cpe:/a:maradns:maradns:1.3.07 cpe:/a:maradns:maradns:1.3.06 cpe:/a:maradns:maradns:1.0.00 cpe:/a:maradns:maradns:1.0.01 cpe:/a:maradns:maradns:1.0.02 cpe:/a:maradns:maradns:1.0.04 cpe:/a:maradns:maradns:1.0.03 cpe:/a:maradns:maradns:1.3.07.01 cpe:/a:maradns:maradns:1.0.06 cpe:/a:maradns:maradns:1.3.07.02 cpe:/a:maradns:maradns:1.0.05 cpe:/a:maradns:maradns:1.3.07.03 cpe:/a:maradns:maradns:1.0.08 cpe:/a:maradns:maradns:1.0.07 cpe:/a:maradns:maradns:1.0.09 cpe:/a:maradns:maradns:1.3.01 cpe:/a:maradns:maradns:1.3.02 cpe:/a:maradns:maradns:1.3.03 cpe:/a:maradns:maradns:1.3.04 cpe:/a:maradns:maradns:1.3.05 cpe:/a:maradns:maradns:1.0.12 cpe:/a:maradns:maradns:1.0.13 cpe:/a:maradns:maradns:1.0.10 cpe:/a:maradns:maradns:1.0.11 cpe:/a:maradns:maradns:1.0.17 cpe:/a:maradns:maradns:1.0.16 cpe:/a:maradns:maradns:1.0.15 cpe:/a:maradns:maradns:1.0.14 cpe:/a:maradns:maradns:1.0.19 cpe:/a:maradns:maradns:1.0.18 cpe:/a:maradns:maradns:1.2.12.05 cpe:/a:maradns:maradns:1.2.12.04 cpe:/a:maradns:maradns:1.2.12.03 cpe:/a:maradns:maradns:1.2.12.02 cpe:/a:maradns:maradns:1.2.12.07 cpe:/a:maradns:maradns:1.2.12.06 cpe:/a:maradns:maradns:1.0.29 cpe:/a:maradns:maradns:1.0.27 cpe:/a:maradns:maradns:1.2.12.01 cpe:/a:maradns:maradns:1.0.28 cpe:/a:maradns:maradns:1.0.25 cpe:/a:maradns:maradns:1.0.26 cpe:/a:maradns:maradns:1.0.24 cpe:/a:maradns:maradns:1.0.23 cpe:/a:maradns:maradns:1.0.22 cpe:/a:maradns:maradns:1.0.21 cpe:/a:maradns:maradns:1.0.20 cpe:/a:maradns:maradns:1.0.36 cpe:/a:maradns:maradns:1.0.37 cpe:/a:maradns:maradns:1.0.38 cpe:/a:maradns:maradns:1.0.39 cpe:/a:maradns:maradns:1.0.33 cpe:/a:maradns:maradns:1.0.32 cpe:/a:maradns:maradns:1.0.35 cpe:/a:maradns:maradns:1.0.34 cpe:/a:maradns:maradns:1.0.31 cpe:/a:maradns:maradns:1.0.30 CVE-2008-0061 2008-01-03T17:46:00.000-05:00 2008-09-05T17:34:06.717-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2008-01-04T08:44:00.000-05:00 CONFIRM http://www.maradns.org/changelog.html CONFIRM http://maradns.blogspot.com/2007/08/maradns-update-all-versions.html BID 27124 VUPEN ADV-2008-0026 DEBIAN DSA-1445 GENTOO GLSA-200801-16 SECUNIA 28650 SECUNIA 28334 SECUNIA 28329 CONFIRM http://bugs.gentoo.org/show_bug.cgi?id=204351 MaraDNS 1.0 before 1.0.41, 1.2 before 1.2.12.08, and 1.3 before 1.3.07.04 allows remote attackers to cause a denial of service via a crafted DNS packet that prevents an authoritative name (CNAME) record from resolving, aka "improper rotation of resource records." cpe:/a:clip-share:clipshare CVE-2008-0089 2008-01-03T20:46:00.000-05:00 2009-09-11T01:17:31.250-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-04T13:31:00.000-05:00 BID 27108 MILW0RM 4830 SECUNIA 28313 OSVDB 40077 XF clipshare-uprofile-sql-injection(39364) SQL injection vulnerability in uprofile.php in ClipShare allows remote attackers to execute arbitrary SQL commands via the UID parameter. cpe:/a:microsoft:ie:7 cpe:/a:divx:divx_player:6.6.0 CVE-2008-0090 2008-01-03T20:46:00.000-05:00 2008-09-05T17:34:11.420-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2008-01-04T13:34:00.000-05:00 BID 27106 MILW0RM 4829 XF divxwebplayer-npUpload-dos(39386) A certain ActiveX control in npUpload.dll in DivX Player 6.6.0 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long argument to the SetPassword method. cpe:/a:agency4net:webftp:1 CVE-2008-0091 2008-01-03T20:46:00.000-05:00 2008-09-05T17:34:11.577-04:00 6.4 NETWORK LOW NONE PARTIAL PARTIAL NONE http://nvd.nist.gov 2008-01-04T13:41:00.000-05:00 BID 27092 MILW0RM 4828 VIM 20080104 true: AGENCY4NET WEBFTP directory traversal; deletion possible XF agency4net-download2-directory-traversal(39343) VUPEN ADV-2008-0051 SECUNIA 28309 Directory traversal vulnerability in download2.php in AGENCY4NET WEBFTP 1 allows remote attackers to read and delete arbitrary files via a .. (dot dot) in the file parameter. cpe:/a:phpwebsite:phpwebsite:1.4.0 CVE-2008-0092 2008-01-03T20:46:00.000-05:00 2008-09-05T17:34:11.717-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-04T13:51:00.000-05:00 BID 27090 BUGTRAQ 20080101 Cross-Site Scripting (XSS) in phpWebSite 1.4.0 search CONFIRM http://phpwebsite.appstate.edu/blog/2143 XF phpwebsite-search-xss(39391) SREASON 3511 SECUNIA 28303 Cross-site scripting (XSS) vulnerability in index.php in the search module in Appalachian State University phpWebSite 1.4.0 allows remote attackers to inject arbitrary web script or HTML via the search parameter. cpe:/a:eticket:eticket:1.5.5.2 cpe:/a:eticket:eticket:1.5.6_rc3 cpe:/a:eticket:eticket:1.5.6_rc2 CVE-2008-0093 2008-01-07T20:46:00.000-05:00 2008-09-05T17:34:11.857-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-08T10:19:00.000-05:00 MISC http://www.digitrustgroup.com/advisories/web-application-security-eticket.html SECUNIA 28331 XF eticket-name-subject-xss(39400) BID 27130 Multiple cross-site scripting (XSS) vulnerabilities in newticket.php in eTicket 1.5.5.2, and 1.5.6 RC2 and RC3, allow remote attackers to inject arbitrary web script or HTML via the (1) Name and (2) Subject parameters. cpe:/a:modxcms:modxcms:0.9.6.1 CVE-2008-0094 2008-01-07T21:46:00.000-05:00 2008-10-11T01:48:31.607-04:00 6.4 NETWORK LOW NONE PARTIAL PARTIAL NONE http://nvd.nist.gov 2008-01-08T10:28:00.000-05:00 SECUNIA 28220 XF modx-ajaxsearch-file-include(39352) BID 27097 BID 27096 BUGTRAQ 20080102 MODx CMS Source code disclosure, local file inclusion CONFIRM http://modxcms.com/forums/index.php/topic,21290.0.html SREASON 3522 Multiple directory traversal vulnerabilities in MODx Content Management System 0.9.6.1 allow remote attackers to (1) include and execute arbitrary local files via a .. (dot dot) in the as_language parameter to assets/snippets/AjaxSearch/AjaxSearch.php, reached through index-ajax.php; and (2) read arbitrary local files via a .. (dot dot) in the file parameter to assets/js/htcmime.php. cpe:/a:asterisk:asterisknow:beta_6 cpe:/a:asterisk:open_source:1.4.16 cpe:/a:asterisk:asterisk_business_edition:c.1.0beta7 cpe:/a:asterisk:asterisk_appliance_developer_kit:1.4_revision_95945 cpe:/a:asterisk:s800i:1.0.3.3 CVE-2008-0095 2008-01-07T21:46:00.000-05:00 2009-09-11T01:17:32.017-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2008-01-08T10:36:00.000-05:00 BID 27110 SECUNIA 28312 CONFIRM http://downloads.digium.com/pub/security/AST-2008-001.html MISC http://bugs.digium.com/view.php?id=11637 FEDORA FEDORA-2008-0199 FEDORA FEDORA-2008-0198 XF asterisk-bye-also-dos(39361) SECTRACK 1019152 BUGTRAQ 20080102 AST-2008-001: Crash from transfer using BYE with Also header VUPEN ADV-2008-0019 SECUNIA 28299 SREASON 3520 The SIP channel driver in Asterisk Open Source 1.4.x before 1.4.17, Business Edition before C.1.0-beta8, AsteriskNOW before beta7, Appliance Developer Kit before Asterisk 1.4 revision 95946, and Appliance s800i 1.0.x before 1.0.3.4 allows remote attackers to cause a denial of service (daemon crash) via a BYE message with an Also (Also transfer) header, which triggers a NULL pointer dereference. cpe:/a:georgia_softworks:ssh2_server:7.01.0003 CVE-2008-0096 2008-01-07T21:46:00.000-05:00 2009-09-15T01:10:28.657-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-08T11:04:00.000-05:00 BID 27103 BUGTRAQ 20080102 Multiple vulnerabilities in Georgia SoftWorks SSH2 Server 7.01.0003 SECUNIA 28307 MISC http://aluigi.altervista.org/adv/gswsshit-adv.txt SREASON 3517 Multiple buffer overflows in Georgia SoftWorks SSH2 Server (GSW_SSHD) 7.01.0003 and earlier allow remote attackers to execute arbitrary code via a (1) a long username, which triggers an overflow in the log function; or (2) a long password. cpe:/a:georgia_softworks:ssh2_server:7.01.0003 CVE-2008-0097 2008-01-07T21:46:00.000-05:00 2008-09-05T17:34:12.467-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-08T11:08:00.000-05:00 BUGTRAQ 20080102 Multiple vulnerabilities in Georgia SoftWorks SSH2 Server 7.01.0003 SECUNIA 28307 MISC http://aluigi.altervista.org/adv/gswsshit-adv.txt SREASON 3517 Format string vulnerability in the log function in Georgia SoftWorks SSH2 Server (GSW_SSHD) 7.01.0003 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the username field, as demonstrated by a certain LoginPassword message. cpe:/a:real:realplayer:11_build_6.0.14.748 CVE-2008-0098 2008-01-07T21:46:00.000-05:00 2008-09-05T17:34:12.623-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2008-01-08T11:11:00.000-05:00 MISC http://www.us-cert.gov/current/index.html#public_exploit_code_for_realplayer BID 27091 VUPEN ADV-2008-0016 SECUNIA 28276 MLIST [Dailydave] 20080101 0day RealPlayer exploit demo MISC http://gleg.net/realplayer11.html SECTRACK 1019153 Buffer overflow in RealPlayer 11 build 6.0.14.748 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: As of 20080103, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. cpe:/a:myphp_forum:myphp_forum:3.0 CVE-2008-0099 2008-01-07T21:46:00.000-05:00 2009-09-16T01:14:07.767-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-08T11:28:00.000-05:00 BID 27118 MILW0RM 4831 Multiple SQL injection vulnerabilities in MyPHP Forum 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via the searchtext parameter to search.php, and unspecified other vectors. cpe:/a:white_dune:white_dune:0.29beta791 CVE-2008-0100 2008-01-07T21:46:00.000-05:00 2008-10-11T01:48:32.387-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-08T11:36:00.000-05:00 BID 27102 SECUNIA 28287 XF whitedune-sceneerrorf-bo(39385) BUGTRAQ 20080102 Buffer-overflow and format string in White_Dune 0.29beta791 CONFIRM http://vrml.cip.ica.uni-stuttgart.de/dune/news.html MISC http://aluigi.altervista.org/adv/whitedunboffs-adv.txt SREASON 3516 Stack-based buffer overflow in the Scene::errorf function in Scene.cpp in White_Dune 0.29 beta791 and earlier allows remote attackers to execute arbitrary code via a long string in a .WRL file. cpe:/a:white_dune:white_dune:0.29beta791 CVE-2008-0101 2008-01-07T21:46:00.000-05:00 2008-10-11T01:48:32.497-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-08T11:38:00.000-05:00 BID 27102 SECUNIA 28287 XF whitedune-swdegugf-format-string(39388) BUGTRAQ 20080102 Buffer-overflow and format string in White_Dune 0.29beta791 CONFIRM http://vrml.cip.ica.uni-stuttgart.de/dune/news.html MISC http://aluigi.altervista.org/adv/whitedunboffs-adv.txt SREASON 3516 Format string vulnerability in the swDebugf function in DuneApp.cpp in White_Dune 0.29 beta791 and earlier allows remote attackers to execute arbitrary code via format string specifiers in a .WRL file. cpe:/a:siteatschool:siteatschool:2.3.10 CVE-2008-0129 2008-01-08T06:46:00.000-05:00 2008-09-05T17:34:17.343-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-08T11:49:00.000-05:00 MILW0RM 4832 XF siteatschool-slideshowfull-sql-injection(39417) BID 27120 SQL injection vulnerability in starnet/addons/slideshow_full.php in Site@School 2.3.10 and earlier allows remote attackers to execute arbitrary SQL commands via the album_name parameter. cpe:/a:instantsoftwares:dating_site CVE-2008-0130 2008-01-08T06:46:00.000-05:00 2008-11-15T00:00:00.000-05:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-08T11:52:00.000-05:00 XF dating-site-login-sql-injection(39326) SECUNIA 28283 OSVDB 39766 SQL injection vulnerability in login_form.asp in Instant Softwares Dating Site allows remote attackers to execute arbitrary SQL commands via the Username parameter, a different vulnerability than CVE-2007-6671. