Contents
Cal Poly Pomona

Latest Unix and Other Bulletins

UNIX and Other

Report date: March 09, 2009  Date posted: March 09, 2009

This report combines relevant bulletins from SANS, Secunia and CERT. The wording is original with some "back" links added where needed. The CERT index lists vulnerabilities with and without solutions. Click the link for specific information.

At a very minimum, look at the SANS bulletins as they include the top issues on a weekly basis. Next, review Secunia for a more complete listing with well structured bulletins avaiable as external links. Finally, the CERT section contains very detailed information and many newly discovered vulnerabilities and updates on existing issues.

Tip: highlight any link below to reveal the criticality or priority.

SANS Bulletin - Vol 8 Num 9

None relevant

Secunia Bulletin - 2009-9

CERT Bulletin - SB09-061

Note:there may be multiple issues for each product link. Scroll down after clicking the link.

BULLETIN DETAIL

CERT Bulletin

Vulnerability Summary for the Week of February 23, 2009

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cyber Security Division (NCSD) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.

The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0

  • Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9

  • Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9

Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.


High Vulnerabilities
Primary
Vendor -- Product		DescriptionPublished CVSS ScoreSource & Patch Info
back phpbb -- Tag Board
 SQL injection vulnerability in tag board.php in the Tag Board module 4.0 and earlier for phpBB allows remote attackers to execute arbitrary SQL commands via the id parameter in a delete action.2009-02-277.5CVE-2008-6314
XF
BID
MILW0RM
SECUNIA
OSVDB
back 1scripts -- z1exchange
 SQL injection vulnerability in edit.php in Z1Exchange 1.0 allows remote attackers to execute arbitrary SQL commands via the site parameter.2009-02-257.5CVE-2008-6284
XF
BID
MILW0RM
back accscripts -- acc php email
 Acc PHP eMail 1.1 allows remote attackers to bypass authentication and gain administrative access by setting the NEWSLETTERLOGIN cookie to "admin".2009-02-267.5CVE-2008-6291
XF
BID
MILW0RM
SECUNIA
back accscripts -- acc autos
 Acc Autos 4.0 allows remote attackers to bypass authentication and gain administrative access by setting the (1) username cookie to "admin," (2) right cookie to "1," and (3) id cookie to "1."2009-02-267.5CVE-2008-6292
XF
BID
MILW0RM
SECUNIA
back accscripts -- acc real estate
 admin/Index.php in Acc Real Estate 4.0 allows remote attackers to bypass authentication and gain administrative access by setting the username cookie to "admin."2009-02-267.5CVE-2008-6293
XF
BID
MILW0RM
SECUNIA
back accscripts -- acc statistics
 admin/Index.php in Acc Statistics 1.1 allows remote attackers to bypass authentication and gain administrative access by setting the username cookie cookie to "admin."2009-02-267.5CVE-2008-6294
BID
MILW0RM
SECUNIA
back activewebsoftwares -- active newsletter
 Multiple SQL injection vulnerabilities in SubscriberStart.asp in Active Newsletter 4.3 allow remote attackers to execute arbitrary SQL commands via (1) the email parameter (aka username or E-mail field), or (2) the password parameter (aka password field), to (a) Subscriber.asp or (b) start.asp. NOTE: some of these details are obtained from third party information.2009-02-257.5CVE-2008-6286
XF
MILW0RM
SECUNIA
back adobe -- acrobat
adobe -- acrobat reader
adobe -- reader
 Buffer overflow in Adobe Reader 9.0 and earlier and Acrobat 9.0 and earlier allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E.2009-02-209.3CVE-2009-0658
CERT
CERT-VN
XF
MISC
MISC
SECTRACK
BID
FRSIRT
CONFIRM
