U.S. Flag Official website of the Department of Homeland Security

Note: This page is part of the us-cert.gov archive.This document is part of the US-CERT website archive. These documents are no longer updated and may contain outdated information. Links may also no longer function. Please contact info@us-cert.gov if you have any questions about the US-CERT website archive.

TLP:WHITE

Bulletin (SB08-182)

Vulnerability Summary for the Week of June 23, 2008

Original release date: June 30, 2008

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.

The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0

  • Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9

  • Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9

Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.

">

High Vulnerabilities
Primary
Vendor -- Product
Description
Discovered
Published
CVSS ScoreSource & Patch Info
Adobe -- Acrobat 3D
Adobe -- Acrobat Reader
Unspecified vulnerability in Adobe Reader and Acrobat 7.0.9 and earlier, and 8.0 through 8.1.2, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors, related to an "input validation issue in a JavaScript method."
unknown
2008-06-25
10.0CVE-2008-2641
OTHER-REF
AJ Square -- aj_auctionSQL injection vulnerability in category.php in AJSquare AJ Auction Pro web 2.0 allows remote attackers to execute arbitrary SQL commands via the cate_id parameter.
unknown
2008-06-25
7.5CVE-2008-2860
MILW0RM
BID
ajhyip -- aj_square_aj-hyipSQL injection vulnerability in news.php in AJ Square aj-hyip (aka AJ HYIP Acme) allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-2532.
unknown
2008-06-27
7.5CVE-2008-2893
MILW0RM
BID
aprox -- aproxengineDirectory traversal vulnerability in index.php in AproxEngine 5.1.0.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
unknown
2008-06-27
7.5CVE-2008-2895
MILW0RM
BID
Aspindir -- shibby_shopSQL injection vulnerability in default.asp in sHibby sHop 2.2 and earlier allows remote attackers to execute arbitrary SQL commands via the sayfa parameter.
unknown
2008-06-26
7.5CVE-2008-2872
MILW0RM
BID
XF
Aspindir -- shibby_shopupgrade.asp in sHibby sHop 2.2 and earlier does not require administrative authentication, which allows remote attackers to update a file or have unspecified other impact via a direct request.
unknown
2008-06-26
7.5CVE-2008-2882
MILW0RM
XF
boatscripts -- boatscripts_classifiedsSQL injection vulnerability in index.php in BoatScripts Classifieds allows remote attackers to execute arbitrary SQL commands via the type parameter.
unknown
2008-06-25
7.5CVE-2008-2846
MILW0RM
BID
XF
carscripts -- carscripts_classifiedsSQL injection vulnerability in index.php in Carscripts Classifieds allows remote attackers to execute arbitrary SQL commands via the cat parameter.
unknown
2008-06-25
7.5CVE-2008-2844
MILW0RM
BID
XF
Caupo.net -- cauposhop_classicSQL injection vulnerability in csc_article_details.php in Caupo.net CaupoShop Classic 1.3 allows remote attackers to execute arbitrary SQL commands via the saArticle[ID] parameter.
unknown
2008-06-25
7.5CVE-2008-2866
MILW0RM
BID
XF
Cisco -- Unified Communications Manager
Cisco -- Unified CallManager
The Computer Telephony Integration (CTI) Manager service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3c) and 6.x before 6.1(2) allows remote attackers to cause a denial of service (TSP crash) via malformed network traffic to TCP port 2748.
unknown
2008-06-26
7.8CVE-2008-2061
cms.brdconcept -- cms-brdSQL injection vulnerability in index.php in CMS-BRD allows remote attackers to execute arbitrary SQL commands via the menuclick parameter.
unknown
2008-06-24
7.5CVE-2008-2837
MILW0RM
BID
XF
doitlive -- cmsMultiple SQL injection vulnerabilities in doITLive CMS 2.50 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ID parameter in an USUB action to default.asp and the (2) Licence[SpecialLicenseNumber] (aka LicenceId) cookie to edit/default.asp.
unknown
2008-06-25
7.5CVE-2008-2843
MILW0RM
OTHER-REF
BID
XF
XF
Drupal -- trailscout_moduleSQL injection vulnerability in the TrailScout module 5.x before 5.x-1.4 for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified cookies, related to improper use of the Drupal database API.
unknown
2008-06-25
7.5CVE-2008-2850
BID
XF
DUware -- DUcalendarSQL injection vulnerability in detail.asp in DUware DUcalendar 1.0 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the iEve parameter.
unknown
2008-06-26
7.5CVE-2008-2868
MILW0RM
BID
e-topbiz -- viral_dx_1SQL injection vulnerability in adclick.php in E-topbiz Viral DX 1 2.07 allows remote attackers to execute arbitrary SQL commands via the bannerid parameter.
unknown
2008-06-26
7.5CVE-2008-2867
MILW0RM
BID
e-topbiz -- link_ads_1SQL injection vulnerability in out.php in E-topbiz Link ADS 1 allows remote attackers to execute arbitrary SQL commands via the linkid parameter.
unknown
2008-06-26
7.5CVE-2008-2869
MILW0RM
BID
easy_webstore -- easy_webstoreSQL injection vulnerability in index.php in Easy Webstore 1.2 allows remote attackers to execute arbitrary SQL commands via the cat_path parameter.
unknown
2008-06-25
7.5CVE-2008-2853
MILW0RM
BID
