, to execute arbitrary code via an unspecified system parameter. | 7.2 |
43 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2011-11-04 | CVE-2011-3364 | Gnome | Unspecified vulnerability in Gnome Ifcfg-Rh Plug-In Incomplete blacklist vulnerability in the svEscape function in settings/plugins/ifcfg-rh/shvar.c in the ifcfg-rh plug-in for GNOME NetworkManager 0.9.1, 0.9.0, 0.8.1, and possibly other versions, when PolicyKit is configured to allow users to create new connections, allows local users to execute arbitrary commands via a newline character in the name for a new network connection, which is not properly handled when writing to the ifcfg file. | 6.9 |
2011-11-04 | CVE-2011-3581 | Nlnetlabs | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Nlnetlabs Ldns Heap-based buffer overflow in the ldns_rr_new_frm_str_internal function in ldns before 1.6.11 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Resource Record (RR) with an unknown type containing input that is longer than a specified length. | 6.8 |
2011-11-04 | CVE-2011-3164 | HP | Local Privilege Escalation vulnerability in HP Hp-Ux Containers A.03.00/A.03.00.002/A.03.01 Unspecified vulnerability in HP-UX Containers (formerly HP-UX Secure Resource Partitions (SRP)) A.03.00, A.03.00.002, and A.03.01, when running with patch PHKL_42310, allows local users to gain privileges via unknown vectors. | 6.8 |
2011-11-03 | CVE-2011-3994 | Skyarc | Cross-Site Request Forgery (CSRF) vulnerability in Skyarc products Cross-site request forgery (CSRF) vulnerability in SKYARC MTCMS before 5.252, and the MultiFileUploader 0.44 and earlier, DuplicateEntry 1.2 and earlier, MailPack 1.741 and earlier, and AutoTagging 0.08 and earlier plugins for Movable Type, allows remote attackers to hijack the authentication of arbitrary users for requests that modify data. | 6.8 |
2011-11-02 | CVE-2010-5040 | John Bradshaw Nucleuscms | Code Injection vulnerability in John Bradshaw NP Gallery Plugin 0.94 PHP remote file inclusion vulnerability in nucleus/plugins/NP_gallery.php in the NP_Gallery plugin 0.94 for Nucleus allows remote attackers to execute arbitrary PHP code via a URL in the DIR_NUCLEUS parameter. | 6.8 |
2011-11-02 | CVE-2010-5026 | Sfiab | SQL Injection vulnerability in Sfiab Science Fair in A BOX 2.0.6/2.2.0 SQL injection vulnerability in winners.php in Science Fair In A Box (SFIAB) 2.0.6 and 2.2.0 allows remote attackers to execute arbitrary SQL commands via the type parameter. | 6.8 |
2011-11-04 | CVE-2011-3616 | Conky | Link Following vulnerability in Conky The getSkillname function in the eve module in Conky 1.8.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on /tmp/.cesf. | 6.3 |
2011-11-02 | CVE-2010-5044 | Kanich Joomla | SQL Injection vulnerability in Kanich COM Searchlog 3.1.0 SQL injection vulnerability in models/log.php in the Search Log (com_searchlog) component 3.1.0 for Joomla! allows remote authenticated users, with Public Back-end privileges, to execute arbitrary SQL commands via the search parameter in a log action to administrator/index.php. | 6.0 |
2011-11-02 | CVE-2010-5043 | Blueconstantmedia Joomla | SQL Injection vulnerability in Blueconstantmedia COM Djartgallery 0.9.1 SQL injection vulnerability in the DJ-ArtGallery (com_djartgallery) component 0.9.1 for Joomla! allows remote authenticated users to execute arbitrary SQL commands via the cid[] parameter in an editItem action to administrator/index.php. | 6.0 |
2011-11-02 | CVE-2010-5024 | Cutesite | SQL Injection vulnerability in Cutesite CMS 1.2.3/1.5.0 SQL injection vulnerability in manage/add_user.php in CuteSITE CMS 1.2.3 and 1.5.0 allows remote authenticated users, with Read privileges, to execute arbitrary SQL commands via the user_id parameter. | 6.0 |