SECUNIA
OSVDB
MISC
back adobe -- air
adobe -- flash player
adobe -- flash player for linux
adobe -- flex
 Unspecified vulnerability in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a crafted Shockwave Flash (aka .swf) file.2009-02-269.3CVE-2009-0519
BID
CONFIRM
back adobe -- air
adobe -- flash player
adobe -- flash player for linux
adobe -- flex
 Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 does not properly remove references to destroyed objects during Shockwave Flash file processing, which allows remote attackers to execute arbitrary code via a crafted file, related to a "buffer overflow issue."2009-02-269.3CVE-2009-0520
VUPEN
BID
CONFIRM
MISC
back appstate -- phpwebsite
 SQL injection vulnerability in links.php in Appalachian State University phpWebSite allows remote attackers to execute arbitrary SQL commands via the cid parameter in a viewlink action.2009-02-257.5CVE-2008-6266
XF
BID
BUGTRAQ
back aspthai.net -- aspthai.net webboard
 SQL injection vulnerability in bview.asp in ASPThai.Net Webboard 6.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.2009-02-237.5CVE-2009-0703
XF
BID
MILW0RM
back bluocms -- bluo cms
 SQL injection vulnerability in index.php in Bluo CMS 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.2009-02-257.5CVE-2008-6281
BID
MILW0RM
SECUNIA
back bookingcentre -- booking system for hotels group
 SQL injection vulnerability in cadena ofertas ext.php in Venalsur Booking center Booking System for Hotels Group allows remote attackers to execute arbitrary SQL commands via the OfertaID parameter.2009-02-207.5CVE-2008-6216
MILW0RM
back businessvein -- php tv portal
 SQL injection vulnerability in index.php in PHP TV Portal 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the mid parameter.2009-02-257.5CVE-2008-6285
XF
VUPEN
BID
MILW0RM
SECUNIA
back butterflymedia -- butterfly organizer
 SQL injection vulnerability in view.php in Butterfly Organizer 2.0.1 allows remote attackers to execute arbitrary SQL commands via the mytable parameter. NOTE: the id vector is covered by another CVE name.2009-02-277.5CVE-2008-6311
MILW0RM
SECUNIA
back butterflymedia -- butterfly organizer
 SQL injection vulnerability in view.php in Butterfly Organizer 2.0.0 and 2.0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.2009-02-277.5CVE-2008-6328
MILW0RM
MILW0RM
SECUNIA
back cafuego -- sdms
 SQL injection vulnerability in login.php in Simple Document Management System (SDMS) 1.1.5 and 1.1.4, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the login parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.2009-02-217.5CVE-2008-6236
XF
BID
SECUNIA
back cfmsource -- cf calendar
 SQL injection vulnerability in calendarevent.cfm in CF Calendar allows remote attackers to execute arbitrary SQL commands via the calid parameter.2009-02-277.5CVE-2008-6319
BID
MILW0RM
SECUNIA
back cfmsource -- cfmblog
 SQL injection vulnerability in index.cfm in CFMSource CFMBlog allows remote attackers to execute arbitrary SQL commands via the categorynbr parameter.2009-02-277.5CVE-2008-6322
BID
MILW0RM
SECUNIA
back cfmsource -- cf auction
 SQL injection vulnerability in forummessages.cfm in CFMSource CF Auction allows remote attackers to execute arbitrary SQL commands via the categorynbr parameter.2009-02-277.5CVE-2008-6323
BID
MILW0RM
back cfmsource -- cf forum
 SQL injection vulnerability in forummessages.cfm in CF Forum allows remote attackers to execute arbitrary SQL commands via the categorynbr parameter.2009-02-277.5CVE-2008-6324
BID
MILW0RM
SECUNIA
back cfshopkart -- cf shopkart
 SQL injection vulnerability in index.cfm in CF Shopkart 5.2.2 allows remote attackers to execute arbitrary SQL commands via the Category parameter in a ViewCategory action.2009-02-277.5CVE-2008-6320