elinestudio -- site_composerMultiple SQL injection vulnerabilities in eLineStudio Site Composer (ESC) 2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to ansFAQ.asp and the (2) template_id parameter to preview.asp.
unknown
2008-06-25
7.5CVE-2008-2862
BUGTRAQ
MILW0RM
OTHER-REF
BID
XF
elinestudio -- site_composerMultiple absolute path traversal vulnerabilities in eLineStudio Site Composer (ESC) 2.6 allow remote attackers to create or delete arbitrary directories via a full pathname in the inpCurrFolder parameter to (1) folderdel_.asp or (2) foldernew.asp in cms/assetmanager/.
unknown
2008-06-25
7.5CVE-2008-2863
BUGTRAQ
MILW0RM
OTHER-REF
BID
XF
eMuSOFT -- emuCMSSQL injection vulnerability in index.php in eMuSOFT emuCMS 0.3 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a category action.
unknown
2008-06-27
7.5CVE-2008-2891
MILW0RM
BID
feellove -- exp_shop_componentSQL injection vulnerability in the EXP Shop (com_expshop) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a show_payment action to index.php.
unknown
2008-06-27
7.5CVE-2008-2892
MILW0RM
BID
fullrevolution -- aspwebcalendar2008Unrestricted file upload vulnerability in calendar_admin.asp in Full Revolution aspWebCalendar 2008 allows remote attackers to upload and execute arbitrary code via the FILE1 parameter in an uploadfileprocess action, probably followed by a direct request to the file in calendar/eventimages/.
unknown
2008-06-24
10.0CVE-2008-2832
OTHER-REF
BID
XF
getfireant -- fireantDirectory traversal vulnerability in index.php in FireAnt 1.3 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
unknown
2008-06-27
7.5CVE-2008-2896
MILW0RM
BID
XF
IBM -- afp_viewer_plug-inHeap-based buffer overflow in the IBM AFP Viewer Plug-in 2.0.7.1 and 3.2.1.1 allows remote attackers to execute arbitrary code via a long SRC property value. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
unknown
2008-06-26
9.3CVE-2008-2880
j00lean-cms -- j00lean-cmsUnspecified vulnerability in includes/classes/page.php in j00lean-CMS 1.03 has unknown impact and attack vectors.
unknown
2008-06-27
10.0CVE-2008-2899
Jamroom -- JamroomPHP remote file inclusion vulnerability in include/plugins/jrBrowser/payment.php in Jamroom 3.3.0 through 3.3.5 allows remote attackers to execute arbitrary PHP code via a URL in the jamroom[jm_dir] parameter. NOTE: some of these details are obtained from third party information.
unknown
2008-06-26
7.5CVE-2008-2883
MILW0RM
OTHER-REF
OTHER-REF
Jamroom -- JamroomPHP remote file inclusion vulnerability in include/plugins/jrBrowser/purchase.php in Jamroom 3.3.0 through 3.3.5, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the jamroom[jm_dir] parameter.
unknown
2008-06-27
9.3CVE-2008-2886
MILW0RM
OTHER-REF
BID
k5n -- WebCalendarPHP remote file inclusion vulnerability in send_reminders.php in WebCalendar 1.0.4 allows remote attackers to execute arbitrary PHP code via a URL in the includedir parameter and a 0 value for the noSet parameter, a different vector than CVE-2007-1483.
unknown
2008-06-24
7.5CVE-2008-2836
MILW0RM
MLIST
BID
XF
Kalptaru Infotech -- php_site_lockSQL injection vulnerability in index.php in Kalptaru Infotech PHP Site Lock 2.0 allows remote attackers to execute arbitrary SQL commands via the articleid parameter in a show_article action.
unknown
2008-06-25
7.5CVE-2008-2865
MILW0RM
BID
migcms -- migcmsMultiple PHP remote file inclusion vulnerabilities in MiGCMS 2.0.5, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[application][app_root] parameter to (1) collection.class.php and (2) content_image.class.php in lib/obj/.
unknown
2008-06-27
9.3CVE-2008-2888
MILW0RM
BID
munky -- munkyDirectory traversal vulnerability in index.php in mUnky 0.0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the zone parameter.
unknown
2008-06-26
7.5CVE-2008-2876
MILW0RM
mybizz-classifieds -- mybizz-classifiedsSQL injection vulnerability in index.php in MyBizz-Classifieds allows remote attackers to execute arbitrary SQL commands via the cat parameter.
unknown
2008-06-25
7.5CVE-2008-2845
MILW0RM
BID
odars -- odarsPHP remote file inclusion vulnerability in src/browser/resource/categories/resource_categories_view.php in Open Digital Assets Repository System (ODARS) 1.0.2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the CLASSES_ROOT parameter.
unknown
2008-06-27
9.3CVE-2008-2885
MILW0RM
offl -- online_fantasy_football_leagueMultiple SQL injection vulnerabilities in Online Fantasy Football League (OFFL) 0.2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) fflteam_id parameter to teams.php, the (2) league_id parameter to leagues.php, and the (3) player_id parameter to players.php.
unknown
2008-06-27
7.5CVE-2008-2890
MILW0RM
BID
offsystem -- offsystemMultiple buffer overflows in OFF System before 0.19.14 allow remote attackers to have an unknown impact via unspecified vectors related to "parsing of http headers."
unknown
2008-06-25
10.0CVE-2008-2851
OTHER-REF
XF
orlando_cms -- orlando_cmsMultiple PHP remote file inclusion vulnerabilities in Orlando CMS 0.6 allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[preloc] parameter to (1) modules/core/logger/init.php and (2) AJAX/newscat.php.
unknown
2008-06-25
7.5CVE-2008-2854
MILW0RM
BID
XF
ownrs -- ownrsSQL injection vulnerability in clanek.php in OwnRS Beta 3 allows remote attackers to execute arbitrary SQL commands via the id parameter.