2011-11-03 | CVE-2011-3993 | Skyarc | Permissions, Privileges, and Access Controls vulnerability in Skyarc products SKYARC MTCMS before 5.252, and the MultiFileUploader 0.44 and earlier, DuplicateEntry 1.2 and earlier, MailPack 1.741 and earlier, and AutoTagging 0.08 and earlier plugins for Movable Type, uses weak permissions, which allows remote authenticated users to modify files and settings via unspecified vectors. | 5.5 |
2011-11-03 | CVE-2011-2676 | ARK WEB SIX Apart | Improper Authentication vulnerability in Ark-Web products The A-Form and A-Form bamboo before 1.3.6 and 2.x before 2.0.3, and A-Form PC and PC/Mobile before 3.1, plug-ins for Movable Type do not require administrative authentication, which allows remote authenticated users to modify data via unspecified vectors. | 5.5 |
2011-11-03 | CVE-2011-3996 | Controlsystemworks | Resource Management Errors vulnerability in Controlsystemworks Csworks The LiveData Service in CSWorks before 2.0.4115.1 allows remote attackers to cause a denial of service (service crash) via crafted TCP packets. | 5.0 |
2011-11-03 | CVE-2011-4078 | Roundcube PHP | Resource Management Errors vulnerability in Roundcube Webmail include/iniset.php in Roundcube Webmail 0.5.4 and earlier, when PHP 5.3.7 or 5.3.8 is used, allows remote attackers to trigger a GET request for an arbitrary URL, and cause a denial of service (resource consumption and inbox outage), via a Subject header containing only a URL, a related issue to CVE-2011-3379. | 5.0 |
2011-11-03 | CVE-2011-3995 | Tasofro | Unspecified vulnerability in Tasofro Touhou-Hisouten Unspecified vulnerability in Twilight Frontier Touhou Hisouten 1.06 and earlier allows remote attackers to cause a denial of service (daemon crash) via unknown network traffic. | 5.0 |
2011-11-03 | CVE-2011-3987 | Daemon Tools | Resource Management Errors vulnerability in Daemon-Tools Daemon Tools dtsoftbus01.sys in DAEMON Tools Lite before 4.41.3, Pro Standard before 4.41.0315, and Pro Advanced before 4.41.0315 allows local users to cause a denial of service (system crash) via an invalid DeviceIoControl request to \\.\dtsoftbusctl. | 4.9 |
2011-11-04 | CVE-2011-3594 | Pidgin | Buffer Errors vulnerability in Pidgin Libpurple and Pidgin The g_markup_escape_text function in the SILC protocol plug-in in libpurple 2.10.0 and earlier, as used in Pidgin and possibly other products, allows remote attackers to cause a denial of service (crash) via invalid UTF-8 sequences that trigger use of invalid pointers and an out-of-bounds read, related to interactions with certain versions of glib2. | 4.3 |
2011-11-03 | CVE-2011-4277 | Courseforum | Cross-Site Scripting vulnerability in Courseforum Projectforum 7.0.1.3038 Cross-site scripting (XSS) vulnerability in CourseForum ProjectForum 7.0.1.3038 allows remote attackers to inject arbitrary web script or HTML via a crafted name of an object within a more object on a wiki page. | 4.3 |
2011-11-03 | CVE-2011-3986 | Pligg | Cross-Site Scripting vulnerability in Pligg CMS Cross-site scripting (XSS) vulnerability in Pligg before 1.2.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2011-11-03 | CVE-2011-4102 | Wireshark | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Wireshark Heap-based buffer overflow in the erf_read_header function in wiretap/erf.c in the ERF file parser in Wireshark 1.4.0 through 1.4.9 and 1.6.x before 1.6.3 allows remote attackers to cause a denial of service (application crash) via a malformed file. | 4.3 |