BID
MILW0RM
SECUNIA
back cisco -- meetingplace web confrencing
 Unspecified vulnerability in the Web Server in Cisco Unified MeetingPlace Web Conferencing 6.0 before 6.0(517.0) (aka 6.0 MR4) and 7.0 before 7.0(2) (aka 7.0 MR1) allows remote attackers to bypass authentication and obtain administrative access via a crafted URL.2009-02-269.0CVE-2009-0614
BID
CISCO
back cisco -- application control engine device manager
cisco -- application networking manager
 Directory traversal vulnerability in Cisco Application Networking Manager (ANM) before 2.0 and Application Control Engine (ACE) Device Manager before A3(2.1) allows remote authenticated users to read or modify arbitrary files via unspecified vectors, related to "invalid directory permissions."2009-02-269.0CVE-2009-0615
BID
CISCO
back cisco -- application networking manager
 Cisco Application Networking Manager (ANM) before 2.0 uses default usernames and passwords, which makes it easier for remote attackers to access the application, or cause a denial of service via configuration changes, related to "default user credentials during installation."2009-02-2610.0CVE-2009-0616
BID
CISCO
back cisco -- application networking manager
 Cisco Application Networking Manager (ANM) before 2.0 uses a default MySQL root password, which makes it easier for remote attackers to execute arbitrary operating-system commands or change system files.2009-02-2610.0CVE-2009-0617
BID
CISCO
back cisco -- application networking manager
 Unspecified vulnerability in the Java agent in Cisco Application Networking Manager (ANM) before 2.0 Update A allows remote attackers to gain privileges, and cause a denial of service (service outage) by stopping processes, or obtain sensitive information by reading configuration files.2009-02-268.5CVE-2009-0618
CISCO
back cisco -- application control engine module
 Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.1) uses default (1) usernames and (2) passwords for (a) the administrator and (b) web management, which makes it easier for remote attackers to perform configuration changes or obtain operating-system access.2009-02-2610.0CVE-2009-0620
BID
CISCO
back cisco -- ace 4710
 Cisco ACE 4710 Application Control Engine Appliance before A1(8a) uses default (1) usernames and (2) passwords for (a) the administrator, (b) web management, and (c) device management, which makes it easier for remote attackers to perform configuration changes to the Device Manager and other components, or obtain operating-system access.2009-02-2610.0CVE-2009-0621
CISCO
back cisco -- ace 4710
cisco -- application control engine module
 Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.2) and Cisco ACE 4710 Application Control Engine Appliance before A1(8a) allows remote authenticated users to execute arbitrary operating-system commands through a command line interface (CLI).2009-02-269.0CVE-2009-0622
CISCO
back cisco -- ace 4710
cisco -- application control engine module
 Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.3) and Cisco ACE 4710 Application Control Engine Appliance before A3(2.1) allows remote attackers to cause a denial of service (device reload) via a crafted SSH packet.2009-02-267.8CVE-2009-0623
BID
CISCO
back cisco -- ace 4710
cisco -- application control engine module
 Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.2) and Cisco ACE 4710 Application Control Engine Appliance before A1(8.0) allows remote attackers to cause a denial of service (device reload) via a crafted SNMPv3 packet.2009-02-267.8CVE-2009-0625
BID
CISCO
back cisco -- ace 4710
cisco -- application control engine module