unknown
2008-06-25
7.5CVE-2008-2856
MILW0RM
BID
XF
pagesperso-orange -- gfl_sdk
pagesperso-orange -- xnview
pagesperso-orange -- nconvert
Stack-based buffer overflow in NConvert 4.92, GFL SDK 2.82, and XnView 1.93.6 on Windows and 1.70 on Linux and FreeBSD allows user-assisted remote attackers to execute arbitrary code via a crafted format keyword in a Sun TAAC file.
unknown
2008-06-24
9.3CVE-2008-2427
BUGTRAQ
BID
SECTRACK
pagesquid -- pagesquid_cmsSQL injection vulnerability in index.php in PageSquid CMS 0.3 Beta allows remote attackers to execute arbitrary SQL commands via the page parameter.
unknown
2008-06-27
7.5CVE-2008-2897
MILW0RM
BID
PHPauction -- PHPauctionSQL injection vulnerability in item.php in PHPAuction 3.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
unknown
2008-06-27
7.5CVE-2008-2900
MILW0RM
BID
rss_aggregator -- rss_aggregatorPHP remote file inclusion vulnerability in display.php in RSS-aggregator allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. NOTE: some of these details are obtained from third party information.
unknown
2008-06-27
9.3CVE-2008-2884
MILW0RM
ruby-lang -- RubyMultiple integer overflows in the rb_str_buf_append function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors that trigger memory corruption, a different issue than CVE-2008-2663, CVE-2008-2664, and CVE-2008-2725. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. This CVE description should be regarded as authoritative, although it is likely to change.
unknown
2008-06-24
10.0CVE-2008-2662
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
ruby-lang -- RubyMultiple integer overflows in the rb_ary_store function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors, a different issue than CVE-2008-2662, CVE-2008-2664, and CVE-2008-2725. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. The CVE description should be regarded as authoritative, although it is likely to change.
unknown
2008-06-24
10.0CVE-2008-2663
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
ruby-lang -- RubyThe rb_str_format function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allows context-dependent attackers to trigger memory corruption via unspecified vectors related to alloca, a different issue than CVE-2008-2662, CVE-2008-2663, and CVE-2008-2725. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. The CVE description should be regarded as authoritative, although it is likely to change.
unknown
2008-06-24
7.8CVE-2008-2664
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
ruby-lang -- RubyInteger overflow in the rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allows context-dependent attackers to trigger memory corruption via unspecified vectors, aka the "REALLOC_N" variant, a different issue than CVE-2008-2662, CVE-2008-2663, and CVE-2008-2664. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. The CVE description should be regarded as authoritative, although it is likely to change.
unknown
2008-06-24
7.8CVE-2008-2725
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
ruby-lang -- RubyInteger overflow in the rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allows context-dependent attackers to trigger memory corruption, aka the "beg + rlen" issue. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. The CVE description should be regarded as authoritative, although it is likely to change.
unknown
2008-06-24
7.8CVE-2008-2726
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
sharecms -- sharecmsMultiple SQL injection vulnerabilities in ShareCMS 0.1 Beta allow remote attackers to execute arbitrary SQL commands via the (1) eventID parameter to event_info.php and the (2) userID parameter to list_user.php.
unknown
2008-06-26
7.5CVE-2008-2870
MILW0RM
BID
XF
sidb -- scientific_image_databaseSQL injection vulnerability in projects.php in Scientific Image DataBase 0.41 allows remote attackers to execute arbitrary SQL commands via the id parameter.
unknown
2008-06-24
7.5CVE-2008-2834
MILW0RM
BID
XF
softbizscripts -- softbiz_jokes_and_funny_pics_scriptSQL injection vulnerability in index.php in Softbiz Jokes & Funny Pics Script allows remote attackers to execute arbitrary SQL commands via the sbjoke_id parameter, a different vector than CVE-2008-1050.
unknown
2008-06-26
7.5CVE-2008-2874
MILW0RM
softdivision -- maxtrade_aoiSQL injection vulnerability in the Trade module in Maxtrade AIO 1.3.23 allows remote attackers to execute arbitrary SQL commands via the categori parameter in a pocategorisell action to modules.php.
unknown
2008-06-25
7.5CVE-2008-2847
MILW0RM
BID
webdevindo-cms -- webdevindo-cmsSQL injection vulnerability in index.php in Webdevindo-CMS 1.0.0 allows remote attackers to execute arbitrary SQL commands via the hal parameter.
unknown
2008-06-26
7.5CVE-2008-2875
MILW0RM
worldlevel -- le.cmsadmin/upload.php in le.cms 1.4 and earlier allows remote attackers to bypass administrative authentication, and upload and execute arbitrary files in images/, via a nonzero value for the submit0 parameter in conjunction with filenames in the filename and upload parameters.
unknown
2008-06-24
10.0CVE-2008-2833
MILW0RM
BID
BID