2011-11-03 | CVE-2011-4101 | Wireshark | Denial of Service vulnerability in Wireshark Infiniband Dissector The dissect_infiniband_common function in epan/dissectors/packet-infiniband.c in the Infiniband dissector in Wireshark 1.4.0 through 1.4.9 and 1.6.x before 1.6.3 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed packet. | 4.3 |
2011-11-03 | CVE-2011-4100 | Wireshark | Resource Management Errors vulnerability in Wireshark 1.6.0/1.6.1/1.6.2 The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.3 does not initialize a certain variable, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. | 4.3 |
2011-11-03 | CVE-2011-4274 | ARK WEB Sixapart | Cross-Site Scripting vulnerability in Ark-Web A-Form PC and A-Form PC Mobile Cross-site scripting (XSS) vulnerability in the A-Form PC and PC/Mobile before 3.1 plug-ins for Movable Type allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-2676. | 4.3 |
2011-11-03 | CVE-2011-4273 | Goahead | Cross-Site Scripting vulnerability in Goahead Webserver 2.1.8 Multiple cross-site scripting (XSS) vulnerabilities in GoAhead Webserver 2.18 allow remote attackers to inject arbitrary web script or HTML via (1) the group parameter to goform/AddGroup, related to addgroup.asp; (2) the url parameter to goform/AddAccessLimit, related to addlimit.asp; or the (3) user (aka User ID) or (4) group parameter to goform/AddUser, related to adduser.asp. | 4.3 |
2011-11-02 | CVE-2010-5045 | Sellatsite | Cross-Site Scripting vulnerability in Sellatsite Smart ASP Survey Cross-site scripting (XSS) vulnerability in poll/default.asp in Smart ASP Survey allows remote attackers to inject arbitrary web script or HTML via the catid parameter. | 4.3 |
2011-11-02 | CVE-2010-5042 | Blueconstantmedia Joomla | Cross-Site Scripting vulnerability in Blueconstantmedia COM Djartgallery 0.9.1 Cross-site scripting (XSS) vulnerability in the DJ-ArtGallery (com_djartgallery) component 0.9.1 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the cid[] parameter in an editItem action to administrator/index.php. | 4.3 |
2011-11-02 | CVE-2010-5035 | Iscripts | Cross-Site Scripting vulnerability in Iscripts Eswap 2.0 Cross-site scripting (XSS) vulnerability in search.php in iScripts eSwap 2.0 allows remote attackers to inject arbitrary web script or HTML via the txtHomeSearch parameter (aka the search field). | 4.3 |
2011-11-02 | CVE-2010-5031 | Filenice | Cross-Site Scripting vulnerability in Filenice 1.1 Cross-site scripting (XSS) vulnerability in index.php in fileNice 1.1 allows remote attackers to inject arbitrary web script or HTML via the sstring parameter (aka the Search Box). | 4.3 |
2011-11-02 | CVE-2010-5030 | Codefabrik | Cross-Site Scripting vulnerability in Codefabrik Ecomat CMS 5.0 Cross-site scripting (XSS) vulnerability in index.php in Ecomat CMS 5.0 allows remote attackers to inject arbitrary web script or HTML via the lang parameter in a web action. | 4.3 |
2011-11-02 | CVE-2010-5027 | Sfiab | Cross-Site Scripting vulnerability in Sfiab Science Fair in A BOX 2.0.6/2.2.0 Cross-site scripting (XSS) vulnerability in winners.php in Science Fair In A Box (SFIAB) 2.0.6 and 2.2.0 allows remote attackers to inject arbitrary web script or HTML via the type parameter. | 4.3 |
2011-11-02 | CVE-2010-5025 | Cutesite | Cross-Site Scripting vulnerability in Cutesite CMS 1.2.3/1.5.0 Cross-site scripting (XSS) vulnerability in manage/main.php in CuteSITE CMS 1.2.3 and 1.5.0 allows remote attackers to inject arbitrary web script or HTML via the fld_path parameter. | 4.3 |
2011-11-02 | CVE-2010-5018 | 2Daybiz | Cross-Site Scripting vulnerability in 2Daybiz Online Classified Script Cross-site scripting (XSS) vulnerability in products/classified/headersearch.php in 2daybiz Online Classified Script allows remote attackers to inject arbitrary web script or HTML via the sid parameter. | 4.3 |