 The username command in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers and Cisco ACE 4710 Application Control Engine Appliance stores a cleartext password by default, which allows context-dependent attackers to obtain sensitive information.2009-02-267.8CVE-2009-0742
CISCO
back craftsilicon -- banking@home
 SQL injection vulnerability in Login.asp in Craft Silicon Banking@Home 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the LoginName parameter.2009-02-257.5CVE-2009-0741
BID
BUGTRAQ
SECUNIA
FULLDISC
back e-topbiz -- admanager
 SQL injection vulnerability in view.php in E-topbiz AdManager 4 allows remote attackers to execute arbitrary SQL commands via the group parameter.2009-02-247.5CVE-2008-6261
XF
BID
MILW0RM
SECUNIA
back e-topbiz -- slide popups
 SQL injection vulnerability in admin/admin.php in E-topbiz Slide Popups 1.0 allows remote attackers to execute arbitrary SQL commands via the password parameter.2009-02-247.5CVE-2008-6264
XF
VUPEN
BID
MISC
back e-topbiz -- link back checker
 E-topbiz Link Back Checker 1 allows remote attackers to bypass authentication and gain administrative access by setting the auth cookie to "admin."2009-02-267.5CVE-2008-6307
BID
MILW0RM
SECUNIA
OSVDB
back emc -- networker client
emc -- networker module
emc -- networker powersnap
emc -- networker server
emc -- networker storage node
 nsrexecd.exe in multiple EMC Networker products including EMC NetWorker Server, Storage Node, and Client 7.3.x and 7.4, 7.4.1, 7.4.2, Client and Storage Node for Open VMS 7.3.2 ECO6 and earlier, Module for Microsoft Exchange 5.1 and earlier, Module for Microsoft Applications 2.0 and earlier, Module for Meditech 2.0 and earlier, and PowerSnap 2.4 SP1 and earlier does not properly control the allocation of memory, which allows remote attackers to cause a denial of service (memory exhaustion) via multiple crafted RPC requests.2009-02-207.8CVE-2008-6219
SECTRACK
BID
BUGTRAQ
BUGTRAQ
VUPEN
MISC
SECUNIA
back fivedollarscripts -- drinks
 SQL injection vulnerability in index.php in Five Dollar Scripts Drinks script allows remote attackers to execute arbitrary SQL commands via the recid parameter.2009-02-207.5CVE-2008-6233
BID
MILW0RM
VUPEN
SECUNIA
back frankmancuso -- auth php
 SQL injection vulnerability in login.php in Auth Php 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) passwd parameters.2009-02-257.5CVE-2009-0738
BID
MILW0RM
SECUNIA
back frankmancuso -- mynews
 SQL injection vulnerability in login.php in MyNews 0.10 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) passwd parameters.2009-02-257.5CVE-2009-0739
BID
MILW0RM
back frankmancuso -- bluebird
 SQL injection vulnerability in login.php in BlueBird Prelease allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) passwd parameters.2009-02-257.5CVE-2009-0740
BID
MILW0RM
back getmiro -- broadcast machine
 Multiple PHP remote file inclusion vulnerabilities in Broadcast Machine 0.1 allow remote attackers to execute arbitrary PHP code via a URL in the baseDir parameter to (1) MySQLController.php, (2) SQLController.php, (3) SetupController.php, (4) VideoController.php, and (5) ViewController.php in controllers/.2009-02-257.5CVE-2008-6287
XF
VUPEN
BID
MILW0RM
back gigcalendar -- gigcalendar component
 SQL injection vulnerability in the GigCalendar (com gigcal) component 1.0 for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the gigcal gigs id parameter in a details action to index.php.2009-02-247.5CVE-2009-0726
XF
BID
MILW0RM
back gwm -- galatolo webmanager
 SQL injection vulnerability in plugins/users/index.php in Galatolo WebManager 1.3a and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.2009-02-237.5CVE-2008-6249
BID
MILW0RM
SECUNIA
back gwm -- galatolo webmanager
 Galatolo WebManager 1.3a allows remote attackers to bypass authentication and gain administrative access by setting the (1) gwm user and (2) gwm pass cookies to admin. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.2009-02-267.5CVE-2008-6300