Back to top

Medium Vulnerabilities
Primary
Vendor -- Product
Description
Discovered
Published
CVSS ScoreSource & Patch Info
acebit -- wise_ftpDirectory traversal vulnerability in the FTP client in AceBIT WISE-FTP 4.1.0 and 5.5.8 allows remote FTP servers to create or overwrite arbitrary files via a ..\ (dot dot backslash) in a response to a LIST command, a related issue to CVE-2002-1345.
unknown
2008-06-27
6.8CVE-2008-2889
OTHER-REF
BID
AlstraSoft -- AskMe ProAlstraSoft AskMe Pro 2.1 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
unknown
2008-06-25
5.0CVE-2008-2857
MILW0RM
Aspindir -- shibby_shopsHibby sHop 2.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request to Db/urun.mdb.
unknown
2008-06-26
5.0CVE-2008-2873
MILW0RM
XF
benjacms -- benja_cmsBenja CMS 0.1 does not require authentication for access to admin/, which allows remote attackers to add or delete a menu.
unknown
2008-06-26
5.0CVE-2008-2879
BUGTRAQ
BID
chaozzatwork -- fubarforumDirectory traversal vulnerability in index.php in chaozz@work FubarForum 1.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
unknown
2008-06-27
5.0CVE-2008-2887
MILW0RM
BID
XF
Cisco -- Unified Communications Manager
Cisco -- Unified CallManager
The Real-Time Information Server (RIS) Data Collector service in Cisco Unified Communications Manager (CUCM) before 4.2(3)SR4, and 4.3 before 4.3(2)SR1, allows remote attackers to bypass authentication, and obtain cluster configuration information and statistics, via a direct TCP connection to the service port, aka Bug ID CSCsq35151.
unknown
2008-06-26
5.0CVE-2008-2062
Cisco -- Unified Communications Manager
Cisco -- Unified CallManager
The Real-Time Information Server (RIS) Data Collector service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) and 6.x before 6.1(1) allows remote attackers to bypass authentication, and obtain cluster configuration information and statistics, via a direct TCP connection to the service port, aka Bug ID CSCsj90843.
unknown
2008-06-26
5.0CVE-2008-2730
cmsworks -- cmsworksPHP remote file inclusion vulnerability in admin/include/lib.module.php in cmsWorks 2.2 RC4, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mod_root parameter.
unknown
2008-06-26
6.8CVE-2008-2877
MILW0RM
BID
XF
doitlive -- cmsCross-site scripting (XSS) vulnerability in edit/showmedia.asp in doITLive CMS 2.50 and earlier allows remote attackers to inject arbitrary web script or HTML via the FILE parameter.
unknown
2008-06-25
4.3CVE-2008-2842
MILW0RM
OTHER-REF
BID
XF
elinestudio -- site_composerMultiple cross-site scripting (XSS) vulnerabilities in eLineStudio Site Composer (ESC) 2.6 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) topic and (2) button parameters to ansFAQ.asp and the (3) id and (4) txtEmail parameters to login.asp.
unknown
2008-06-25
4.3CVE-2008-2861
BUGTRAQ
MILW0RM
BID
XF
elinestudio -- site_composereLineStudio Site Composer (ESC) 2.6 and earlier allows remote attackers to obtain sensitive information via a direct request to (1) trigger.asp or (2) common2.asp in cms/include/, which reveals the database path.
unknown
2008-06-25
5.0CVE-2008-2864
BUGTRAQ
MILW0RM
OTHER-REF
XF
exerocms -- exero_cmsMultiple directory traversal vulnerabilities in Exero CMS 1.0.0 and 1.0.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the theme parameter to (1) custompage.php, (2) errors/404.php, (3) members/memberslist.php, (4) members/profile.php, (5) news/fullview.php, (6) news/index.php, (7) nopermission.php, (8) usercp/avatar.php, or (9) usercp/editpassword.php in themes/Default/. NOTE: some of these details are obtained from third party information.
unknown
2008-06-24
6.8CVE-2008-2840
OTHER-REF
hedgehog-cms -- hedgehog-cmsDirectory traversal vulnerability in includes/header.php in Hedgehog-CMS 1.21 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the c_temp_path parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL.
unknown
2008-06-27
6.8CVE-2008-2898
MILW0RM
igsuite -- igsuiteSQL injection vulnerability in cgi-bin/igsuite in IGSuite 3.2.4 allows remote attackers to execute arbitrary SQL commands via the formid parameter.
unknown
2008-06-24
6.8CVE-2008-2835
MILW0RM
BID
XF
Microsoft -- ie
XChat -- XChat
Argument injection vulnerability in XChat 2.8.7b and earlier on Windows, when Internet Explorer is used, allows remote attackers to execute arbitrary commands via the --command parameter in an ircs:// URI.
unknown
2008-06-24
6.8CVE-2008-2841
MILW0RM
OTHER-REF
Mindtouch -- DekiWikiCross-site scripting (XSS) vulnerability in the search functionality in MindTouch DekiWiki before 8.05.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
unknown
2008-06-25
4.3CVE-2008-2848
OTHER-REF
XF
Nathan Neulinger -- CGIWrapCross-site scripting (XSS) vulnerability in CGIWrap before 4.1, when an Internet Explorer based browser is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to failure to set the charset in error messages.
unknown
2008-06-25
4.3CVE-2008-2852
OTHER-REF
BID
XF
NCH Software -- nch_software_classic_ftpDirectory traversal vulnerability in the FTP client in NCH Software Classic FTP 1.02 for Windows allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a response to a LIST command, a related issue to CVE-2002-1345.
unknown
2008-06-27
6.8CVE-2008-2894
OTHER-REF
BID
XF
NetWin -- SurgeMailUnspecified vulnerability in the IMAP service in NetWin SurgeMail before 3.9g2 allows remote attackers to cause a denial of service (daemon crash) via unknown vectors related to an "imap command."
unknown
2008-06-25
5.0CVE-2008-2859
OTHER-REF
BID
XF
ownrs -- ownrsCross-site scripting (XSS) vulnerability in clanek.php in OwnRS Beta 3 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
unknown
2008-06-25
4.3CVE-2008-2855
MILW0RM
BID
XF
PEGames -- PEGamesMultiple cross-site scripting (XSS) vulnerabilities in template2.php in PEGames allow remote attackers to inject arbitrary web script or HTML via the (1) sitetitle, (2) sitenav, (3) sitemain, and (4) sitealt parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
unknown
2008-06-26
4.3CVE-2008-2871
BID
XF
redhat -- enterprise_linux
redhat -- desktop_workstation
redhat -- desktop
Untrusted search path vulnerability in a certain Red Hat build script for Standards Based Linux Instrumentation for Manageability (sblim) libraries before 1-13a.el4_6.1 in Red Hat Enterprise Linux (RHEL) 4, and before 1-31.el5_2.1 in RHEL 5, allows local users to gain privileges via a malicious library in a certain subdirectory of /var/tmp, related to an incorrect RPATH setting, as demonstrated by a malicious libc.so library for tog-pegasus.
unknown
2008-06-25
4.6CVE-2008-1951
OTHER-REF
REDHAT
relative_real_estate_systems -- relative_real_estate_systemsRelative Real Estate Systems 3.0 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
unknown
2008-06-26
5.0CVE-2008-2881
MILW0RM
OTHER-REF
traindepot -- traindepotDirectory traversal vulnerability in index.php in Traindepot 0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the module parameter.
unknown
2008-06-24
5.0CVE-2008-2838
MILW0RM
BID
XF
traindepot -- traindepotCross-site scripting (XSS) vulnerability in the search module in Traindepot 0.1 allows remote attackers to inject arbitrary web script or HTML via the query parameter to index.php.
unknown
2008-06-24
4.3CVE-2008-2839
MILW0RM
BID
XF
webchamado -- webchamadoSQL injection vulnerability in index.php in WebChamado 1.1 allows remote attackers to execute arbitrary SQL commands via the eml parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
unknown
2008-06-25
6.8CVE-2008-2858
yektaweb -- academic_web_toolsOpen redirect vulnerability in rss_getfile.php in Academic Web Tools (AWT YEKTA) 1.4.3.1, and 1.4.2.8 and earlier, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the file parameter.
unknown
2008-06-26
6.4CVE-2008-2878
BUGTRAQ
OTHER-REF
BID
XF

Back to top

Low Vulnerabilities
Primary
Vendor -- Product
Description
Discovered
Published
CVSS ScoreSource & Patch Info
Drupal -- trailscout_moduleCross-site scripting (XSS) vulnerability in the TrailScout module 5.x before 5.x-1.4 for Drupal allows remote authenticated users, with create post permissions, to inject arbitrary web script or HTML via unspecified vectors.
unknown
2008-06-25
3.5CVE-2008-2849
OTHER-REF
BID
XF