2011-11-02 | CVE-2010-5010 | Schoolmation | Cross-Site Scripting vulnerability in Schoolmation 2.3 Cross-site scripting (XSS) vulnerability in schoolmv2/html/studentmain.php in SchoolMation 2.3 allows remote attackers to inject arbitrary web script or HTML via the session parameter. | 4.3 |
2011-11-02 | CVE-2010-5007 | UT Files | Cross-Site Scripting vulnerability in Ut-Files Utstats Cross-site scripting (XSS) vulnerability in pages/match_report.php in UTStats Beta 4 and earlier allows remote attackers to inject arbitrary web script or HTML via the mid parameter. | 4.3 |
2011-11-02 | CVE-2010-5005 | Rayzz | Cross-Site Scripting vulnerability in Rayzz Photoz Cross-site scripting (XSS) vulnerability in members/profileCommentsResponse.php in Rayzz Photoz allows remote attackers to inject arbitrary web script or HTML via the profileCommentTextArea parameter. | 4.3 |
2011-11-02 | CVE-2010-4971 | Videowhisper Joomla | Cross-Site Scripting vulnerability in Videowhisper PHP 2 WAY Video Chat Cross-site scripting (XSS) vulnerability in VideoWhisper PHP 2 Way Video Chat component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the r parameter to index.php. | 4.3 |
2011-11-02 | CVE-2011-3320 | GE | Cross-Site Scripting vulnerability in GE Intelligent Platforms Proficy Historian Cross-site scripting (XSS) vulnerability in the Web Administrator component in GE Intelligent Platforms Proficy Historian 4.x and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. | 4.3 |
2011-11-01 | CVE-2010-5002 | Exponentcms | Cross-Site Scripting vulnerability in Exponentcms Exponent CMS 0.97.0 Cross-site scripting (XSS) vulnerability in modules/slideshowmodule/slideshow.js.php in Exponent CMS 0.97.0 allows remote attackers to inject arbitrary web script or HTML via the u parameter. | 4.3 |
2011-11-01 | CVE-2010-4985 | Mykazaam | Cross-Site Scripting vulnerability in Mykazaam Notes Management System Cross-site scripting (XSS) vulnerability in notes.php in My Kazaam Notes Management System allows remote attackers to inject arbitrary web script or HTML via vectors involving the "Enter Reference Number Below" text box. | 4.3 |
2011-11-01 | CVE-2010-4978 | Nicholas Berry | Cross-Site Scripting vulnerability in Nicholas Berry Candid Cross-site scripting (XSS) vulnerability in image/view.php in CANDID allows remote attackers to inject arbitrary web script or HTML via the image_id parameter. | 4.3 |
2011-11-01 | CVE-2010-4976 | Metinfo | Cross-Site Scripting vulnerability in Metinfo 3.0 Cross-site scripting (XSS) vulnerability in search/search.php in MetInfo 3.0 allows remote attackers to inject arbitrary web script or HTML via the searchword parameter (aka Search Box field). | 4.3 |
2011-11-01 | CVE-2010-4973 | Sourcefabric | Cross-Site Scripting vulnerability in Sourcefabric Campsite 3.4.0 Cross-site scripting (XSS) vulnerability in the search feature in Campsite 3.4.0 allows remote attackers to inject arbitrary web script or HTML via the f_search_keywords parameter. | 4.3 |
2011-11-01 | CVE-2011-4064 | Phpmyadmin | Cross-Site Scripting vulnerability in PHPmyadmin Cross-site scripting (XSS) vulnerability in the setup interface in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to inject arbitrary web script or HTML via a crafted value. | 4.3 |
1 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2011-11-04 | CVE-2011-3171 | Pureftpd Suse | Path Traversal vulnerability in Pureftpd Pure-Ftpd Directory traversal vulnerability in pure-FTPd 1.0.22 and possibly other versions, when running on SUSE Linux Enterprise Server and possibly other operating systems, when the Netware OES remote server feature is enabled, allows local users to overwrite arbitrary files via unknown vectors. | 3.6 |