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. cpe:/a:instantsoftwares:dating_site CVE-2008-0131 2008-01-08T06:46:00.000-05:00 2009-09-15T01:10:32.453-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-08T11:54:00.000-05:00 BID 27121 SECUNIA 28283 Cross-site scripting (XSS) vulnerability in login_form.asp in Instant Softwares Dating Site allows remote attackers to inject arbitrary web script or HTML via the msg parameter, a different product than CVE-2006-6022. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. cpe:/a:pragma_systems:fortressssh:5.0_build_4_r_293 CVE-2008-0132 2008-01-08T06:46:00.000-05:00 2008-09-05T17:34:17.780-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2008-01-08T11:58:00.000-05:00 XF fortressssh-sshd-dos(39354) MISC http://aluigi.org/poc/pragmassh.zip MISC http://aluigi.altervista.org/adv/pragmassh-adv.txt BID 27141 BUGTRAQ 20080104 Some DoS in some telnet servers Pragma FortressSSH 5.0 Build 4 Revision 293 and earlier handles long input to sshd.exe by creating an error-message window and waiting for the administrator to click in this window before terminating the sshd.exe process, which allows remote attackers to cause a denial of service (connection slot exhaustion) via a flood of SSH connections with long data objects, as demonstrated by (1) a long list of keys and (2) a long username. cpe:/a:thomas_perez:tribisur:2.1 CVE-2008-0133 2008-01-08T14:46:00.000-05:00 2008-09-05T17:34:17.937-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-08T15:04:00.000-05:00 BID 27149 MILW0RM 4840 SECUNIA 28362 XF tribisur-catmain-forum-sql-injection(39443) Multiple SQL injection vulnerabilities in Tribisur 2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to cat_main.php and the (2) cat parameter to forum.php in a liste action. cpe:/a:snitz_forums_2000:snitz_forums:3.4.06 CVE-2008-0134 2008-01-08T14:46:00.000-05:00 2009-09-11T01:17:36.280-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-08T15:07:00.000-05:00 BID 27162 BUGTRAQ 20080107 [HSC] Snitz Forums Multiple Vulnerabilities MISC http://www.packetstormsecurity.org/0801-exploits/snitz-multi.txt SECUNIA 28284 MISC http://hackerscenter.com/archive/view.asp?id=28145 Cross-site scripting (XSS) vulnerability in Forums/setup.asp in Snitz Forums 2000 3.4.06 and earlier allows remote attackers to inject arbitrary web script or HTML via the MAIL parameter. cpe:/a:snitz_forums_2000:snitz_forums:3.4.06 CVE-2008-0135 2008-01-08T14:46:00.000-05:00 2009-09-11T01:17:36.420-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2008-01-08T15:16:00.000-05:00 BUGTRAQ 20080107 RE: [HSC] Snitz Forums Multiple Vulnerabilities BUGTRAQ 20080107 [HSC] Snitz Forums Multiple Vulnerabilities MISC http://www.packetstormsecurity.org/0801-exploits/snitz-multi.txt MISC http://hackerscenter.com/archive/view.asp?id=28145 Snitz Forums 2000 3.4.06 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for forum/snitz_forums_2000.mdb. cpe:/a:snitz_forums_2000:snitz_forums:3.4.05 CVE-2008-0136 2008-01-08T14:46:00.000-05:00 2009-09-11T01:17:36.563-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2008-01-08T15:18:00.000-05:00 BUGTRAQ 20080107 RE: [HSC] Snitz Forums Multiple Vulnerabilities BUGTRAQ 20080107 [HSC] Snitz Forums Multiple Vulnerabilities MISC http://www.packetstormsecurity.org/0801-exploits/snitz-multi.txt MISC http://hackerscenter.com/archive/view.asp?id=28145 Snitz Forums 2000 3.4.05 allows remote attackers to obtain sensitive information via a direct request to forum/whereami.asp, which reveals the database path. cpe:/a:snetworks:php_classifieds:5.0 CVE-2008-0137 2008-01-08T14:46:00.000-05:00 2008-09-05T17:34:18.513-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-09T10:23:00.000-05:00 MILW0RM 4838 VUPEN ADV-2008-0053 XF snetworks-configinc-file-include(39468) PHP remote file inclusion vulnerability in config.inc.php in SNETWORKS PHP CLASSIFIEDS 5.0 allows remote attackers to execute arbitrary PHP code via a URL in the path_escape parameter. cpe:/a:xoops:xoopsgallery_module:1.3.3_9 CVE-2008-0138 2008-01-08T14:46:00.000-05:00 2008-09-05T17:34:18.670-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-09T10:30:00.000-05:00 XF xoops-modgallery-zendhashkey-file-include(39461) BID 27155 MILW0RM 4847 PHP remote file inclusion vulnerability in xoopsgallery/init_basic.php in the mod_gallery module for XOOPS, when register_globals is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the GALLERY_BASEDIR parameter. cpe:/a:loudblog:loudblog:0.8.0 CVE-2008-0139 2008-01-08T14:46:00.000-05:00 2008-09-05T17:34:18.810-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-09T10:35:00.000-05:00 BID 27157 SECUNIA 28336 MILW0RM 4849 XF loudblog-template-code-execution(39445) Eval injection vulnerability in loudblog/inc/parse_old.php in Loudblog 0.8.0 and earlier allows remote attackers to execute arbitrary PHP code via the template parameter. cpe:/a:uebimiau:webmail:2.7.10 cpe:/a:uebimiau:webmail:2.7.2 CVE-2008-0140 2008-01-08T14:46:00.000-05:00 2008-10-22T01:44:05.437-04:00 6.4 NETWORK LOW NONE PARTIAL PARTIAL NONE http://nvd.nist.gov 2008-01-09T10:38:00.000-05:00 XF uebimiau-webmail-error-directory-traversal(39460) BID 27154 MILW0RM 4846 VIM 20080107 Uebimiau Web-Mail 2.7.10/2.7.2 Remote File Disclosure Vulnerability Directory traversal vulnerability in error.php in Uebimiau Webmail 2.7.10 and 2.7.2 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the selected_theme parameter, a different vector than CVE-2007-3172. cpe:/a:webportal:webportal_cms:0.6_beta CVE-2008-0141 2008-01-08T14:46:00.000-05:00 2008-09-05T17:34:19.123-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-09T10:44:00.000-05:00 BID 27145 MILW0RM 4835 XF webportal-action-weak-security(39486) actions.php in WebPortal CMS 0.6-beta generates predictable passwords containing only the time of day, which makes it easier for remote attackers to obtain access to any account via a lostpass action. cpe:/a:webportal:webportal_cms:0.6_beta CVE-2008-0142 2008-01-08T14:46:00.000-05:00 2008-09-05T17:34:19.263-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-09T10:50:00.000-05:00 MILW0RM 4835 Multiple SQL injection vulnerabilities in WebPortal CMS 0.6-beta allow remote attackers to execute arbitrary SQL commands via the user_name parameter to actions.php, and unspecified other vectors. cpe:/a:spacial_audio_solutions:sam_broadcaster cpe:/a:spacial_audio_solutions:samphpweb CVE-2008-0143 2008-01-08T14:46:00.000-05:00 2008-09-05T17:34:19.420-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-09T10:56:00.000-05:00 XF samPHPweb-db-file-include(39397) CONFIRM http://www.spacialaudio.com/news/index.html BID 27137 MILW0RM 4834 SECUNIA 28355 PHP remote file inclusion vulnerability in common/db.php in samPHPweb, possibly 4.2.2 and others, as provided with SAM Broadcaster, allows remote attackers to execute arbitrary PHP code via a URL in the commonpath parameter. cpe:/a:phprisk:netrisk:1.9.7 CVE-2008-0144 2008-01-08T14:46:00.000-05:00 2009-09-15T01:10:34.750-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-09T11:05:00.000-05:00 XF netrisk-index-file-include(39419) BID 27136 MILW0RM 4833 SECUNIA 28328 BUGTRAQ 20080105 NetRisk 1.9.7 Remote File Inclusion Vulnerability PHP remote file inclusion vulnerability in index.php in NetRisk 1.9.7 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. NOTE: this can also be leveraged for local file inclusion using directory traversal sequences. cpe:/a:php:php:4.4.7 CVE-2008-0145 2008-01-08T14:46:00.000-05:00 2009-09-16T01:14:13.390-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-09T11:12:00.000-05:00 XF php-glob-openbasedir-security-bypass(39401) VUPEN ADV-2008-0059 CONFIRM http://www.php.net/releases/4_4_8.php CONFIRM http://www.php.net/ChangeLog-4.php SECUNIA 28318 CONFIRM http://bugs.php.net/bug.php?id=41655 SLACKWARE SSA:2008-045-03 SECUNIA 28936 Unspecified vulnerability in glob in PHP before 4.4.8, when open_basedir is enabled, has unknown impact and attack vectors. NOTE: this issue reportedly exists because of a regression related to CVE-2007-4663. cpe:/a:hughes_technologies:w3-msql CVE-2008-0146 2008-01-08T14:46:00.000-05:00 2009-09-15T01:10:34.953-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-09T11:15:00.000-05:00 BID 27116 BUGTRAQ 20080103 xss in w3-msql error page SECUNIA 28294 OSVDB 51235 SREASON 3521 Cross-site scripting (XSS) vulnerability in the error page in W3-mSQL allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the top-level URI. cpe:/a:openpegasus:management_server:2.6.1 CVE-2008-0003 2008-01-08T15:46:00.000-05:00 2009-02-21T00:00:00.000-05:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2008-01-09T13:14:00.000-05:00 ALLOWS_ADMIN_ACCESS BID 27188 REDHAT RHSA-2008:0002 VUPEN ADV-2008-0063 FEDORA FEDORA-2008-0572 FEDORA FEDORA-2008-0506 CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=426578 XF openpegasus-pambasic-bo(39527) CONFIRM http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4129 BID 27172 BUGTRAQ 20080416 VMSA-2008-0007 Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus VUPEN ADV-2008-1391 VUPEN ADV-2008-1234 VUPEN ADV-2008-0638 VIM 20080115 vuldb confusion between OpenPegasus issues SECTRACK 1019159 SECUNIA 29986 SECUNIA 29785 SECUNIA 29056 SECUNIA 28462 SECUNIA 28338 OSVDB 40082 MLIST [Security-announce] 20080415 VMSA-2008-0007 Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus HP SSRT080000 Stack-based buffer overflow in the PAMBasicAuthenticator::PAMCallback function in OpenPegasus CIM management server (tog-pegasus), when compiled to use PAM and without PEGASUS_USE_PAM_STANDALONE_PROC defined, might allow remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2007-5360. cpe:/a:smallnuke:smallnuke:2.0.4 CVE-2008-0147 2008-01-08T19:46:00.000-05:00 2008-09-05T17:34:20.013-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-09T13:47:00.000-05:00 BID 27180 MILW0RM 4863 SECUNIA 28301 XF smallnuke-index-sql-injection(39525) SQL injection vulnerability in index.php in SmallNuke 2.0.4 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via (1) the user_email parameter and possibly (2) username parameter in a Members action. cpe:/a:tutos:tutos:1.3 CVE-2008-0148 2008-01-08T19:46:00.000-05:00 2008-09-05T17:34:20.153-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2008-01-09T13:50:00.000-05:00 SECUNIA 28291 MILW0RM 4861 XF tutos-cmd-command-execution(39531) TUTOS 1.3 does not restrict access to php/admin/cmd.php, which allows remote attackers to execute arbitrary shell commands via the cmd parameter in a direct request. cpe:/a:tutos:tutos:1.3 CVE-2008-0149 2008-01-08T19:46:00.000-05:00 2008-09-05T17:34:20.310-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-09T13:53:00.000-05:00 SECUNIA 28291 MILW0RM 4861 TUTOS 1.3 allows remote attackers to read system information via a direct request to php/admin/phpinfo.php, which calls the phpinfo function. cpe:/a:aruba_networks:aruba_mobility_controllers:2.4.8.11-fips cpe:/a:aruba_networks:aruba_mobility_controllers:2.5.2.11 cpe:/a:aruba_networks:aruba_mobility_controllers:2.3.6.15 cpe:/a:aruba_networks:aruba_mobility_controllers:3.1.1.3 cpe:/a:aruba_networks:aruba_mobility_controllers:2.5.4.25 cpe:/a:aruba_networks:aruba_mobility_controllers:2.5.5.7 CVE-2008-0150 2008-01-08T19:46:00.000-05:00 2008-09-05T17:34:20.450-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-09T13:59:00.000-05:00 BID 27144 BUGTRAQ 20080104 Aruba Mobility Controller User Authentication Vulnerability - Aruba