Back to top

">

High Vulnerabilities
Primary
Vendor -- Product
Description
Discovered
Published
CVSS ScoreSource & Patch Info
Adobe -- Acrobat 3D
Adobe -- Acrobat Reader
Unspecified vulnerability in Adobe Reader and Acrobat 7.0.9 and earlier, and 8.0 through 8.1.2, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors, related to an "input validation issue in a JavaScript method."
unknown
2008-06-25
10.0CVE-2008-2641
OTHER-REF
AJ Square -- aj_auctionSQL injection vulnerability in category.php in AJSquare AJ Auction Pro web 2.0 allows remote attackers to execute arbitrary SQL commands via the cate_id parameter.
unknown
2008-06-25
7.5CVE-2008-2860
MILW0RM
BID
ajhyip -- aj_square_aj-hyipSQL injection vulnerability in news.php in AJ Square aj-hyip (aka AJ HYIP Acme) allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-2532.
unknown
2008-06-27
7.5CVE-2008-2893
MILW0RM
BID
aprox -- aproxengineDirectory traversal vulnerability in index.php in AproxEngine 5.1.0.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
unknown
2008-06-27
7.5CVE-2008-2895
MILW0RM
BID
Aspindir -- shibby_shopSQL injection vulnerability in default.asp in sHibby sHop 2.2 and earlier allows remote attackers to execute arbitrary SQL commands via the sayfa parameter.
unknown
2008-06-26
7.5CVE-2008-2872
MILW0RM
BID
XF
Aspindir -- shibby_shopupgrade.asp in sHibby sHop 2.2 and earlier does not require administrative authentication, which allows remote attackers to update a file or have unspecified other impact via a direct request.
unknown
2008-06-26
7.5CVE-2008-2882
MILW0RM
XF
boatscripts -- boatscripts_classifiedsSQL injection vulnerability in index.php in BoatScripts Classifieds allows remote attackers to execute arbitrary SQL commands via the type parameter.
unknown
2008-06-25
7.5CVE-2008-2846
MILW0RM
BID
XF
carscripts -- carscripts_classifiedsSQL injection vulnerability in index.php in Carscripts Classifieds allows remote attackers to execute arbitrary SQL commands via the cat parameter.
unknown
2008-06-25
7.5CVE-2008-2844
MILW0RM
BID
XF
Caupo.net -- cauposhop_classicSQL injection vulnerability in csc_article_details.php in Caupo.net CaupoShop Classic 1.3 allows remote attackers to execute arbitrary SQL commands via the saArticle[ID] parameter.
unknown
2008-06-25
7.5CVE-2008-2866
MILW0RM
BID
XF
Cisco -- Unified Communications Manager
Cisco -- Unified CallManager
The Computer Telephony Integration (CTI) Manager service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3c) and 6.x before 6.1(2) allows remote attackers to cause a denial of service (TSP crash) via malformed network traffic to TCP port 2748.
unknown
2008-06-26
7.8CVE-2008-2061
cms.brdconcept -- cms-brdSQL injection vulnerability in index.php in CMS-BRD allows remote attackers to execute arbitrary SQL commands via the menuclick parameter.
unknown
2008-06-24
7.5CVE-2008-2837
MILW0RM
BID
XF
doitlive -- cmsMultiple SQL injection vulnerabilities in doITLive CMS 2.50 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ID parameter in an USUB action to default.asp and the (2) Licence[SpecialLicenseNumber] (aka LicenceId) cookie to edit/default.asp.
unknown
2008-06-25
7.5CVE-2008-2843
MILW0RM
OTHER-REF
BID
XF
XF
Drupal -- trailscout_moduleSQL injection vulnerability in the TrailScout module 5.x before 5.x-1.4 for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified cookies, related to improper use of the Drupal database API.
unknown
2008-06-25
7.5CVE-2008-2850
BID
XF
DUware -- DUcalendarSQL injection vulnerability in detail.asp in DUware DUcalendar 1.0 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the iEve parameter.
unknown
2008-06-26
7.5CVE-2008-2868
MILW0RM
BID
e-topbiz -- viral_dx_1SQL injection vulnerability in adclick.php in E-topbiz Viral DX 1 2.07 allows remote attackers to execute arbitrary SQL commands via the bannerid parameter.
unknown
2008-06-26
7.5CVE-2008-2867
MILW0RM
BID
e-topbiz -- link_ads_1SQL injection vulnerability in out.php in E-topbiz Link ADS 1 allows remote attackers to execute arbitrary SQL commands via the linkid parameter.
unknown
2008-06-26
7.5CVE-2008-2869
MILW0RM
BID
easy_webstore -- easy_webstoreSQL injection vulnerability in index.php in Easy Webstore 1.2 allows remote attackers to execute arbitrary SQL commands via the cat_path parameter.
unknown
2008-06-25
7.5CVE-2008-2853
MILW0RM
BID
elinestudio -- site_composerMultiple SQL injection vulnerabilities in eLineStudio Site Composer (ESC) 2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to ansFAQ.asp and the (2) template_id parameter to preview.asp.
unknown
2008-06-25
7.5CVE-2008-2862
BUGTRAQ
MILW0RM
OTHER-REF
BID
XF
elinestudio -- site_composerMultiple absolute path traversal vulnerabilities in eLineStudio Site Composer (ESC) 2.6 allow remote attackers to create or delete arbitrary directories via a full pathname in the inpCurrFolder parameter to (1) folderdel_.asp or (2) foldernew.asp in cms/assetmanager/.
unknown
2008-06-25