XF
MISC
BID
back hp -- mercury quality center
hp -- testdirector
 HP Mercury Quality Center (QC) 9.2 and earlier, and possibly TestDirector, relies on cached client-side scripts to implement "workflow" and decisions about the "capability" of a user, which allows remote attackers to execute arbitrary code via crafted use of the Open Test Architecture (OTA) API, as demonstrated by modifying (1) common.tds, (2) defects.tds, (3) manrun.tds, (4) req.tds, (5) testlab.tds, or (6) testplan.tds in %tmp%\TD 80, and then setting the file's properties to read-only.2009-02-247.6CVE-2007-5289
CERT-VN
XF
BID
BUGTRAQ
SECUNIA
MISC
back hp -- virtual rooms
 Unspecified vulnerability in HP Virtual Rooms Client before 7.0.1, when running on Windows, allows remote attackers to execute arbitrary code via unknown vectors.2009-02-267.5CVE-2009-0208
HP
HP
back ibm -- websphere mq
 Unspecified vulnerability in the queue manager in IBM WebSphere MQ (WMQ) 5.3, 6.0 before 6.0.2.6, and 7.0 before 7.0.0.2 allows local users to gain privileges via vectors related to the (1) setmqaut, (2) dmpmqaut, and (3) dspmqaut authorization commands.2009-02-247.2CVE-2009-0439
XF
MISC
back ibm -- txseries
 The CICS listener in IBM TXSeries for Multiplatforms 6.2 GA waits for a forcepurge acknowledgement from the CICS Application Server (CICSAS) after an eci response timeout, which might allow remote authenticated users to cause a denial of service (forcepurge handling delay), or have unspecified other impact, via vectors involving slow or nonexistent acknowledgement.2009-02-259.0CVE-2009-0505
CONFIRM
back infireal -- saturncms
 SQL injection vulnerability in lib/url/meta url.php in SaturnCMS allows remote attackers to execute arbitrary SQL commands via the URL to the translate function. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.2009-02-247.5CVE-2008-6262
XF
SECUNIA
back infireal -- saturncms
 SQL injection vulnerability in lib/user/t user.php in SaturnCMS allows remote attackers to execute arbitrary SQL commands via the username parameter to the userLoggedIn function. NOTE: some of these details are obtained from third party information.2009-02-247.5CVE-2008-6263
XF
BID
MILW0RM
SECUNIA
back interface-medien -- ibase
 Directory traversal vulnerability in download.php in Interface Medien ibase 2.03 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter.2009-02-257.8CVE-2008-6288
XF
BID
MILW0RM
SECUNIA
back jadu -- jadu galaxies
 SQL injection vulnerability in scripts/documents.php in Jadu Galaxies allows remote attackers to execute arbitrary SQL commands via the categoryID parameter.2009-02-247.5CVE-2008-6254
BID
MILW0RM
SECUNIA
back joomla -- com musica
mambo-foundation -- com musica
 SQL injection vulnerability in the com musica module in Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.2009-02-207.5CVE-2008-6234
BID
BUGTRAQ
MILW0RM
back joovili -- joovili
 Joovili 3.1.4 allows remote attackers to bypass authentication and gain privileges as other users, including the administrator, by setting the (1) session id, session logged in, and session username cookies for user privileges; (2) session admin id, session admin username, and session admin cookies for admin privileges; and (3) session staff id, session staff username, and session staff cookies for staff users.2009-02-257.5CVE-2008-6269
XF
VUPEN
BID
MILW0RM
SECUNIA
back libpng -- libpng
 Memory leak in the png handle tEXt function in pngrutil.c in libpng before 1.2.33 rc02 and 1.4.0 beta36 allows context-dependent attackers to cause a denial of service (memory exhaustion) via a crafted PNG file.2009-02-207.1CVE-2008-6218
VUPEN
CONFIRM
CONFIRM
back manzovi -- proquiz