Advisory ID: AID-122207 CONFIRM http://www.arubanetworks.com/support/alerts/aid-122207.asc SECUNIA 28357 SREASON 3529 Unspecified vulnerability in the LDAP authentication feature in Aruba Mobility Controller 2.3.6.15, 2.5.2.11, 2.5.4.25, 2.5.5.7, 3.1.1.3, and 2.4.8.11-FIPS or earlier allows remote attackers to bypass authentication mechanisms and obtain management or VPN interface access. cpe:/a:foxitsoftware:wac_server:2.0 cpe:/a:foxitsoftware:wac_server:2.1.0.910 CVE-2008-0151 2008-01-08T19:46:00.000-05:00 2009-08-25T00:00:00.000-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2008-01-09T14:12:00.000-05:00 XF wacserver-option-dos(39427) BID 27142 BUGTRAQ 20080219 Two heap overflow in Foxit WAC Server 2.0 Build 3503 BUGTRAQ 20080104 Some DoS in some telnet servers SREASON 3525 SECUNIA 28272 MISC http://aluigi.altervista.org/adv/wachof-adv.txt MISC http://aluigi.altervista.org/adv/waccaz-adv.txt Heap-based buffer overflow in Foxit WAC Server 2.1.0.910, 2.0 Build 3503, and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a Telnet request with long options. cpe:/o:seattle_lab_software:slnet_rf_telnet_server:4.1.1.3758 CVE-2008-0152 2008-01-08T19:46:00.000-05:00 2008-09-05T17:34:20.763-04:00 4.3 NETWORK MEDIUM NONE NONE NONE PARTIAL http://nvd.nist.gov 2008-01-09T14:16:00.000-05:00 BID 27134 SECUNIA 28316 BUGTRAQ 20080104 Some DoS in some telnet servers MISC http://aluigi.altervista.org/adv/slnetmsg-adv.txt SLnet.exe in SeattleLab SLNet RF Telnet Server 4.1.1.3758 and earlier allows user-assisted remote attackers to cause a denial of service (crash) via unpsecified telnet options, which triggers a NULL pointer dereference. NOTE: the crash is not user-assisted when the server is running in debug mode. cpe:/a:pragma_systems:pragma_telnetserver:7.0.4.589 CVE-2008-0153 2008-01-08T19:46:00.000-05:00 2008-10-11T01:48:37.560-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2008-01-09T14:21:00.000-05:00 XF pragmatelnetserver-telnetd-dos(39353) BID 27143 BUGTRAQ 20080104 Some DoS in some telnet servers MISC http://aluigi.altervista.org/adv/pragmatel-adv.txt telnetd.exe in Pragma TelnetServer 7.0.4.589 allows remote attackers to cause a denial of service (process crash and resource exhaustion) via a crafted TELOPT PRAGMA LOGON telnet option, which triggers a NULL pointer dereference. cpe:/a:evilboard:evilboard:0.1a CVE-2008-0154 2008-01-08T19:46:00.000-05:00 2009-09-15T01:10:35.703-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-09T14:24:00.000-05:00 XF evilboard-index-sql-injection(39529) BID 27190 MILW0RM 4865 SQL injection vulnerability in index.php in EvilBoard 0.1a (Alpha) allows remote attackers to execute arbitrary SQL commands the c parameter. cpe:/a:evilboard:evilboard:0.1a CVE-2008-0155 2008-01-08T19:46:00.000-05:00 2009-09-15T01:10:35.920-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-09T14:25:00.000-05:00 BID 27190 MILW0RM 4865 XF evilboard-index-xss(39526) Cross-site scripting (XSS) vulnerability in index.php in EvilBoard 0.1a (Alpha) allows remote attackers to inject arbitrary web script or HTML via the c parameter. cpe:/a:million_dollar_script:million_dollar_script:2.0.14 CVE-2008-0156 2008-01-08T19:46:00.000-05:00 2008-09-05T17:34:21.343-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-09T14:28:00.000-05:00 XF milliondollarscript-index-dir-traversal(39492) BID 27174 BUGTRAQ 20080107 Million Dollar Script 2.0.14 Remote File Disclosure Vulnerability. SREASON 3524 Absolute path traversal vulnerability in index.php in Million Dollar Script 2.0.14 allows remote attackers to read arbitrary files via encoded "/" (%2F) sequences in the link parameter. cpe:/a:flexbb:flexbb:0.6.3 cpe:/a:flexbb:flexbb:1.0_10005_beta_release_1 CVE-2008-0157 2008-01-08T19:46:00.000-05:00 2008-09-05T17:34:21.483-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-09T14:31:00.000-05:00 XF flexbb-flexbbtempid-sql-injection(39475) BID 27164 MILW0RM 4858 SECUNIA 28373 SQL injection vulnerability in FlexBB 0.6.3 and earlier allows remote attackers to execute arbitrary SQL commands via the flexbb_temp_id parameter in a cookie. cpe:/a:shop-script:shop-script:2.0 CVE-2008-0158 2008-01-08T19:46:00.000-05:00 2008-09-05T17:34:21.640-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-09T14:35:00.000-05:00 XF shopscript-index-directory-traversal(39449) BID 27165 MISC http://packetstormsecurity.org/0801-exploits/shopscript-disclose.txt MILW0RM 4855 Directory traversal vulnerability in index.php in Shop-Script 2.0 and possibly other versions allows remote attackers to read arbitrary files via a .. (dot dot) in the aux_page parameter. cpe:/a:eggblog:eggblog:3.1.0 CVE-2008-0159 2008-01-08T19:46:00.000-05:00 2008-09-05T17:34:21.780-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-09T14:38:00.000-05:00 XF eggblog-eggblogmail-sql-injection(39473) BID 27168 MILW0RM 4860 SECUNIA 28371 SQL injection vulnerability in index.php in eggBlog 3.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the eggblogpassword parameter in a cookie. cpe:/a:prenotazioni_on_line:syshotel_on_line_system CVE-2008-0184 2008-01-09T17:46:00.000-05:00 2008-09-05T17:34:25.137-04:00 6.4 NETWORK LOW NONE PARTIAL PARTIAL NONE http://nvd.nist.gov 2008-01-10T10:50:00.000-05:00 BID 27184 BUGTRAQ 20080108 sysHotel On Line Remote File Disclosure Vulnerability. SREASON 3528 Absolute path traversal vulnerability in index.php in Sys-Hotel on Line System allows remote attackers to read arbitrary files via an encoded "/" ("%2F") in the file parameter. cpe:/a:netrisk:netrisk:1.9.7 CVE-2008-0185 2008-01-09T17:46:00.000-05:00 2009-09-11T01:17:43.547-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-10T10:53:00.000-05:00 BID 27161 MILW0RM 4852 MISC http://sourceforge.net/project/shownotes.php?release_id=551208&group_id=129681 SECUNIA 28328 BUGTRAQ 20080106 netrisk 1.9.7 Multiple Remote Vulnerabilities (sql injection/xss) SQL injection vulnerability in index.php in NetRisk 1.9.7 and possibly earlier versions allows remote attackers to execute arbitrary SQL commands via the pid parameter in a profile page (possibly profile.php). cpe:/a:phprisk:netrisk:1.9.7 CVE-2008-0186 2008-01-09T17:46:00.000-05:00 2009-09-11T01:17:43.670-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-10T10:53:00.000-05:00 BID 27161 MILW0RM 4852 BUGTRAQ 20080106 netrisk 1.9.7 Multiple Remote Vulnerabilities (sql injection/xss) SECUNIA 28369 Cross-site scripting (XSS) vulnerability in index.php in NetRisk 1.9.7 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the page parameter, possibly related to CVE-2008-0144. cpe:/a:spacial_audio_solutions:samphpweb:4.2.2 CVE-2008-0187 2008-01-09T17:46:00.000-05:00 2008-09-05T17:34:25.577-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-10T10:55:00.000-05:00 XF sambroadcaster-songinfo-sql-injection(39463) BID 27147 MILW0RM 4836 SQL injection vulnerability in songinfo.php in SAM Broadcaster samPHPweb, possibly 4.2.2 and earlier, allows remote attackers to execute arbitrary SQL commands via the songid parameter. cpe:/a:awesometemplateengine:awesometemplateengine:1 CVE-2008-0190 2008-01-09T19:46:00.000-05:00 2008-09-05T17:34:25.903-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-10T11:25:00.000-05:00 XF awesometemplateengine-multiple-xss(39396) BID 27125 BUGTRAQ 20080103 securityvulns.com russian vulnerabilities digest MISC http://websecurity.com.ua/1694/ MISC http://securityvulns.ru/Sdocument784.html FULLDISC 20080103 securityvulns.com russian vulnerabilities digest SREASON 3539 Multiple cross-site scripting (XSS) vulnerabilities in templates/example_template.php in AwesomeTemplateEngine allow remote attackers to inject arbitrary web script or HTML via the (1) data[title], (2) data[message], (3) data[table][1][item], (4) data[table][1][url], or (5) data[poweredby] parameter. cpe:/a:wordpress:wordpress:2.2 cpe:/a:wordpress:wordpress:2.3 CVE-2008-0191 2008-01-09T19:46:00.000-05:00 2008-09-05T17:34:26.060-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2008-01-10T11:27:00.000-05:00 XF wordpress-p-path-disclosure(39423) BUGTRAQ 20080103 securityvulns.com russian vulnerabilities digest MISC http://websecurity.com.ua/1634/ MISC http://securityvulns.ru/Sdocument663.html FULLDISC 20080103 securityvulns.com russian vulnerabilities digest SREASON 3539 WordPress 2.2.x and 2.3.x allows remote attackers to obtain sensitive information via an invalid p parameter in an rss2 action to the default URI, which reveals the full path and the SQL database structure. cpe:/a:wordpress:wordpress:2.0.9 CVE-2008-0192 2008-01-09T19:46:00.000-05:00 2008-09-05T17:34:26.200-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-10T11:32:00.000-05:00 XF wordpress-popuptitle-xss(39426) BID 27123 MISC http://websecurity.com.ua/1658/ MISC http://securityvulns.ru/Sdocument714.html FULLDISC 20080103 securityvulns.com russian vulnerabilities digest SREASON 3539 Multiple cross-site scripting (XSS) vulnerabilities in WordPress 2.0.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the popuptitle parameter to (1) wp-admin/post.php or (2) wp-admin/page-new.php. cpe:/a:wordpress:wordpress:2.1.3_rc1 cpe:/a:wordpress:wordpress:2.2.3 cpe:/a:wordpress:wordpress:2.2.2 cpe:/a:wordpress:wordpress:2.2.1 cpe:/a:wordpress:wordpress:2.2.0 cpe:/a:wordpress:wordpress:2.2_revision5003 cpe:/a:wordpress:wordpress:2.1.3 cpe:/a:wordpress:wordpress:2.1.2 cpe:/a:wordpress:wordpress:2.1.1 cpe:/a:wordpress:wordpress:2.1.3_rc2 cpe:/a:wordpress:wordpress:2.2_revision5002 cpe:/a:wordpress:wordpress:2.1 cpe:/a:wordpress:wordpress:2.2 cpe:/a:wordpress:wordpress:2.3 cpe:/a:wordpress:wordpress:2.0.11 CVE-2008-0193 2008-01-09T19:46:00.000-05:00 2008-09-05T17:34:26.357-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-10T11:35:00.000-05:00 BID 27123 BUGTRAQ 20080103 securityvulns.com russian vulnerabilities digest MISC http://websecurity.com.ua/1676/ MISC http://securityvulns.ru/Sdocument755.html FULLDISC 20080103 securityvulns.com russian vulnerabilities digest DEBIAN DSA-1502 SREASON 3539 SECUNIA 29014 Cross-site scripting (XSS) vulnerability in wp-db-backup.php in WordPress 2.0.11 and earlier, and possibly 2.1.x through 2.3.x, allows remote attackers to inject arbitrary web script or HTML via the backup parameter in a wp-db-backup.php action to wp-admin/edit.php. cpe:/a:wordpress:wordpress:2.0.3 CVE-2008-0194 2008-01-09T19:46:00.000-05:00 2008-09-05T17:34:26.530-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-10T11:39:00.000-05:00 ALLOWS_USER_ACCESS BUGTRAQ 20080103 securityvulns.com russian vulnerabilities digest MISC http://websecurity.com.ua/1676/ MISC http://securityvulns.ru/Sdocument755.html FULLDISC 20080103 securityvulns.com russian vulnerabilities digest DEBIAN DSA-1502 SREASON 3539 SECUNIA 29014 Directory traversal vulnerability in wp-db-backup.php in WordPress 2.0.3 and earlier allows remote attackers to read arbitrary files, delete arbitrary files, and cause a denial of service via a .. (dot dot) in the backup parameter in a wp-db-backup.php action to wp-admin/edit.php. NOTE: this might be the same as CVE-2006-5705.1. cpe:/a:wordpress:wordpress:2.0.11 CVE-2008-0195 2008-01-09T19:46:00.000-05:00 2008-09-05T17:34:26.687-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-10T11:43:00.000-05:00 BUGTRAQ 20080103 securityvulns.com russian vulnerabilities digest MISC http://websecurity.com.ua/1687/ MISC http://websecurity.com.ua/1686/ MISC http://websecurity.com.ua/1683/ MISC http://websecurity.com.ua/1679/ MISC http://securityvulns.ru/Sdocument773.html MISC http://securityvulns.ru/Sdocument772.html MISC http://securityvulns.ru/Sdocument768.html MISC http://securityvulns.ru/Sdocument762.html FULLDISC 20080103 securityvulns.com russian vulnerabilities digest SREASON 3539 WordPress 2.0.11 and earlier allows remote attackers to obtain sensitive information via an empty value of the page parameter to certain PHP scripts under wp-admin/, which reveals the path in various error messages. cpe:/a:wordpress:wordpress:2.0.11 CVE-2008-0196 2008-01-09T19:46:00.000-05:00 2008-09-05T17:34:26.827-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2008-01-10T11:45:00.000-05:00 BUGTRAQ 20080103 securityvulns.com russian vulnerabilities digest MISC http://websecurity.com.ua/1687/ MISC http://websecurity.com.ua/1686/ MISC http://websecurity.com.ua/1683/ MISC http://websecurity.com.ua/1679/ MISC http://securityvulns.ru/Sdocument773.html MISC http://securityvulns.ru/Sdocument772.html MISC http://securityvulns.ru/Sdocument768.html MISC http://securityvulns.ru/Sdocument762.html FULLDISC 20080103 securityvulns.com russian vulnerabilities digest SREASON 3539 Multiple directory traversal vulnerabilities in WordPress 2.0.11 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in (1) the page parameter to certain PHP scripts under wp-admin/ or (2) the import parameter to wp-admin/admin.php, as demonstrated by discovering the full path via a request for the \..