7.5CVE-2008-2863
BUGTRAQ
MILW0RM
OTHER-REF
BID
XF
eMuSOFT -- emuCMSSQL injection vulnerability in index.php in eMuSOFT emuCMS 0.3 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a category action.
unknown
2008-06-27
7.5CVE-2008-2891
MILW0RM
BID
feellove -- exp_shop_componentSQL injection vulnerability in the EXP Shop (com_expshop) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a show_payment action to index.php.
unknown
2008-06-27
7.5CVE-2008-2892
MILW0RM
BID
fullrevolution -- aspwebcalendar2008Unrestricted file upload vulnerability in calendar_admin.asp in Full Revolution aspWebCalendar 2008 allows remote attackers to upload and execute arbitrary code via the FILE1 parameter in an uploadfileprocess action, probably followed by a direct request to the file in calendar/eventimages/.
unknown
2008-06-24
10.0CVE-2008-2832
OTHER-REF
BID
XF
getfireant -- fireantDirectory traversal vulnerability in index.php in FireAnt 1.3 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
unknown
2008-06-27
7.5CVE-2008-2896
MILW0RM
BID
XF
IBM -- afp_viewer_plug-inHeap-based buffer overflow in the IBM AFP Viewer Plug-in 2.0.7.1 and 3.2.1.1 allows remote attackers to execute arbitrary code via a long SRC property value. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
unknown
2008-06-26
9.3CVE-2008-2880
j00lean-cms -- j00lean-cmsUnspecified vulnerability in includes/classes/page.php in j00lean-CMS 1.03 has unknown impact and attack vectors.
unknown
2008-06-27
10.0CVE-2008-2899
Jamroom -- JamroomPHP remote file inclusion vulnerability in include/plugins/jrBrowser/payment.php in Jamroom 3.3.0 through 3.3.5 allows remote attackers to execute arbitrary PHP code via a URL in the jamroom[jm_dir] parameter. NOTE: some of these details are obtained from third party information.
unknown
2008-06-26
7.5CVE-2008-2883
MILW0RM
OTHER-REF
OTHER-REF
Jamroom -- JamroomPHP remote file inclusion vulnerability in include/plugins/jrBrowser/purchase.php in Jamroom 3.3.0 through 3.3.5, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the jamroom[jm_dir] parameter.
unknown
2008-06-27
9.3CVE-2008-2886
MILW0RM
OTHER-REF
BID
k5n -- WebCalendarPHP remote file inclusion vulnerability in send_reminders.php in WebCalendar 1.0.4 allows remote attackers to execute arbitrary PHP code via a URL in the includedir parameter and a 0 value for the noSet parameter, a different vector than CVE-2007-1483.
unknown
2008-06-24
7.5CVE-2008-2836
MILW0RM
MLIST
BID
XF
Kalptaru Infotech -- php_site_lockSQL injection vulnerability in index.php in Kalptaru Infotech PHP Site Lock 2.0 allows remote attackers to execute arbitrary SQL commands via the articleid parameter in a show_article action.
unknown
2008-06-25
7.5CVE-2008-2865
MILW0RM
BID
migcms -- migcmsMultiple PHP remote file inclusion vulnerabilities in MiGCMS 2.0.5, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[application][app_root] parameter to (1) collection.class.php and (2) content_image.class.php in lib/obj/.
unknown
2008-06-27
9.3CVE-2008-2888
MILW0RM
BID
munky -- munkyDirectory traversal vulnerability in index.php in mUnky 0.0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the zone parameter.
unknown
2008-06-26
7.5CVE-2008-2876
MILW0RM
mybizz-classifieds -- mybizz-classifiedsSQL injection vulnerability in index.php in MyBizz-Classifieds allows remote attackers to execute arbitrary SQL commands via the cat parameter.
unknown
2008-06-25
7.5CVE-2008-2845
MILW0RM
BID
odars -- odarsPHP remote file inclusion vulnerability in src/browser/resource/categories/resource_categories_view.php in Open Digital Assets Repository System (ODARS) 1.0.2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the CLASSES_ROOT parameter.
unknown
2008-06-27
9.3CVE-2008-2885
MILW0RM
offl -- online_fantasy_football_leagueMultiple SQL injection vulnerabilities in Online Fantasy Football League (OFFL) 0.2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) fflteam_id parameter to teams.php, the (2) league_id parameter to leagues.php, and the (3) player_id parameter to players.php.
unknown
2008-06-27
7.5CVE-2008-2890
MILW0RM
BID
offsystem -- offsystemMultiple buffer overflows in OFF System before 0.19.14 allow remote attackers to have an unknown impact via unspecified vectors related to "parsing of http headers."
unknown
2008-06-25
10.0CVE-2008-2851
OTHER-REF
XF
orlando_cms -- orlando_cmsMultiple PHP remote file inclusion vulnerabilities in Orlando CMS 0.6 allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[preloc] parameter to (1) modules/core/logger/init.php and (2) AJAX/newscat.php.
unknown
2008-06-25
7.5CVE-2008-2854
MILW0RM
BID
XF
ownrs -- ownrsSQL injection vulnerability in clanek.php in OwnRS Beta 3 allows remote attackers to execute arbitrary SQL commands via the id parameter.
unknown
2008-06-25
7.5CVE-2008-2856
MILW0RM
BID
XF
pagesperso-orange -- gfl_sdk
pagesperso-orange -- xnview
pagesperso-orange -- nconvert