 SQL injection vulnerability in index.php in ProQuiz 1.0 allows remote attackers to execute arbitrary SQL commands via the username parameter.2009-02-277.5CVE-2008-6312
XF
BID
MILW0RM
back manzovi -- proquiz
 SQL injection vulnerability in index.php in ProQuiz 1.0 allows remote attackers to execute arbitrary SQL commands via the password parameter, a different vector than CVE-2008-6312.2009-02-277.5CVE-2008-6327
XF
MILW0RM
back maran -- php shop
 admin.php in Maran PHP Shop allows remote attackers to bypass authentication and gain administrative access by setting the user cookie to "demo."2009-02-267.5CVE-2008-6296
XF
BID
MILW0RM
back maxdev -- my egallery
 SQL injection vulnerability in the My eGallery module for MAXdev MDPro (MD-Pro) and Postnuke allows remote attackers to execute arbitrary SQL commands via the pid parameter in a showpic action to index.php.2009-02-247.5CVE-2009-0728
BID
MILW0RM
back microsoft -- excel
microsoft -- excel viewer
microsoft -- office
microsoft -- office compatibility pack
microsoft -- office excel
microsoft -- office excel viewer
 Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1; and Excel in Microsoft Office 2004 and 2008 for Mac allow remote attackers to execute arbitrary code via a crafted Excel document that triggers an access attempt on an invalid object, as exploited in the wild in February 2009 by Trojan.Mdropper.AC.2009-02-259.3CVE-2009-0238
XF
MISC
BID
CONFIRM
SECTRACK
MISC
MISC
back miticdjd -- apoll
 SQL injection vulnerability in admin/index.php in Dragan Mitic Apoll 0.7 beta and 0.7.5 allows remote attackers to execute arbitrary SQL command via the user parameter.2009-02-257.5CVE-2008-6270
XF
BID
MILW0RM
back miticdjd -- apoll
 SQL injection vulnerability in admin/index.php in Dragan Mitic Apoll 0.7 beta and 0.7.5 allows remote attackers to execute arbitrary SQL command via the pass parameter.2009-02-257.5CVE-2008-6272
XF
MILW0RM
back mole-group -- airline ticket sale script
 ** DISPUTED ** SQL injection vulnerability in info.php in Mole Group Airline Ticket Sale Script allows remote attackers to execute arbitrary SQL commands via the flight parameter. NOTE: the vendor has disputed this issue, stating "crazy hackers and so named Security companies [spread] out such false informations. Such scripts or versions [do not] exist."2009-02-207.5CVE-2008-6225
MISC
MILW0RM
VUPEN
SECUNIA
back nokia -- nokia pc suite
 Heap-based buffer overflow in MultimediaPlayer.exe 6.86.240.7 in Nokia PC Suite 6.86.9.3 allows remote attackers to execute arbitrary code via a long string in a .m3u playlist file.2009-02-259.3CVE-2009-0734
VUPEN
BUGTRAQ
SECUNIA
OSVDB
back openasp -- openasp
 SQL injection vulnerability in default.asp in Openasp 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the idpage parameter in the pages module.2009-02-247.5CVE-2008-6257
XF
BID
MILW0RM
SECUNIA
back orbitdownloader -- orbit downloader
 Stack-based buffer overflow in Orbit Downloader 2.8.2 and 2.8.3, and possibly other versions before 2.8.5, allows remote attackers to execute arbitrary code via a crafted HTTP URL with a long host name, which is not properly handled when constructing a "Connecting" log message.2009-02-269.3CVE-2009-0187
VUPEN
BID
back phoca -- phoca documentation
 SQL injection vulnerability in the Phoca Documentation (com phocadocumentation) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a section action to index.php.2009-02-237.5CVE-2009-0702
VUPEN
BID
MILW0RM
back phpfootball -- phpfootball
 SQL injection vulnerability in login.php in PHPFootball 1.6 allows remote attackers to execute arbitrary SQL commands via the user parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.2009-02-237.5CVE-2009-0709
XF
SECUNIA
OSVDB
back phpfootball -- phpfootball