\..\wp-config pathname; and allow remote attackers to modify arbitrary files via a .. (dot dot) in the file parameter to wp-admin/templates.php. cpe:/a:wordpress:wp-contactform:1.5_alpha CVE-2008-0197 2008-01-09T19:46:00.000-05:00 2008-09-05T17:34:26.967-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-10T11:45:00.000-05:00 BUGTRAQ 20080103 securityvulns.com russian vulnerabilities digest MISC http://websecurity.com.ua/1641/ MISC http://websecurity.com.ua/1600/ MISC http://securityvulns.ru/Sdocument667.html MISC http://securityvulns.ru/Sdocument546.html FULLDISC 20080103 securityvulns.com russian vulnerabilities digest SREASON 3539 Multiple cross-site scripting (XSS) vulnerabilities in wp-contact-form/options-contactform.php in the WP-ContactForm 1.5 alpha and earlier plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) wpcf_email, (2) wpcf_subject, (3) wpcf_question, (4) wpcf_answer, (5) wpcf_success_msg, (6) wpcf_error_msg, or (7) wpcf_msg parameter to wp-admin/admin.php, or (8) the SRC attribute of an IFRAME element. cpe:/a:wordpress:wordpress CVE-2008-0198 2008-01-09T19:46:00.000-05:00 2008-09-05T17:34:27.123-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-10T11:48:00.000-05:00 BUGTRAQ 20080103 securityvulns.com russian vulnerabilities digest MISC http://websecurity.com.ua/1641/ MISC http://websecurity.com.ua/1600/ MISC http://securityvulns.ru/Sdocument667.html MISC http://securityvulns.ru/Sdocument546.html FULLDISC 20080103 securityvulns.com russian vulnerabilities digest SREASON 3539 Multiple cross-site request forgery (CSRF) vulnerabilities in wp-contact-form/options-contactform.php in the WP-ContactForm 1.5 alpha and earlier plugin for WordPress allow remote attackers to perform actions as administrators via the (1) wpcf_question, (2) wpcf_success_msg, or (3) wpcf_error_msg parameter to wp-admin/admin.php. cpe:/a:pro_search:pro_search:0.16 CVE-2008-0199 2008-01-09T19:46:00.000-05:00 2008-09-05T17:34:27.263-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2008-01-10T11:57:00.000-05:00 BUGTRAQ 20080103 securityvulns.com russian vulnerabilities digest MISC http://websecurity.com.ua/1259/ MISC http://sourceforge.net/project/shownotes.php?release_id=563784&group_id=149797 MISC http://securityvulns.ru/Sdocument731.html FULLDISC 20080103 securityvulns.com russian vulnerabilities digest SREASON 3539 PRO-Search 0.17 and earlier allows remote attackers to cause a denial of service via certain values of the show_page and time parameters to the default URI. cpe:/a:medialand:rotabanner_local:3 CVE-2008-0200 2008-01-09T19:46:00.000-05:00 2009-09-11T01:17:44.813-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-10T12:54:00.000-05:00 BID 27138 BUGTRAQ 20080103 securityvulns.com russian vulnerabilities digest MISC http://websecurity.com.ua/1442/ MISC http://securityvulns.ru/Sdocument625.html FULLDISC 20080103 securityvulns.com russian vulnerabilities digest SREASON 3539 Multiple cross-site scripting (XSS) vulnerabilities in account/index.html in RotaBanner Local 3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) user or (2) drop parameter. cpe:/a:expressionengine:expressionengine:1.2.1 CVE-2008-0201 2008-01-09T19:46:00.000-05:00 2008-10-22T01:44:13.437-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-10T12:56:00.000-05:00 XF expressionengine-index-xss(39442) BID 27128 BUGTRAQ 20080103 securityvulns.com russian vulnerabilities digest MISC http://websecurity.com.ua/1454/ MISC http://securityvulns.ru/Sdocument472.html FULLDISC 20080103 securityvulns.com russian vulnerabilities digest SREASON 3539 Cross-site scripting (XSS) vulnerability in index.php in ExpressionEngine 1.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the URL parameter. cpe:/a:expressionengine:expressionengine:1.2.1 CVE-2008-0202 2008-01-09T19:46:00.000-05:00 2008-10-22T01:44:13.657-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-10T13:02:00.000-05:00 BID 27128 BUGTRAQ 20080103 securityvulns.com russian vulnerabilities digest MISC http://websecurity.com.ua/1454/ MISC http://securityvulns.ru/Sdocument472.html FULLDISC 20080103 securityvulns.com russian vulnerabilities digest SREASON 3539 CRLF injection vulnerability in index.php in ExpressionEngine 1.2.1 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the URL parameter. cpe:/a:wordpress:cryptographp:1.2 CVE-2008-0203 2008-01-09T19:46:00.000-05:00 2008-09-05T17:34:27.857-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-10T13:06:00.000-05:00 BUGTRAQ 20080103 securityvulns.com russian vulnerabilities digest MISC http://websecurity.com.ua/1596/ FULLDISC 20080103 securityvulns.com russian vulnerabilities digest SREASON 3539 Multiple cross-site scripting (XSS) vulnerabilities in cryptographp/admin.php in the Cryptographp 1.2 and earlier plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) cryptwidth, (2) cryptheight, (3) bgimg, (4) charR, (5) charG, (6) charB, (7) charclear, (8) tfont, (9) charel, (10) charelc, (11) charelv, (12) charnbmin, (13) charnbmax, (14) charspace, (15) charsizemin, (16) charsizemax, (17) charanglemax, (18) noisepxmin, (19) noisepxmax, (20) noiselinemin, (21) noiselinemax, (22) nbcirclemin, (23) nbcirclemax, or (24) brushsize parameter to wp-admin/options-general.php. cpe:/a:wordpress:math_comment_spam_protection_plugin:2.1 CVE-2008-0204 2008-01-09T19:46:00.000-05:00 2008-09-05T17:34:27.997-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-10T13:08:00.000-05:00 BUGTRAQ 20080103 securityvulns.com russian vulnerabilities digest MISC http://websecurity.com.ua/1576/ FULLDISC 20080103 securityvulns.com russian vulnerabilities digest SREASON 3539 Multiple cross-site scripting (XSS) vulnerabilities in math-comment-spam-protection.php in the Math Comment Spam Protection 2.1 and earlier plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) mcsp_opt_msg_no_answer or (2) mcsp_opt_msg_wrong_answer parameter to wp-admin/options-general.php. cpe:/a:wordpress:math_comment_spam_protection_plugin:2.1 CVE-2008-0205 2008-01-09T19:46:00.000-05:00 2008-09-05T17:34:28.153-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-10T13:09:00.000-05:00 BUGTRAQ 20080103 securityvulns.com russian vulnerabilities digest MISC http://websecurity.com.ua/1576/ FULLDISC 20080103 securityvulns.com russian vulnerabilities digest SREASON 3539 Multiple cross-site request forgery (CSRF) vulnerabilities in math-comment-spam-protection.php in the Math Comment Spam Protection 2.1 and earlier plugin for WordPress allow remote attackers to perform actions as administrators via the (1) mcsp_opt_msg_no_answer or (2) mcsp_opt_msg_wrong_answer parameter to wp-admin/options-general.php. cpe:/a:wordpress:captcha:2.5d CVE-2008-0206 2008-01-09T19:46:00.000-05:00 2008-09-05T17:34:28.297-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-10T13:10:00.000-05:00 BUGTRAQ 20080103 securityvulns.com russian vulnerabilities digest MISC http://websecurity.com.ua/1588/ FULLDISC 20080103 securityvulns.com russian vulnerabilities digest SREASON 3539 Multiple cross-site scripting (XSS) vulnerabilities in captcha\captcha.php in the Captcha! 2.5d and earlier plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) captcha_ttffolder, (2) captcha_numchars, (3) captcha_ttfrange, or (4) captcha_secret parameter. cpe:/a:pro_search:pro_search:0.17 CVE-2008-0207 2008-01-09T19:46:00.000-05:00 2008-09-05T17:34:28.450-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-10T13:11:00.000-05:00 BID 27126 BUGTRAQ 20080103 securityvulns.com russian vulnerabilities digest MISC http://websecurity.com.ua/1259/ MISC http://sourceforge.net/project/shownotes.php?release_id=563784&group_id=149797 MISC http://securityvulns.ru/Sdocument731.html SECUNIA 28335 FULLDISC 20080103 securityvulns.com russian vulnerabilities digest SREASON 3539 Multiple cross-site scripting (XSS) vulnerabilities in PRO-Search 0.17 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) prot, (2) host, (3) path, (4) name, (5) ext, (6) size, (7) search_days, or (8) show_page parameter to the default URI. cpe:/a:snitz_forums_2000:snitz_forums:3.4.05 CVE-2008-0208 2008-01-09T19:46:00.000-05:00 2009-09-11T01:17:45.593-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-10T13:12:00.000-05:00 BID 27162 BUGTRAQ 20080107 [HSC] Snitz Forums Multiple Vulnerabilities MISC http://www.packetstormsecurity.org/0801-exploits/snitz-multi.txt SECUNIA 28284 MISC http://hackerscenter.com/archive/view.asp?id=28145 Cross-site scripting (XSS) vulnerability in login.asp in Snitz Forums 2000 3.4.05 and earlier allows remote attackers to inject arbitrary web script or HTML via the target parameter. cpe:/a:snitz_forums_2000:snitz_forums:3.4.06 CVE-2008-0209 2008-01-09T19:46:00.000-05:00 2009-09-11T01:17:45.813-04:00 5.8 NETWORK MEDIUM NONE PARTIAL PARTIAL NONE http://nvd.nist.gov 2008-01-10T13:14:00.000-05:00 BUGTRAQ 20080107 [HSC] Snitz Forums Multiple Vulnerabilities MISC http://www.packetstormsecurity.org/0801-exploits/snitz-multi.txt MISC http://hackerscenter.com/archive/view.asp?id=28145 Open redirect vulnerability in Forums/login.asp in Snitz Forums 2000 3.4.06 and earlier allows remote attackers to redirect users to arbitrary web sites via a URL in the target parameter. cpe:/a:uebimiau:webmail:2.7.10 cpe:/a:uebimiau:webmail:2.7.2 CVE-2008-0210 2008-01-09T19:46:00.000-05:00 2008-09-05T17:34:28.903-04:00 6.4 NETWORK LOW NONE PARTIAL PARTIAL NONE http://nvd.nist.gov 2008-01-10T13:14:00.000-05:00 BID 27154 MILW0RM 4846 Uebimiau Webmail 2.7.10 and 2.7.2 does not protect authentication state variables from being set through HTTP requests, which allows remote attackers to bypass authentication via a sess[auth]=1 parameter settting. NOTE: this can be leveraged to conduct directory traversal attacks without authentication by using CVE-2008-0140. cpe:/a:mcafee:e-business_server:8.5.2 CVE-2008-0127 2008-01-09T19:46:00.000-05:00 2008-09-05T17:34:17.060-04:00 8.8 NETWORK MEDIUM