Stack-based buffer overflow in NConvert 4.92, GFL SDK 2.82, and XnView 1.93.6 on Windows and 1.70 on Linux and FreeBSD allows user-assisted remote attackers to execute arbitrary code via a crafted format keyword in a Sun TAAC file.
unknown
2008-06-24
9.3CVE-2008-2427
BUGTRAQ
BID
SECTRACK
pagesquid -- pagesquid_cmsSQL injection vulnerability in index.php in PageSquid CMS 0.3 Beta allows remote attackers to execute arbitrary SQL commands via the page parameter.
unknown
2008-06-27
7.5CVE-2008-2897
MILW0RM
BID
PHPauction -- PHPauctionSQL injection vulnerability in item.php in PHPAuction 3.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
unknown
2008-06-27
7.5CVE-2008-2900
MILW0RM
BID
rss_aggregator -- rss_aggregatorPHP remote file inclusion vulnerability in display.php in RSS-aggregator allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. NOTE: some of these details are obtained from third party information.
unknown
2008-06-27
9.3CVE-2008-2884
MILW0RM
ruby-lang -- RubyMultiple integer overflows in the rb_str_buf_append function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors that trigger memory corruption, a different issue than CVE-2008-2663, CVE-2008-2664, and CVE-2008-2725. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. This CVE description should be regarded as authoritative, although it is likely to change.
unknown
2008-06-24
10.0CVE-2008-2662
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
ruby-lang -- RubyMultiple integer overflows in the rb_ary_store function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors, a different issue than CVE-2008-2662, CVE-2008-2664, and CVE-2008-2725. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. The CVE description should be regarded as authoritative, although it is likely to change.
unknown
2008-06-24
10.0CVE-2008-2663
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
ruby-lang -- RubyThe rb_str_format function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allows context-dependent attackers to trigger memory corruption via unspecified vectors related to alloca, a different issue than CVE-2008-2662, CVE-2008-2663, and CVE-2008-2725. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. The CVE description should be regarded as authoritative, although it is likely to change.
unknown
2008-06-24
7.8CVE-2008-2664
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
ruby-lang -- RubyInteger overflow in the rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allows context-dependent attackers to trigger memory corruption via unspecified vectors, aka the "REALLOC_N" variant, a different issue than CVE-2008-2662, CVE-2008-2663, and CVE-2008-2664. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. The CVE description should be regarded as authoritative, although it is likely to change.
unknown
2008-06-24
7.8CVE-2008-2725
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
ruby-lang -- RubyInteger overflow in the rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allows context-dependent attackers to trigger memory corruption, aka the "beg + rlen" issue. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. The CVE description should be regarded as authoritative, although it is likely to change.
unknown
2008-06-24
7.8CVE-2008-2726
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
sharecms -- sharecmsMultiple SQL injection vulnerabilities in ShareCMS 0.1 Beta allow remote attackers to execute arbitrary SQL commands via the (1) eventID parameter to event_info.php and the (2) userID parameter to list_user.php.
unknown
2008-06-26
7.5CVE-2008-2870
MILW0RM
BID
XF
sidb -- scientific_image_databaseSQL injection vulnerability in projects.php in Scientific Image DataBase 0.41 allows remote attackers to execute arbitrary SQL commands via the id parameter.
unknown
2008-06-24
7.5CVE-2008-2834
MILW0RM
BID
XF
softbizscripts -- softbiz_jokes_and_funny_pics_scriptSQL injection vulnerability in index.php in Softbiz Jokes & Funny Pics Script allows remote attackers to execute arbitrary SQL commands via the sbjoke_id parameter, a different vector than CVE-2008-1050.
unknown
2008-06-26
7.5CVE-2008-2874
MILW0RM
softdivision -- maxtrade_aoiSQL injection vulnerability in the Trade module in Maxtrade AIO 1.3.23 allows remote attackers to execute arbitrary SQL commands via the categori parameter in a pocategorisell action to modules.php.
unknown
2008-06-25
7.5CVE-2008-2847
MILW0RM
BID
webdevindo-cms -- webdevindo-cmsSQL injection vulnerability in index.php in Webdevindo-CMS 1.0.0 allows remote attackers to execute arbitrary SQL commands via the hal parameter.
unknown
2008-06-26
7.5CVE-2008-2875
MILW0RM
worldlevel -- le.cmsadmin/upload.php in le.cms 1.4 and earlier allows remote attackers to bypass administrative authentication, and upload and execute arbitrary files in images/, via a nonzero value for the submit0 parameter in conjunction with filenames in the filename and upload parameters.
unknown
2008-06-24
10.0CVE-2008-2833
MILW0RM
BID
BID