NONE NONE COMPLETE COMPLETE http://nvd.nist.gov 2008-01-10T11:17:00.000-05:00 BID 27197 BUGTRAQ 20080109 [INFIGO-2008-01-06]: McAfee E-Business Server Remote Preauth Code Execution / DoS - Corrected BUGTRAQ 20080109 [INFIGO 2008-01-06]: McAfee E-Business Server Remote Preauth Code Execution / DoS CONFIRM https://knowledge.mcafee.com/SupportSite/dynamickc.do?externalId=614472&sliceId=SAL_Public&command=show&forward=nonthreadedKC&kcId=614472 XF mcafee-ebusiness-packet-code-execution(39563) XF mcafee-ebusiness-authentication-packet-dos(39561) MILW0RM 4878 VUPEN ADV-2008-0087 SECTRACK 1019170 SREASON 3530 SECUNIA 28408 The administration interface in McAfee E-Business Server 8.5.2 and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a long initial authentication packet. cpe:/a:merak:icewarp_mail_server CVE-2008-0218 2008-01-10T18:46:00.000-05:00 2008-09-05T17:34:30.217-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-11T09:42:00.000-05:00 XF icewarpmailserver-index-xss(39564) MISC http://www.securityfocus.com/data/vulnerabilities/exploits/27189.html BID 27189 VUPEN ADV-2008-0135 SECUNIA 28460 Cross-site scripting (XSS) vulnerability in admin/index.html in Merak IceWarp Mail Server allows remote attackers to inject arbitrary web script or HTML via the message parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. cpe:/a:php_webquest:php_webquest:2.6 CVE-2008-0219 2008-01-10T18:46:00.000-05:00 2008-10-11T01:48:43.637-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-11T09:47:00.000-05:00 XF webquest-soportehorizontalw-sql-injection(39560) BID 27192 MILW0RM 4867 SECUNIA 26821 SQL injection vulnerability in soporte_horizontal_w.php in PHP Webquest 2.6 allows remote attackers to execute arbitrary SQL commands via the id_actividad parameter, a different vector than CVE-2007-4920. cpe:/a:gateway:cweblaunchctl_activex_control:1.0.0.1 cpe:/a:gateway:weblaunch CVE-2008-0220 2008-01-10T18:46:00.000-05:00 2009-09-15T01:10:42.640-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-11T10:01:00.000-05:00 CERT-VN VU#735441 BID 27193 MILW0RM 4982 MILW0RM 4869 VUPEN ADV-2008-0077 SECUNIA 28379 FULLDISC 20080109 Gateway WebLaunch ActiveX Control Insecure Method Multiple stack-based buffer overflows in the WebLaunch.WeblaunchCtl.1 (aka CWebLaunchCtl) ActiveX control in weblaunch.ocx 1.0.0.1 in Gateway Weblaunch allow remote attackers to execute arbitrary code via a long string in the (1) second or (2) fourth argument to the DoWebLaunch method. NOTE: some of these details are obtained from third party information. cpe:/a:gateway:weblaunch:1.0.0.1 CVE-2008-0221 2008-01-10T18:46:00.000-05:00 2008-09-05T17:34:30.670-04:00 9.3 NETWORK MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2008-01-11T10:04:00.000-05:00 ALLOWS_ADMIN_ACCESS MILW0RM 4869 VUPEN ADV-2008-0077 SECUNIA 28379 FULLDISC 20080109 Gateway WebLaunch ActiveX Control Insecure Method Directory traversal vulnerability in the WebLaunch.WeblaunchCtl.1 (aka CWebLaunchCtl) ActiveX control in weblaunch.ocx 1.0.0.1 in Gateway Weblaunch allows remote attackers to execute arbitrary programs via a ..\ (dot dot backslash) in the second argument to the DoWebLaunch method. NOTE: some of these details are obtained from third party information. cpe:/a:wordpress:filemanager:1.2 CVE-2008-0222 2008-01-10T18:46:00.000-05:00 2008-09-05T17:34:30.810-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-11T10:05:00.000-05:00 XF wordpress-wpfilemanager-file-upload(39462) BID 27151 MILW0RM 4844 Unrestricted file upload vulnerability in ajaxfilemanager.php in the Wp-FileManager 1.2 plugin for WordPress allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors. cpe:/a:justsystem:ichitaro:linux cpe:/a:justsystem:ichitaro:12.0 cpe:/a:justsystem:ichitaro_viewer cpe:/a:justsystem:ichitaro:11.0 cpe:/a:justsystem:ichitaro_lite2 cpe:/a:justsystem:ichitaro:2007 cpe:/a:justsystem:ichitaro:2006 cpe:/a:justsystem:ichitaro:2005 cpe:/a:justsystem:ichitaro:2004 cpe:/a:justsystem:ichitaro:13.0 CVE-2008-0223 2008-01-10T18:46:00.000-05:00 2008-09-05T17:34:30.967-04:00 9.3 NETWORK MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2008-01-11T10:08:00.000-05:00 ALLOWS_ADMIN_ACCESS XF justsystems-jsfc-bo(39501) SECTRACK 1019168 BID 27153 CONFIRM http://www.justsystems.com/jp/info/pd8001.html VUPEN ADV-2008-0045 MISC http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20080107 SECUNIA 28275 JVN JVN#08237857 Buffer overflow in JustSystems JSFC.DLL, as used in multiple JustSystems products such as Ichitaro, allows remote attackers to execute arbitrary code via a crafted .JTD file. cpe:/a:runcms:runcms:1.6 cpe:/a:runcms:runcms:1.6.1 cpe:/a:runcms:runcms:1.5.3 CVE-2008-0224 2008-01-10T18:46:00.000-05:00 2008-09-05T17:34:31.137-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-11T10:09:00.000-05:00 XF runcms-newbb-client-sql-injection(39478) BID 27152 SECUNIA 28340 MILW0RM 4845 SQL injection vulnerability in index.php in the Newbb_plus 0.92 and earlier module in RunCMS 1.6.1 allows remote attackers to execute arbitrary SQL commands via the Client-Ip parameter. cpe:/a:xine:xine-lib:1.1.9 CVE-2008-0225 2008-01-10T18:46:00.000-05:00 2008-09-10T21:04:50.210-04:00 6.4 NETWORK LOW NONE PARTIAL PARTIAL NONE http://nvd.nist.gov 2008-01-11T10:11:00.000-05:00 FEDORA FEDORA-2008-0718 CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=428620 UBUNTU USN-635-1 BID 27198 VUPEN ADV-2008-0163 CONFIRM http://sourceforge.net/project/shownotes.php?release_id=567872 SECUNIA 31393 SECUNIA 28489 SECUNIA 28384 MISC http://aluigi.altervista.org/adv/xinermffhof-adv.txt SUSE SUSE-SR:2008:002 MANDRIVA MDVSA-2008:045 MANDRIVA MDVSA-2008:020 DEBIAN DSA-1472 GENTOO GLSA-200801-12 SECUNIA 28955 SECUNIA 28674 SECUNIA 28636 SECUNIA 28507 CONFIRM http://bugs.gentoo.org/show_bug.cgi?id=205197 Heap-based buffer overflow in the rmff_dump_cont function in input/libreal/rmff.c in xine-lib 1.1.9 and earlier allows remote attackers to execute arbitrary code via the SDP Abstract attribute in an RTSP session, related to the rmff_dump_header function and related to disregarding the max field. NOTE: some of these details are obtained from third party information. cpe:/a:yassl:yassl:1.7.5 cpe:/a:mysql:mysql CVE-2008-0226 2008-01-10T18:46:00.000-05:00 2008-10-23T01:56:25.440-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-11T10:12:00.000-05:00 XF yassl-inputbufferoperator-bo(39431) XF yassl-processoldclienthello-bo(39429) BID 31681 BID 27140 BUGTRAQ 20080104 Pre-auth buffer-overflow in mySQL through yaSSL BUGTRAQ 20080104 Multiple vulnerabilities in yaSSL 1.7.5 MANDRIVA MDVSA-2008:150 VUPEN ADV-2008-2780 CONFIRM http://support.apple.com/kb/HT3216 SECUNIA 32222 SECUNIA 28324 APPLE APPLE-SA-2008-10-09 UBUNTU USN-588-1 VUPEN ADV-2008-0560 DEBIAN DSA-1478 SREASON 3531 SECUNIA 29443 SECUNIA 28597 SECUNIA 28419 CONFIRM http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html CONFIRM http://bugs.mysql.com/33814 Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in handshake.cpp or (2) "input_buffer& operator>>" in yassl_imp.cpp. cpe:/a:yassl:yassl:1.7.5 CVE-2008-0227 2008-01-10T18:46:00.000-05:00 2008-10-23T01:56:25.910-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-11T10:13:00.000-05:00 ALLOWS_USER_ACCESS XF yassl-hashwithtransformupdate-dos(39433) BID 31681 BID 27140 BUGTRAQ 20080104 Multiple vulnerabilities in yaSSL 1.7.5 MANDRIVA MDVSA-2008:150 VUPEN ADV-2008-2780 CONFIRM http://support.apple.com/kb/HT3216 SECUNIA 32222 SECUNIA 28324 APPLE APPLE-SA-2008-10-09 UBUNTU USN-588-1 VUPEN ADV-2008-0560 DEBIAN DSA-1478 SREASON 3531 SECUNIA 29443 SECUNIA 28597 CONFIRM http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html CONFIRM http://bugs.mysql.com/33814 yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allows remote attackers to cause a denial of service (crash) via a Hello packet containing a large size value, which triggers a buffer over-read in the HASHwithTransform::Update function in hash.cpp. cpe:/h:linksys:wrt54gl:4.30.9 CVE-2008-0228 2008-01-10T18:46:00.000-05:00 2008-09-05T17:34:31.733-04:00 9.3 NETWORK MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2008-01-11T10:18:00.000-05:00 ALLOWS_ADMIN_ACCESS XF linksys-apply-csrf(39502) BUGTRAQ 20080107 Linksys WRT54 GL - Session riding (CSRF) SECUNIA 28364 BUGTRAQ 20080115 Re: Linksys WRT54 GL - Session riding (CSRF) SREASON 3534 Cross-site request forgery (CSRF) vulnerability in apply.cgi in the Linksys WRT54GL Wireless-G Broadband Router with firmware 4.30.9 allows remote attackers to perform actions as administrators. cpe:/a:level_one:wbr-3460a:1.0.11 cpe:/a:level_one:wbr-3460a:1.0.12 CVE-2008-0229 2008-01-10T18:46:00.000-05:00 2008-09-05T17:34:31.873-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2008-01-11T10:16:00.000-05:00 SECTRACK 1019162 BID 27183 BUGTRAQ 20080108 Level-One WBR-3460A Grants Root Access SREASON 3533 SECUNIA 28397 The telnet service in LevelOne WBR-3460 4-Port ADSL 2/2+ Wireless Modem Router with firmware 1.00.11 and 1.00.12 does not require authentication, which allows remote attackers on the local or wireless network to obtain administrative access. cpe:/a:osdate:osdate:2.0.8 CVE-2008-0230 2008-01-10T19:46:00.000-05:00 2008-09-05T17:34:32.030-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-11T10:19:00.000-05:00 XF osdate-php121db-file-include(39567) BID 27208 MISC http://packetstormsecurity.org/0801-exploits/osdata-lfi.txt MILW0RM 4870 SECUNIA 28420 PHP remote file inclusion vulnerability in php121db.php in osDate 2.0.8 and possibly earlier versions allows remote attackers to execute arbitrary PHP code via a URL in the php121dir parameter. cpe:/a:tuned_studios:subwoofer cpe:/a:tuned_studios:endless cpe:/a:tuned_studios:orange_cutout cpe:/a:tuned_studios:lonely_maple cpe:/a:tuned_studios:freeze_theme cpe:/a:tuned_studios:classic_theme cpe:/a:tuned_studios:music_theme CVE-2008-0231 2008-01-10T19:46:00.000-05:00 2008-09-05T17:34:32.187-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-11T10:20:00.000-05:00 ALLOWS_USER_ACCESS XF tunedstudiostemplates-index-file-include(39555) BID 27196 BUGTRAQ 20080109 LFI in Tuned Studios Templates MILW0RM 4876 SREASON 3532 Multiple directory traversal vulnerabilities in index.php in Tuned Studios (1) Subwoofer, (2) Freeze Theme, (3) Orange Cutout, (4) Lonely Maple, (5) Endless, (6) Classic Theme, and (7) Music Theme webpage templates allow remote attackers to include and execute arbitrary files via ".." sequences in the page parameter. NOTE: this can be leveraged for remote file inclusion when running in some PHP 5 environments. cpe:/a:zero_cms:zero_cms:1.0_alpha CVE-2008-0232 2008-01-10T19:46:00.000-05:00 2008-09-05T17:34:32.340-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-11T10:23:00.000-05:00 XF zerocms-index-sql-injection(39530) BID 27186 MISC http://packetstormsecurity.org/0801-exploits/zerocms-sql.txt MILW0RM 4864 Multiple SQL injection vulnerabilities in Zero CMS 1.0 Alpha allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to index.php, or the (2) f or t parameters to forums/index.php. cpe:/a:zero_cms:zero_cms:1.0_alpha CVE-2008-0233 2008-01-10T21:46:00.000-05:00 2008-09-05T17:34:32.497-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-11T10:27:00.000-05:00 MISC http://packetstormsecurity.org/0801-exploits/zerocms-sql.txt MILW0RM 4864 Unrestricted file upload vulnerability in Zero CMS 1.0 Alpha and earlier allows remote attackers to bypass intended access restrictions and upload and execute arbitrary files by uploading an avatar file with an accepted Content-Type such as image/jpeg. cpe:/a:apple:quicktime:7.3.1.70 cpe:/a:apple:quicktime:7.4 CVE-2008-0234 2008-01-10T21:46:00.000-05:00 2009-02-26T00:00:00.000-05:00 9.3 NETWORK MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2008-01-11T10:31:00.000-05:00 CERT-VN VU#112179 VUPEN ADV-2008-2064 VUPEN ADV-2008-0107 APPLE APPLE-SA-2008-07-10 XF quicktime-rtsp-responses-bo(39601) SECTRACK 1019178 BID 27225 BUGTRAQ 20080112 Re: Buffer-overflow in Quicktime Player 7.3.1.70 BUGTRAQ 20080112 Re: Re: Buffer-overflow in Quicktime Player 7.3.1.70 BUGTRAQ 20080114 Re: [Full-disclosure] Buffer-overflow in Quicktime Player 7.3.1.70 BUGTRAQ 20080111 Re: Buffer-overflow in Quicktime Player 7.3.1.70 BUGTRAQ 20080111 Re: Re: Buffer-overflow in Quicktime Player 7.3.1.70 BUGTRAQ 20080110 Re: Buffer-overflow in Quicktime Player 7.3.1.70 BUGTRAQ 20080110 Buffer-overflow in Quicktime Player 7.3.1.70 MILW0RM 4906 MILW0RM 4885 SREASON 3537 SECUNIA 31034 SECUNIA 28423 APPLE APPLE-SA-2008-02-06 Buffer overflow in Apple Quicktime Player 7.3.1.70 and other versions before 7.4.1, when RTSP tunneling is enabled, allows remote attackers to execute arbitrary code via a long Reason-Phrase response to an rtsp:// request, as demonstrated using a 404 error message. cpe:/a:microsoft:vfp_ole_server_activex_control CVE-2008-0235 2008-01-10T21:46:00.000-05:00 2008-09-05T17:34:32.793-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2008-01-11T10:37:00.000-05:00 XF microsoft-vfpoleserver-command-execution(39559) BID 27199 MISC http://shinnai.altervista.org/exploits/txt/TXT_rNowA1916DKFNUF48NyS.html MILW0RM 4875 SECUNIA 28417 The Microsoft VFP_OLE_Server ActiveX control allows remote attackers to execute arbitrary code by invoking the foxcommand method. cpe:/a:microsoft:visual_foxpro:6.0 CVE-2008-0236 2008-01-10T21:46:00.000-05:00 2008-09-05T17:34:32.937-04:00 5.8 NETWORK MEDIUM NONE PARTIAL PARTIAL NONE http://nvd.nist.gov 2008-01-11T10:35:00.000-05:00 XF microsoft-foxserver-command-execution(39558) BID 27205 MISC http://shinnai.altervista.org/exploits/txt/TXT_DiWu9j82RCq4zpaQAoxn.html MILW0RM 4873 SECUNIA 28417 An ActiveX control for Microsoft Visual FoxPro (vfp6r.dll 6.0.8862.0) allows remote attackers to execute arbitrary commands by invoking the DoCmd method. cpe:/a:microsoft:rich_textbox_control:6.0 CVE-2008-0237 2008-01-10T21:46:00.000-05:00 2008-09-05T17:34:33.090-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-11T10:37:00.000-05:00 ALLOWS_USER_ACCESS XF microsoft-richtextbox-file-overwrite(39557) BID 27201 MISC http://shinnai.altervista.org/exploits/txt/TXT_DZVN8CwCha0I2fI3NeEs.html MILW0RM 4874 The Microsoft Rich Textbox ActiveX Control (RICHTX32.OCX) 6.1.97.82 allows remote attackers to execute arbitrary commands by invoking the insecure SaveFile method. cpe:/a:xine:xine-lib:1.1.9 CVE-2008-0238 2008-01-11T16:46:00.000-05:00 2008-09-10T21:04:51.210-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-14T08:29:00.000-05:00 UBUNTU USN-635-1 SECUNIA 31393 SECUNIA 28384 MANDRIVA MDVSA-2008:045 MANDRIVA MDVSA-2008:020 GENTOO GLSA-200801-12 SECUNIA 28955 SECUNIA 28674 CONFIRM http://bugs.gentoo.org/show_bug.cgi?id=205197 Multiple heap-based buffer overflows in the rmff_dump_cont function in input/libreal/rmff.c in xine-lib 1.1.9 allow remote attackers to execute arbitrary code via the SDP (1) Title, (2) Author, or (3) Copyright attribute, related to the rmff_dump_header function, different vectors than CVE-2008-0225. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. cpe:/a:sun:java_system_identity_manager:6.0:sp1 cpe:/a:sun:java_system_identity_manager:6.0:sp2 cpe:/a:sun:java_system_identity_manager:6.0:sp3 cpe:/a:sun:java_system_identity_manager:7.0 cpe:/a:sun:java_system_identity_manager:7.1 CVE-2008-0239 2008-01-11T17:46:00.000-05:00 2008-11-19T01:43:07.297-05:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-14T08:34:00.000-05:00 BUGTRAQ 20080110 PR07-06, PR07-07, PR07-08, PR07-09, PR07-10, PR07-12: Several XSS, Cross-domain Redirection and Frame Injection on Sun Java System Identity Manager MISC http://www.procheckup.com/Vulnerability_PR07-08.php MISC http://www.procheckup.com/Vulnerability_PR07-07.php MISC http://www.procheckup.com/Vulnerability_PR07-06.php XF sun-identity-main-xss(39583) XF sun-identity-resultsform-xss(39582) XF sun-identity-lang-xss(39581) XF sun-identity-login-xss(39580) BID 27214 MISC http://www.procheckup.com/Vulnerability_PR07-09.php VUPEN ADV-2008-0089 SUNALERT 103180 SECUNIA 28356 SECTRACK 1019175 SUNALERT 200558 SREASON 3535 Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allow remote attackers to inject arbitrary HTML or web script via the (1) cntry or lang parameters to /idm/login.jsp, (2) resultsForm parameter to /idm/account/findForSelect.jsp, or (3) activeControl parameter to /idm/user/main.jsp. cpe:/a:sun:java_system_identity_manager:6.0:sp1 cpe:/a:sun:java_system_identity_manager:6.0:sp2 cpe:/a:sun:java_system_identity_manager:6.0:sp3 cpe:/a:sun:java_system_identity_manager:7.0 cpe:/a:sun:java_system_identity_manager:7.1 CVE-2008-0240 2008-01-11T17:46:00.000-05:00 2008-09-05T17:34:33.590-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-14T08:38:00.000-05:00 MISC http://www.procheckup.com/Vulnerability_PR07-10.php XF sun-identity-index-frame-injection(39586) BID 27214 BUGTRAQ 20080110 PR07-06, PR07-07, PR07-08, PR07-09, PR07-10, PR07-12: Several XSS, Cross-domain Redirection and Frame Injection on Sun Java System Identity Manager VUPEN ADV-2008-0089 SUNALERT 103180 SECUNIA 28356 SUNALERT 200558 SREASON 3535 /idm/help/index.jsp in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allows remote attackers to inject frames from arbitrary web sites and conduct phishing attacks via the helpUrl parameter, aka "frame injection." cpe:/a:sun:java_system_identity_manager:6.0:sp1 cpe:/a:sun:java_system_identity_manager:6.0:sp2 cpe:/a:sun:java_system_identity_manager:6.0:sp3 cpe:/a:sun:java_system_identity_manager:7.0 cpe:/a:sun:java_system_identity_manager:7.1 CVE-2008-0241 2008-01-11T17:46:00.000-05:00 2009-02-04T00:00:00.000-05:00 5.8 NETWORK MEDIUM NONE NONE PARTIAL PARTIAL http://nvd.nist.gov 2008-01-14T08:39:00.000-05:00 MISC http://www.procheckup.com/Vulnerability_PR07-12.php SUNALERT 200558 SUNALERT 103180 XF sun-identity-login-security-bypass(39590) BID 27214 BUGTRAQ 20080110 PR07-06, PR07-07, PR07-08, PR07-09, PR07-10, PR07-12: Several XSS, Cross-domain Redirection and Frame Injection on Sun Java System Identity Manager VUPEN ADV-2008-0089 SREASON 3535 SECUNIA 28356 Open redirect vulnerability in /idm/user/login.jsp in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the nextPage parameter. cpe:/a:apache:http_server:1.3 cpe:/a:apache:http_server:2.0 CVE-2008-0005 2008-01-11T19:46:00.000-05:00 2009-10-31T01:54:30.797-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-14T09:37:00.000-05:00 FEDORA FEDORA-2008-1695 FEDORA FEDORA-2008-1711 XF apache-modproxyftp-utf7-xss(39615) UBUNTU USN-575-1 SECTRACK 1019185 BID 27234 BUGTRAQ 20090821 VMSA-2009-0010 VMware Hosted products update libpng and Apache HTTP Server BUGTRAQ 20080110 SecurityReason - Apache (mod_proxy_ftp) Undefined Charset UTF-7 XSS Vulnerability REDHAT RHSA-2008:0009 REDHAT RHSA-2008:0008 REDHAT RHSA-2008:0007 REDHAT RHSA-2008:0006 REDHAT RHSA-2008:0005 REDHAT RHSA-2008:0004 MANDRIVA MDVSA-2008:016 MANDRIVA MDVSA-2008:015 MANDRIVA MDVSA-2008:014 VUPEN ADV-2008-1875 VUPEN ADV-2008-0924 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2008-032.htm SREASON 3526 SREASONRES 20080110 Apache (mod_proxy_ftp) Undefined Charset UTF-7 XSS Vulnerability GENTOO GLSA-200803-19 SECUNIA 35650 SECUNIA 30732 SECUNIA 29640 SECUNIA 29420 SECUNIA 29348 SECUNIA 28977 SECUNIA 28749 SECUNIA 28607 SECUNIA 28526 SECUNIA 28471 SECUNIA 28467 HP SSRT090192 HP SSRT090192 HP SSRT090085 HP SSRT090085 MLIST [security-announce] 20090820 VMSA-2009-0010 VMware Hosted products update libpng and Apache HTTP Server SUSE SUSE-SA:2008:021 APPLE APPLE-SA-2008-03-18 CONFIRM http://docs.info.apple.com/article.html?artnum=307562 mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting (XSS) attacks using UTF-7 encoding. cpe:/a:moodle:moodle:1.8.3 CVE-2008-0123 2008-01-11T20:46:00.000-05:00 2008-09-05T17:34:16.547-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-14T09:41:00.000-05:00 MISC http://int21.de/cve/CVE-2008-0123-moodle.html FULLDISC 20080111 Cross site scripting (XSS) in Moodle 1.8.3 XF moodle-install-xss(39630) BID 27259 BUGTRAQ 20080111 Cross site scripting (XSS) in Moodle 1.8.3 VUPEN ADV-2008-0164 SECUNIA 28838 SUSE SUSE-SR:2008:003 Cross-site scripting (XSS) vulnerability in install.php for Moodle 1.8.3, and possibly other versions before 1.8.4, allows remote attackers to inject arbitrary web script or HTML via the dbname parameter. NOTE: this issue only exists until the installation is complete. cpe:/o:sun:solaris:10.0::x86 cpe:/o:sun:solaris:10.0::sparc CVE-2008-0242 2008-01-11T21:46:00.000-05:00 2008-09-05T17:34:33.903-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2008-01-14T10:06:00.000-05:00 ALLOWS_ADMIN_ACCESS SUNALERT 103165 XF solaris-libdevinfo-privilege-escalation(39629) SECTRACK 1019187 BID 27253 VUPEN ADV-2008-0131 SUNALERT 200641 SECUNIA 28493 Unspecified vulnerability in libdevinfo in Sun Solaris 10 allows local users to access files and gain privileges via unknown vectors, related to login device permissions. cpe:/a:ibm:lotus_domino:7.0.2 cpe:/a:ibm:lotus_domino:7.0.1 cpe:/a:ibm:lotus_domino:7.0.2::fp1 cpe:/a:ibm:lotus_domino:7.0.2::fp2 cpe:/a:ibm:lotus_domino:7.0 CVE-2008-0243 2008-01-11T21:46:00.000-05:00 2008-09-05T17:34:34.077-04:00 7.8 NETWORK LOW NONE NONE NONE COMPLETE http://nvd.nist.gov 2008-01-14T10:16:00.000-05:00 XF lotus-domino-unspecified-dos(39588) BID 27215 VUPEN ADV-2008-0086 CONFIRM http://www-1.ibm.com/support/docview.wss?uid=swg27011539 SECUNIA 28411 Unspecified vulnerability in Lotus Domino 7.0.2 before Fix Pack 3 allows attackers to cause a denial of service via unknown vectors. cpe:/a:sap:maxdb:7.6.3_build_007 CVE-2008-0244 2008-01-11T21:46:00.000-05:00 2008-09-05T17:34:34.233-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2008-01-14T10:16:00.000-05:00 XF maxdb-system-command-execution(39573) SECTRACK 1019171 BID 27206 BUGTRAQ 20080109 Pre-auth remote commands execution in SAP MaxDB 7.6.03.07 MILW0RM 4877 VUPEN ADV-2008-0104 SECUNIA 28409 MISC http://aluigi.altervista.org/adv/sapone-adv.txt SREASON 3536 SAP MaxDB 7.6.03 build 007 and earlier allows remote attackers to execute arbitrary commands via "&&" and other shell metacharacters in exec_sdbinfo and other unspecified commands, which are executed when MaxDB invokes cons.exe. cpe:/a:uploadscript:uploadimage:1.0 cpe:/a:uploadscript:uploadscript:1.0 CVE-2008-0245 2008-01-11T21:46:00.000-05:00 2008-09-05T17:34:34.387-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-14T10:21:00.000-05:00 XF uploadimage-admin-command-execution(39571) BID 27203 MILW0RM 4871 admin.php in UploadImage 1.0 does not check for the original password before making a change to a new password, which allows remote attackers to gain administrator privileges via the pass parameter in a nopass (Set Password) action. cpe:/a:uploadscript:uploadimage:1.0 cpe:/a:uploadscript:uploadscript:1.0 CVE-2008-0246 2008-01-11T21:46:00.000-05:00 