Back to top

Medium Vulnerabilities
Primary
Vendor -- Product
Description
Discovered
Published
CVSS ScoreSource & Patch Info
acebit -- wise_ftpDirectory traversal vulnerability in the FTP client in AceBIT WISE-FTP 4.1.0 and 5.5.8 allows remote FTP servers to create or overwrite arbitrary files via a ..\ (dot dot backslash) in a response to a LIST command, a related issue to CVE-2002-1345.
unknown
2008-06-27
6.8CVE-2008-2889
OTHER-REF
BID
AlstraSoft -- AskMe ProAlstraSoft AskMe Pro 2.1 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
unknown
2008-06-25
5.0CVE-2008-2857
MILW0RM
Aspindir -- shibby_shopsHibby sHop 2.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request to Db/urun.mdb.
unknown
2008-06-26
5.0CVE-2008-2873
MILW0RM
XF
benjacms -- benja_cmsBenja CMS 0.1 does not require authentication for access to admin/, which allows remote attackers to add or delete a menu.
unknown
2008-06-26
5.0CVE-2008-2879
BUGTRAQ
BID
chaozzatwork -- fubarforumDirectory traversal vulnerability in index.php in chaozz@work FubarForum 1.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
unknown
2008-06-27
5.0CVE-2008-2887
MILW0RM
BID
XF
Cisco -- Unified Communications Manager
Cisco -- Unified CallManager
The Real-Time Information Server (RIS) Data Collector service in Cisco Unified Communications Manager (CUCM) before 4.2(3)SR4, and 4.3 before 4.3(2)SR1, allows remote attackers to bypass authentication, and obtain cluster configuration information and statistics, via a direct TCP connection to the service port, aka Bug ID CSCsq35151.
unknown
2008-06-26
5.0CVE-2008-2062
Cisco -- Unified Communications Manager
Cisco -- Unified CallManager
The Real-Time Information Server (RIS) Data Collector service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) and 6.x before 6.1(1) allows remote attackers to bypass authentication, and obtain cluster configuration information and statistics, via a direct TCP connection to the service port, aka Bug ID CSCsj90843.
unknown
2008-06-26
5.0CVE-2008-2730
cmsworks -- cmsworksPHP remote file inclusion vulnerability in admin/include/lib.module.php in cmsWorks 2.2 RC4, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mod_root parameter.
unknown
2008-06-26
6.8CVE-2008-2877
MILW0RM
BID
XF
doitlive -- cmsCross-site scripting (XSS) vulnerability in edit/showmedia.asp in doITLive CMS 2.50 and earlier allows remote attackers to inject arbitrary web script or HTML via the FILE parameter.
unknown
2008-06-25
4.3CVE-2008-2842
MILW0RM
OTHER-REF
BID
XF
elinestudio -- site_composerMultiple cross-site scripting (XSS) vulnerabilities in eLineStudio Site Composer (ESC) 2.6 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) topic and (2) button parameters to ansFAQ.asp and the (3) id and (4) txtEmail parameters to login.asp.
unknown
2008-06-25
4.3CVE-2008-2861
BUGTRAQ
MILW0RM
BID
XF
elinestudio -- site_composereLineStudio Site Composer (ESC) 2.6 and earlier allows remote attackers to obtain sensitive information via a direct request to (1) trigger.asp or (2) common2.asp in cms/include/, which reveals the database path.
unknown
2008-06-25
5.0CVE-2008-2864
BUGTRAQ
MILW0RM
OTHER-REF
XF
exerocms -- exero_cmsMultiple directory traversal vulnerabilities in Exero CMS 1.0.0 and 1.0.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the theme parameter to (1) custompage.php, (2) errors/404.php, (3) members/memberslist.php, (4) members/profile.php, (5) news/fullview.php, (6) news/index.php, (7) nopermission.php, (8) usercp/avatar.php, or (9) usercp/editpassword.php in themes/Default/. NOTE: some of these details are obtained from third party information.
unknown
2008-06-24
6.8CVE-2008-2840
OTHER-REF
hedgehog-cms -- hedgehog-cmsDirectory traversal vulnerability in includes/header.php in Hedgehog-CMS 1.21 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the c_temp_path parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL.
unknown
2008-06-27
6.8CVE-2008-2898
MILW0RM
igsuite -- igsuiteSQL injection vulnerability in cgi-bin/igsuite in IGSuite 3.2.4 allows remote attackers to execute arbitrary SQL commands via the formid parameter.
unknown
2008-06-24
6.8CVE-2008-2835
MILW0RM
BID
XF
Microsoft -- ie
XChat -- XChat
Argument injection vulnerability in XChat 2.8.7b and earlier on Windows, when Internet Explorer is used, allows remote attackers to execute arbitrary commands via the --command parameter in an ircs:// URI.
unknown
2008-06-24
6.8CVE-2008-2841
MILW0RM
OTHER-REF
Mindtouch -- DekiWikiCross-site scripting (XSS) vulnerability in the search functionality in MindTouch DekiWiki before 8.05.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
unknown
2008-06-25
4.3CVE-2008-2848
OTHER-REF
XF
Nathan Neulinger -- CGIWrapCross-site scripting (XSS) vulnerability in CGIWrap before 4.1, when an Internet Explorer based browser is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to failure to set the charset in error messages.
unknown
2008-06-25
4.3CVE-2008-2852
OTHER-REF
BID
XF
NCH Software -- nch_software_classic_ftpDirectory traversal vulnerability in the FTP client in NCH Software Classic FTP 1.02 for Windows allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a response to a LIST command, a related issue to CVE-2002-1345.
unknown
2008-06-27
6.8CVE-2008-2894
OTHER-REF
BID
XF
NetWin -- SurgeMailUnspecified vulnerability in the IMAP service in NetWin SurgeMail before 3.9g2 allows remote attackers to cause a denial of service (daemon crash) via unknown vectors related to an "imap command."
unknown
2008-06-25
5.0CVE-2008-2859
OTHER-REF
BID
XF
ownrs -- ownrsCross-site scripting (XSS) vulnerability in clanek.php in OwnRS Beta 3 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
unknown
2008-06-25
4.3CVE-2008-2855
MILW0RM
BID
XF
PEGames -- PEGamesMultiple cross-site scripting (XSS) vulnerabilities in template2.php in PEGames allow remote attackers to inject arbitrary web script or HTML via the (1) sitetitle, (2) sitenav, (3) sitemain, and (4) sitealt parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
unknown
2008-06-26
4.3CVE-2008-2871
BID
XF
redhat -- enterprise_linux
redhat -- desktop_workstation
redhat -- desktop
Untrusted search path vulnerability in a certain Red Hat build script for Standards Based Linux Instrumentation for Manageability (sblim) libraries before 1-13a.el4_6.1 in Red Hat Enterprise Linux (RHEL) 4, and before 1-31.el5_2.1 in RHEL 5, allows local users to gain privileges via a malicious library in a certain subdirectory of /var/tmp, related to an incorrect RPATH setting, as demonstrated by a malicious libc.so library for tog-pegasus.
unknown
2008-06-25
4.6CVE-2008-1951
OTHER-REF
REDHAT
relative_real_estate_systems -- relative_real_estate_systemsRelative Real Estate Systems 3.0 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
unknown
2008-06-26
5.0CVE-2008-2881
MILW0RM
OTHER-REF
traindepot -- traindepotDirectory traversal vulnerability in index.php in Traindepot 0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the module parameter.
unknown
2008-06-24
5.0CVE-2008-2838
MILW0RM
BID
XF
traindepot -- traindepotCross-site scripting (XSS) vulnerability in the search module in Traindepot 0.1 allows remote attackers to inject arbitrary web script or HTML via the query parameter to index.php.
unknown
2008-06-24
4.3CVE-2008-2839
MILW0RM
BID
XF
webchamado -- webchamadoSQL injection vulnerability in index.php in WebChamado 1.1 allows remote attackers to execute arbitrary SQL commands via the eml parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
unknown
2008-06-25
6.8CVE-2008-2858
yektaweb -- academic_web_toolsOpen redirect vulnerability in rss_getfile.php in Academic Web Tools (AWT YEKTA) 1.4.3.1, and 1.4.2.8 and earlier, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the file parameter.
unknown
2008-06-26
6.4CVE-2008-2878
BUGTRAQ
OTHER-REF
BID
XF

Back to top

Low Vulnerabilities
Primary
Vendor -- Product
Description
Discovered
Published
CVSS ScoreSource & Patch Info
Drupal -- trailscout_moduleCross-site scripting (XSS) vulnerability in the TrailScout module 5.x before 5.x-1.4 for Drupal allows remote authenticated users, with create post permissions, to inject arbitrary web script or HTML via unspecified vectors.
unknown
2008-06-25
3.5CVE-2008-2849
OTHER-REF
BID
XF

Back to top

Was this document helpful?  Yes  |  Somewhat  |  No

Back to Top