2008-09-05T17:34:34.530-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2008-01-14T10:34:00.000-05:00 ALLOWS_ADMIN_ACCESS XF uploadscript-admin-command-execution(39570) BID 27203 MILW0RM 4871 admin.php in UploadScript 1.0 does not check for the original password before making a change to a new password, which allows remote attackers to gain administrator privileges via the pass parameter in a nopass (Set Password) action. cpe:/a:ibm:tivoli_storage_manager_express:5.3 CVE-2008-0247 2008-01-11T21:46:00.000-05:00 2008-09-05T17:34:34.687-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2008-01-14T10:26:00.000-05:00 ALLOWS_ADMIN_ACCESS BID 27235 CONFIRM http://www-1.ibm.com/support/docview.wss?uid=swg21291536 SECUNIA 28440 XF ibm-tsmexpressserver-bo(39604) MISC http://www.zerodayinitiative.com/advisories/ZDI-08-001.html SECTRACK 1019182 BUGTRAQ 20080114 ZDI-08-001: IBM Tivoli Storage Manager Express Backup Server Heap Overflow Vulnerability VUPEN ADV-2008-0106 Heap-based buffer overflow in the Express Backup Server service (dsmsvc.exe) in IBM Tivoli Storage Manager (TSM) Express 5.3 before 5.3.7.3 allows remote attackers to execute arbitrary code via a packet with a large length value. cpe:/a:streamaudio:chaincast_proxymanager_activex_control CVE-2008-0248 2008-01-11T21:46:00.000-05:00 2008-09-05T17:34:34.840-04:00 9.3 NETWORK MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2008-01-14T10:32:00.000-05:00 XF streamaudio-chaincastproxymanager-bo(39622) BID 27247 MILW0RM 4894 FULLDISC 20080111 StreamAudio ChainCast ProxyManager ccpm_0237.dll Buffer Overflow VUPEN ADV-2008-0133 SECUNIA 28461 Buffer overflow in an ActiveX control in ccpm_0237.dll for StreamAudio ChainCast ProxyManager allows remote attackers to execute arbitrary code via a long URL argument to the InternalTuneIn method. cpe:/a:phpwebquest:phpwebquest:2.6 CVE-2008-0249 2008-01-11T21:46:00.000-05:00 2008-09-05T17:34:34.983-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2008-01-14T10:39:00.000-05:00 XF phpwebquest-backup-information-disclosure(39572) BID 27202 MILW0RM 4872 PHP Webquest 2.6 allows remote attackers to retrieve database credentials via a direct request to admin/backup_phpwebquest.php, which leaks the credentials in an error message if a call to /usr/bin/mysqldump fails. NOTE: this might only be an issue in limited environments. cpe:/a:microsoft:visual_interdev:6.0:sp6 CVE-2008-0250 2008-01-11T21:46:00.000-05:00 2008-09-05T17:34:35.137-04:00 9.3 NETWORK MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2008-01-14T10:41:00.000-05:00 BID 27250 MILW0RM 4892 MISC http://shinnai.altervista.org/exploits/txt/TXT_PoEOrFM8py30PXrDF7IY.html XF visualinterdev-sln-project-bo(41826) SECUNIA 28482 Buffer overflow in Microsoft Visual InterDev 6.0 (SP6) allows user-assisted attackers to execute arbitrary code via a Studio Solution (.SLN) file with a long Project line. cpe:/a:photopost:photopost_vbgallery:2.4.1 CVE-2008-0251 2008-01-11T21:46:00.000-05:00 2008-09-05T17:34:35.277-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2008-01-14T10:44:00.000-05:00 XF vbgallery-unspecified-code-execution(39621) CONFIRM http://www.photopost.com/forum/showthread.php?t=134910 CONFIRM http://www.photopost.com/forum/showthread.php?t=134909 SECUNIA 28430 Unrestricted file upload vulnerability in PhotoPost vBGallery before 2.4.2 allows remote attackers to upload and execute arbitrary files via unknown vectors. cpe:/a:cherrypy:cherrypy:3.0.2 cpe:/a:cherrypy:cherrypy:2.1.0 CVE-2008-0252 2008-01-11T21:46:00.000-05:00 2008-10-17T01:28:08.177-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-14T10:48:00.000-05:00 VUPEN ADV-2008-0039 CONFIRM http://www.cherrypy.org/changeset/1775 CONFIRM http://www.cherrypy.org/changeset/1774 FEDORA FEDORA-2008-0333 FEDORA FEDORA-2008-0299 CONFIRM https://bugs.gentoo.org/show_bug.cgi?id=204829 CONFIRM http://www.cherrypy.org/ticket/744 CONFIRM http://www.cherrypy.org/changeset/1776 SECUNIA 28354 SECUNIA 28353 CONFIRM https://issues.rpath.com/browse/RPL-2127 BID 27181 BUGTRAQ 20080124 rPSA-2008-0030-1 CherryPy DEBIAN DSA-1481 GENTOO GLSA-200801-11 SECUNIA 28769 SECUNIA 28620 SECUNIA 28611 Directory traversal vulnerability in the _get_file_path function in (1) lib/sessions.py in CherryPy 3.0.x up to 3.0.2, (2) filter/sessionfilter.py in CherryPy 2.1, and (3) filter/sessionfilter.py in CherryPy 2.x allows remote attackers to create or delete arbitrary files, and possibly read and write portions of arbitrary files, via a crafted session id in a cookie. cpe:/a:binn:sbuilder CVE-2008-0253 2008-01-15T15:00:00.000-05:00 2008-09-05T17:34:35.577-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-15T15:29:00.000-05:00 BID 27264 MILW0RM 4904 XF binnsbuilder-fulltext-sql-injection(39634) BUGTRAQ 20080114 Binn SBuilder (nid) Remote Blind Sql Injection Vulnerabily SQL injection vulnerability in full_text.php in Binn SBuilder allows remote attackers to execute arbitrary SQL commands via the nid parameter. cpe:/a:wavelink_media:tutorialcms:1.02 CVE-2008-0254 2008-01-15T15:00:00.000-05:00 2008-09-05T17:34:35.733-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-15T15:31:00.000-05:00 BID 27263 MILW0RM 4901 SECUNIA 28446 XF tutorialcms-activate-sql-injection(39642) SQL injection vulnerability in activate.php in TutorialCMS (aka Photoshop Tutorials) 1.02, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the userName parameter. cpe:/a:igamingcms:igaming_cms:1.5 cpe:/a:igamingcms:igaming_cms:1.3.1 CVE-2008-0255 2008-01-15T15:00:00.000-05:00 2008-09-05T17:34:35.887-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-15T15:34:00.000-05:00 XF igamingcms-archive-sql-injection(39598) BID 27230 MILW0RM 4886 SECUNIA 28426 SQL injection vulnerability in archive.php in iGaming 1.5, and 1.3.1 and earlier, allows remote attackers to execute arbitrary SQL commands via the section parameter. cpe:/a:matteo_binda:asp_photo_gallery:1.0 CVE-2008-0256 2008-01-15T15:00:00.000-05:00 2008-09-05T17:34:36.027-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-15T15:37:00.000-05:00 BID 27262 MILW0RM 4900 SECUNIA 28447 XF aspphotogallery-multiple-sql-injection(39646) Multiple SQL injection vulnerabilities in Matteo Binda ASP Photo Gallery 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) Imgbig.asp, (b) thumb.asp, and (c) thumbricerca.asp and the (2) ricerca parameter to (d) thumbricerca.asp. cpe:/a:dansie:search_engine:2.7 CVE-2008-0257 2008-01-15T15:00:00.000-05:00 2008-09-05T17:34:36.187-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-15T15:39:00.000-05:00 SECUNIA 28465 XF dansiesearchengine-search-xss(39636) BID 27269 Cross-site scripting (XSS) vulnerability in search.pl in Dansie Search Engine 2.7 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. cpe:/a:php_running_management:phprunman:1.0.2 CVE-2008-0258 2008-01-15T15:00:00.000-05:00 2008-09-05T17:34:36.340-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-15T15:42:00.000-05:00 BID 27268 CONFIRM http://sourceforge.net/project/shownotes.php?release_id=568237&group_id=103505 SECUNIA 28474 CONFIRM http://sourceforge.net/tracker/index.php?func=detail&aid=1204199&group_id=103505&atid=634992 XF phprunningmanagement-index-xss(39639) Cross-site scripting (XSS) vulnerability in index.php in PHP Running Management (phpRunMan) before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the message parameter. cpe:/a:minimal_design:minimal_gallery:0.8 CVE-2008-0259 2008-01-15T15:00:00.000-05:00 2008-09-05T17:34:36.483-04:00 6.4 NETWORK LOW NONE PARTIAL PARTIAL NONE http://nvd.nist.gov 2008-01-15T15:45:00.000-05:00 BID 27265 MILW0RM 4902 SECUNIA 28391 XF minimalgallery-mgthumbs-file-include(39649) Multiple directory traversal vulnerabilities in _mg/php/mg_thumbs.php in minimal Gallery 0.8 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) thumbcat and (2) thumb parameters. cpe:/a:minimal_design:minimal_gallery:0.8 CVE-2008-0260 2008-01-15T15:00:00.000-05:00 2008-09-05T17:34:36.623-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-15T15:47:00.000-05:00 MILW0RM 4902 SECUNIA 28391 minimal Gallery 0.8 allows remote attackers to obtain configuration information via a direct request to php_info.php, which calls the phpinfo function. cpe:/a:mambo:mambo_open_source CVE-2008-0261 2008-01-15T15:00:00.000-05:00 2008-09-05T17:34:36.777-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2008-01-15T16:02:00.000-05:00 BID 27239 SECUNIA 28392 CONFIRM http://forum.mambo-foundation.org/showthread.php?t=9651 XF mambo-search-dos(39613) Unspecified vulnerability in the search component and module in Mambo 4.5.x and 4.6.x allows remote attackers to cause a denial of service (query flood) via unspecified vectors. cpe:/a:agares_media:phpautovideo:2.21 CVE-2008-0262 2008-01-15T15:00:00.000-05:00 2008-09-05T17:34:36.920-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-15T16:07:00.000-05:00 XF agares-articleblock-sql-injection(39641) BID 27258 MILW0RM 4905 MILW0RM 4898 SQL injection vulnerability in includes/articleblock.php in Agares PhpAutoVideo 2.21 allows remote attackers to execute arbitrary SQL commands via the articlecat parameter. cpe:/a:ingate:ingate_siparator:4.6 cpe:/a:ingate:firewall:4.6 CVE-2008-0263 2008-01-15T15:00:00.000-05:00 2008-11-15T02:07:02.157-05:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2008-01-15T16:16:00.000-05:00 SECTRACK 1019177 SECTRACK 1019176 BID 27222 CONFIRM http://www.ingate.com/relnote-461.php VUPEN ADV-2008-0108 SECUNIA 28394 OSVDB 40365 The SIP module in Ingate Firewall before 4.6.1 and SIParator before 4.6.1 does not reuse SIP media ports in unspecified call hold and send-only stream scenarios, which allows remote attackers to cause a denial of service (port exhaustion) via unspecified vectors. cpe:/a:drupal:meta_tags_module:5.x-1.6 CVE-2008-0264 2008-01-15T15:00:00.000-05:00 2008-09-05T17:34:37.217-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-15T16:28:00.000-05:00 CONFIRM http://drupal.org/node/209759 VUPEN ADV-2008-0129 SECUNIA 28478 XF drupal-metatags-code-execution(39638) Unspecified vulnerability in the Meta Tags (aka Nodewords) 5.x-1.6 module for Drupal, when images are permitted in node bodies, allows remote authenticated users to execute arbitrary code via unspecified vectors involving creation of a node. cpe:/a:f5:big-ip:9.4.3 CVE-2008-0265 2008-01-15T15:00:00.000-05:00 2008-09-05T17:34:37.373-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-15T16:35:00.000-05:00 XF f5bigip-searchstring-xss(39632) SECTRACK 1019190 BID 27272 BUGTRAQ 20080114 F5 BIG-IP Web Management List Search XSS VUPEN ADV-2008-0181 SECUNIA 28505 SREASON 3545 Multiple cross-site scripting (XSS) vulnerabilities in the Search function in the web management interface in F5 BIG-IP 9.4.3 allow remote attackers to inject arbitrary web script or HTML via the SearchString parameter to (1) list_system.jsp, (2) list_pktfilter.jsp, (3) list_ltm.jsp, (4) resources_audit.jsp, and (5) list_asm.jsp in tmui/Control/jspmap/tmui/system/log/; and (6) list.jsp in certain directories. cpe:/a:eticket:eticket:1.5.5.2 CVE-2008-0266 2008-01-15T15:00:00.000-05:00 2008-09-05T17:34:37.527-04:00 2.6 NETWORK HIGH NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-16T08:38:00.000-05:00 XF eticket-admin-csrf(39490) BID 27173 BUGTRAQ 20080106 eTicket 1.5.5.2 Multiple Vulnerabilities SECUNIA 28331 SREASON 3542 Cross-site request forgery (CSRF) vulnerability in admin.php in eTicket 1.5.5.2 allows remote attackers to change the administrative password and possibly perform other administrative tasks. NOTE: either the old password must be known, or the attacker must leverage a separate SQL injection vulnerability. cpe:/a:eticket:eticket:1.5.5.2 CVE-2008-0267 2008-01-15T15:00:00.000-05:00 2009-09-15T01:10:47.187-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-16T08:40:00.000-05:00 XF eticket-search-sql-injection(39489) XF eticket-admin-sql-injection(39487) BID 27173 BUGTRAQ 20080106 eTicket 1.5.5.2 Multiple Vulnerabilities SECUNIA 28331 SREASON 3542 Multiple SQL injection vulnerabilities in eTicket 1.5.5.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) status, (2) sort, and (3) way parameters to search.php; and allow remote authenticated administrators to execute arbitrary SQL commands via the (4) msg and (5) password parameters to admin.php. cpe:/a:eticket:eticket:1.5.5.2 CVE-2008-0268 2008-01-15T15:00:00.000-05:00 2008-09-05T17:34:37.827-04:00 5.8 NETWORK MEDIUM NONE NONE PARTIAL PARTIAL http://nvd.nist.gov 2008-01-16T08:40:00.000-05:00 XF eticket-view-xss(39488) BID 27173 BUGTRAQ 20080106 eTicket 1.5.5.2 Multiple Vulnerabilities SECUNIA 28331 SREASON 3542 Cross-site scripting (XSS) vulnerability in view.php in eTicket 1.5.5.2 allows remote attackers to inject arbitrary web script or HTML via the s parameter. cpe:/o:sun:solaris:10 CVE-2008-0269 2008-01-15T15:00:00.000-05:00 2008-09-05T17:34:37.967-04:00 4.9 LOCAL LOW NONE NONE NONE COMPLETE http://nvd.nist.gov 2008-01-16T08:44:00.000-05:00 SUNALERT 103188 XF solaris-dotoprocs-dos(39631) SECTRACK 1019186 BID 27260 VUPEN ADV-2008-0130 SUNALERT 201513 SECUNIA 28491 Unspecified vulnerability in the dotoprocs function in Sun Solaris 10 allows local users to cause a denial of service (panic) via unspecified vectors. cpe:/a:taskfreak:taskfreak:0.6.1 CVE-2008-0270 2008-01-15T15:00:00.000-05:00 2008-09-05T17:34:38.123-04:00 6.0 NETWORK MEDIUM SINGLE_INSTANCE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-16T08:46:00.000-05:00 MILW0RM 4899 XF taskfreak-index-sql-injection(39645) BID 27257 SECUNIA 28448 SQL injection vulnerability in index.php in TaskFreak! 0.6.1 and earlier allows remote authenticated users to execute arbitrary SQL commands via the sContext parameter. cpe:/a:drupal:bueditor:5.x-1.0 cpe:/a:drupal:bueditor:4.7.x-1.0 CVE-2008-0271 2008-01-15T15:00:00.000-05:00 2008-09-05T17:34:38.263-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-16T10:45:00.000-05:00 SECUNIA 28418 CONFIRM http://drupal.org/node/208534 XF drupal-bueditor-csrf(39614) VUPEN ADV-2008-0128 The editor deletion form in BUEditor 4.7.x before 4.7.x-1.0 and 5.x before 5.x-1.1, a module for Drupal, does not follow Drupal's Forms API submission model, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and delete custom editor interfaces. cpe:/a:drupal:drupal:4.7.2 cpe:/a:drupal:drupal:4.6.7 cpe:/a:drupal:drupal:4.6 cpe:/a:drupal:drupal:4.7.1 cpe:/a:drupal:drupal:4.7 cpe:/a:drupal:drupal:4.6.6 cpe:/a:drupal:drupal:4.4 cpe:/a:drupal:drupal:4.6.5 cpe:/a:drupal:drupal:4.5 cpe:/a:drupal:drupal:4.6.4 cpe:/a:drupal:drupal:4.6.9 cpe:/a:drupal:drupal:4.6.8 cpe:/a:drupal:drupal:4.7_rev_1.2 cpe:/a:drupal:drupal:4.7.9 cpe:/a:drupal:drupal:4.7.8 cpe:/a:drupal:drupal:4.7.7 cpe:/a:drupal:drupal:4.7.6 cpe:/a:drupal:drupal:4.6.3 cpe:/a:drupal:drupal:4.7.5 cpe:/a:drupal:drupal:4.1.0 cpe:/a:drupal:drupal:4.6.2 cpe:/a:drupal:drupal:4.7.4 cpe:/a:drupal:drupal:4.6.1 cpe:/a:drupal:drupal:5.5. cpe:/a:drupal:drupal:4.7.3 cpe:/a:drupal:drupal:4.7_rev_1.15 cpe:/a:drupal:drupal:4.2.0_rc cpe:/a:drupal:drupal:5.2 cpe:/a:drupal:drupal:5.1 cpe:/a:drupal:drupal:5.0 cpe:/a:drupal:drupal:4.0.0 cpe:/a:drupal:drupal:4.4.1 cpe:/a:drupal:drupal:4.4.3 cpe:/a:drupal:drupal:4.5.6 cpe:/a:drupal:drupal:4.5.5 cpe:/a:drupal:drupal:4.4.2 cpe:/a:drupal:drupal:5.3 cpe:/a:drupal:drupal:4.5.8 cpe:/a:drupal:drupal:4.6.11 cpe:/a:drupal:drupal:5.4 cpe:/a:drupal:drupal:4.5.7 cpe:/a:drupal:drupal:4.5.2 cpe:/a:drupal:drupal:4.5.1 cpe:/a:drupal:drupal:4.6.10 cpe:/a:drupal:drupal:5.1_rev1.1 cpe:/a:drupal:drupal:4.5.4 cpe:/a:drupal:drupal:4.5.3 cpe:/a:drupal:drupal:4.7.10 CVE-2008-0272 2008-01-15T15:00:00.000-05:00 2009-09-15T01:10:47.670-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-16T10:35:00.000-05:00 BID 27238 XF drupal-aggregator-csrf(39617) VUPEN ADV-2008-0134 CONFIRM http://www.vbdrupal.org/forum/showthread.php?t=1349 CONFIRM http://www.vbdrupal.org/forum/showthread.php?p=6878 SECUNIA 28486 SECUNIA 28422 CONFIRM http://drupal.org/node/208562 VUPEN ADV-2008-0127 Cross-site request forgery (CSRF) vulnerability in the aggregator module in Drupal 4.7.x before 4.7.11 and 5.x before 5.6 allows remote attackers to delete items from a feed as privileged users. cpe:/a:drupal:drupal:4.7.2 cpe:/a:drupal:drupal:4.6.7 cpe:/a:drupal:drupal:4.6 cpe:/a:drupal:drupal:4.7.1 cpe:/a:drupal:drupal:4.7 cpe:/a:drupal:drupal:4.6.6 cpe:/a:drupal:drupal:4.4 cpe:/a:drupal:drupal:4.6.5 cpe:/a:drupal:drupal:4.5 cpe:/a:drupal:drupal:4.6.4 cpe:/a:drupal:drupal:4.6.9 cpe:/a:drupal:drupal:4.6.8 cpe:/a:drupal:drupal:4.7_rev_1.2 cpe:/a:drupal:drupal:4.7.9 cpe:/a:drupal:drupal:4.7.8 cpe:/a:drupal:drupal:4.7.7 cpe:/a:drupal:drupal:4.7.6 cpe:/a:drupal:drupal:4.6.3 cpe:/a:drupal:drupal:4.7.5 cpe:/a:drupal:drupal:4.1.0 cpe:/a:drupal:drupal:4.6.2 cpe:/a:drupal:drupal:4.7.4 cpe:/a:drupal:drupal:4.6.1 cpe:/a:drupal:drupal:5.5. cpe:/a:drupal:drupal:4.7.3 cpe:/a:drupal:drupal:4.7_rev_1.15 cpe:/a:drupal:drupal:4.2.0_rc cpe:/a:drupal:drupal:5.2 cpe:/a:drupal:drupal:5.1 cpe:/a:drupal:drupal:5.0 cpe:/a:drupal:drupal:4.0.0 cpe:/a:drupal:drupal:4.4.1 cpe:/a:drupal:drupal:4.4.3 cpe:/a:drupal:drupal:4.5.6 cpe:/a:drupal:drupal:4.5.5 cpe:/a:drupal:drupal:4.4.2 cpe:/a:drupal:drupal:5.3 cpe:/a:drupal:drupal:4.5.8 cpe:/a:drupal:drupal:4.6.11 cpe:/a:drupal:drupal:5.4 cpe:/a:drupal:drupal:4.5.7 cpe:/a:drupal:drupal:4.5.2 cpe:/a:drupal:drupal:4.5.1 cpe:/a:drupal:drupal:4.6.10 cpe:/a:drupal:drupal:5.1_rev1.1 cpe:/a:drupal:drupal:4.5.4 cpe:/a:drupal:drupal:4.5.3 cpe:/a:drupal:drupal:4.7.10 CVE-2008-0273 2008-01-15T15:00:00.000-05:00 2009-09-15T01:10:47.797-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-16T10:55:00.000-05:00 BID 27238 SECUNIA 28422 XF drupal-utf8-xss(39619) VUPEN ADV-2008-0134 CONFIRM http://www.vbdrupal.org/forum/showthread.php?t=1349 CONFIRM http://www.vbdrupal.org/forum/showthread.php?p=6878 SECUNIA 28486 CONFIRM http://drupal.org/node/208564 VUPEN ADV-2008-0127 Interpretation conflict in Drupal 4.7.x before 4.7.11 and 5.x before 5.6, when Internet Explorer 6 is used, allows remote attackers to conduct cross-site scripting (XSS) attacks via invalid UTF-8 byte sequences, which are not processed as UTF-8 by Drupal's HTML filtering, but are processed as UTF-8 by Internet Explorer, effectively removing characters from the document and defeating the HTML protection mechanism. cpe:/a:drupal:drupal:4.7 cpe:/a:drupal:drupal:5.0 CVE-2008-0274 2008-01-15T15:00:00.000-05:00 2009-09-15T01:10:47.937-04:00 2.6 NETWORK HIGH NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-16T11:02:00.000-05:00 BID 27238 SECUNIA 28422 XF drupal-theme-xss(39605) VUPEN ADV-2008-0134 CONFIRM http://www.vbdrupal.org/forum/showthread.php?t=1349 CONFIRM http://www.vbdrupal.org/forum/showthread.php?p=6878 SECUNIA 28486 CONFIRM http://drupal.org/node/208565 VUPEN ADV-2008-0127 Cross-site scripting (XSS) vulnerability in Drupal 4.7.x and 5.x, when certain .htaccess protections are disabled, allows remote attackers to inject arbitrary web script or HTML via crafted links involving theme .tpl.php files. cpe:/a:drupal:atom_module:5.0 cpe:/a:drupal:atom_module:4.7 CVE-2008-0275 2008-01-15T15:00:00.000-05:00 2008-09-05T17:34:39.107-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2008-01-16T11:00:00.000-05:00 XF drupal-atom-security-bypass(39607) CONFIRM http://drupal.org/node/208527 The Atom 4.7 before 4.7.x-1.0 and 5.x before 5.x-1.0 module for Drupal does not properly manage permissions for node (1) titles, (2) teasers, and (3) bodies, which might allow remote attackers to gain access to syndicated content. cpe:/a:drupal:drupal:4.7.2 cpe:/a:drupal:drupal:4.6.7 cpe:/a:drupal:drupal:4.6 cpe:/a:drupal:drupal:4.7.1 cpe:/a:drupal:drupal:4.7 cpe:/a:drupal:drupal:4.6.6 cpe:/a:drupal:drupal:4.4 cpe:/a:drupal:drupal:4.6.5 cpe:/a:drupal:drupal:4.5 cpe:/a:drupal:drupal:4.6.4 cpe:/a:drupal:drupal:4.6.9 cpe:/a:drupal:drupal:4.6.8 cpe:/a:drupal:drupal:4.7_rev_1.2 cpe:/a:drupal:drupal:4.7.9 cpe:/a:drupal:drupal:4.7.8 cpe:/a:drupal:drupal:4.7.7 cpe:/a:drupal:drupal:4.7.6 cpe:/a:drupal:drupal:4.6.3 cpe:/a:drupal:drupal:4.7.5 cpe:/a:drupal:drupal:4.1.0 cpe:/a:drupal:drupal:4.6.2 cpe:/a:drupal:drupal:4.7.4 cpe:/a:drupal:drupal:4.6.1 cpe:/a:drupal:drupal:5.5. cpe:/a:drupal:drupal:4.7.3 cpe:/a:drupal:drupal:4.7_rev_1.15 cpe:/a:drupal:drupal:4.2.0_rc cpe:/a:drupal:drupal:5.2 cpe:/a:drupal:drupal:5.1 cpe:/a:drupal:drupal:5.0 cpe:/a:drupal:drupal:4.0.0 cpe:/a:drupal:drupal:4.4.1 cpe:/a:drupal:drupal:4.4.3 cpe:/a:drupal:drupal:4.5.6 cpe:/a:drupal:drupal:4.5.5 cpe:/a:drupal:drupal:4.4.2 cpe:/a:drupal:drupal:5.3 cpe:/a:drupal:drupal:4.5.8 cpe:/a:drupal:drupal:4.6.11 cpe:/a:drupal:drupal:5.4 cpe:/a:drupal:drupal:4.5.7 cpe:/a:drupal:drupal:4.5.2 cpe:/a:drupal:drupal:4.5.1 cpe:/a:drupal:drupal:4.6.10 cpe:/a:drupal:drupal:5.1_rev1.1 cpe:/a:drupal:drupal:4.5.4 cpe:/a:drupal:drupal:4.5.3 cpe:/a:drupal:drupal:4.7.10 CVE-2008-0276 2008-01-15T15:00:00.000-05:00 2008-09-05T17:34:39.277-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-16T11:04:00.000-05:00 XF drupal-devel-variable-xss(39606) CONFIRM http://drupal.org/node/208524 Cross-site scripting (XSS) vulnerability in the Devel module before 5.x-0.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via a site variable, related to lack of escaping of the variable table. cpe:/a:drupal:fileshare_module:4.7.x cpe:/a:drupal:fileshare_module:5.x CVE-2008-0277 2008-01-15T15:00:00.000-05:00 2008-09-05T17:34:39.543-04:00 8.5 NETWORK MEDIUM SINGLE_INSTANCE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2008-01-16T11:06:00.000-05:00 ALLOWS_ADMIN_ACCESS XF drupal-fileshare-code-execution(39609) CONFIRM http://drupal.org/node/208537 Unspecified vulnerability in the Fileshare module for Drupal allows remote authenticated users with node-creation privileges to execute arbitrary code via unspecified vectors. cpe:/a:x7_group:x7_chat:2.0.5 CVE-2008-0278 2008-01-15T15:00:00.000-05:00 2008-09-05T17:34:39.700-04:00 6.0 NETWORK MEDIUM SINGLE_INSTANCE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-16T11:07:00.000-05:00 ALLOWS_USER_ACCESS XF x7chatday-sql-injection(39656) BID 27277 MILW0RM 4907 SECUNIA 28503 SQL injection vulnerability in index.php in X7 Chat 2.0.5 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the day parameter in a sm_window action. cpe:/a:xforum:xforum:1.4 CVE-2008-0279 2008-01-15T15:00:00.000-05:00 2008-09-05T17:34:39.840-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-16T11:10:00.000-05:00 ALLOWS_USER_ACCESS XF xforum-liretopic-sql-injection(39654) BID 27278 MILW0RM 4908 SQL injection vulnerability in liretopic.php in Xforum 1.4 and possibly others allows remote attackers to execute arbitrary SQL commands via the topic parameter. NOTE: the categorie parameter might also be affected. cpe:/a:gforge:gforge:4.6.99 CVE-2008-0173 2008-01-15T15:00:00.000-05:00 2008-09-05T17:34:23.640-04:00 7.5