 filter.php in PHPFootball 1.6 and earlier allows remote attackers to retrieve password hashes via a request with an Accounts value for the dbtable parameter, in conjunction with a Password value for the dbfield parameter. NOTE: this has been reported as a SQL injection vulnerability by some sources, but the provenance of that information is unknown.2009-02-237.5CVE-2009-0711
OSVDB
MILW0RM
SECUNIA
back phpmygallery -- phpmygallery
 PHP remote file inclusion vulnerability in conf/core/common-tpl-vars.php in PHPmyGallery 1.0 beta2 allows remote attackers to execute arbitrary PHP code via a URL in the confdir parameter, a different issue than CVE-2008-6316.2009-02-277.5CVE-2008-6315
BID
MILW0RM
back phpmygallery -- phpmygallery
 PHP remote file inclusion vulnerability in conf/ php-core/common-tpl-vars.php in PHPmyGallery 1.5 beta allows remote attackers to execute arbitrary PHP code via a URL in the admindir parameter, a different vector than CVE-2008-6317.2009-02-277.5CVE-2008-6318
BID
MILW0RM
back potato-scripts -- potato news
 Directory traversal vulnerability in admin.php in Potato News 1.0.0 allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the user cookie parameter.2009-02-247.5CVE-2009-0722
BID
MILW0RM
back powerscripts -- powerclan
 SQL injection vulnerability in admin/index.php in PowerClan 1.14a allows remote attackers to execute arbitrary SQL commands via the loginemail parameter (aka login field). NOTE: some of these details are obtained from third party information.2009-02-237.5CVE-2009-0707
XF
BID
MILW0RM
SECUNIA
OSVDB
back preproject -- pre multi-vendor shopping malls
 SQL injection vulnerability in buyer detail.php in Pre Multi-Vendor Shopping Malls allows remote attackers to execute arbitrary SQL commands via the (1) sid and (2) cid parameters.2009-02-207.5CVE-2008-6227
BID
MILW0RM
VUPEN
back preproject -- pre multi-vendor shopping malls
 Pre Multi-Vendor Shopping Malls allows remote attackers to bypass authentication and gain administrative access by setting the (1) adminname and the (2) adminid cookies to "admin".2009-02-207.5CVE-2008-6228
MILW0RM
VUPEN
back preprojects -- pre podcast portal
 SQL injection vulnerability in Tour.php in Pre Projects Pre Podcast Portal allows remote attackers to execute arbitrary SQL commands via the id parameter.2009-02-207.5CVE-2008-6230
BID
MILW0RM
VUPEN
SECUNIA
back preprojects -- pre classified listings
 Pre Classified Listing PHP allows remote attackers to bypass authentication and gain administrative access by setting the (1) adminname and the (2) adminid cookies to "admin".2009-02-207.5CVE-2008-6231
MILW0RM
VUPEN
SECUNIA
back preprojects -- pre shopping mall
 Pre Shopping Mall allows remote attackers to bypass authentication and gain administrative access by setting the (1) adminname and the (2) adminid cookies to "admin".2009-02-207.5CVE-2008-6232
MILW0RM
VUPEN
SECUNIA
back prezmo -- small shoutbox
 SQL injection vulnerability in shoutbox view.php in the Small ShoutBox module 1.4 for phpBB allows remote attackers to execute arbitrary SQL commands via the id parameter in a delete action.2009-02-267.5CVE-2008-6301
BID
MILW0RM
SECUNIA
back quadcomm -- q-shop
 SQL injection vulnerability in users.asp in QuadComm Q-Shop 3.0, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the (1) UserID and (2) Pwd parameters. NOTE: this might be related to CVE-2004-2108.2009-02-247.5
back Relevant Products

  • Ethereal
  • PCRE
  • Sun
  • activesync
  • aol
  • apache
  • bea
  • blackboard
  • cisco
  • citrix
  • comodo
  • epolicy
  • fedora
  • gentoo
  • gnu
  • gzip
  • jakarta
  • linux
  • metaframe
  • mysql
  • nagios
  • novell
  • openoffice
  • openoffice.org
  • openoffice.org/staroffice
  • openssh
  • openssl
  • oracle
  • palm
  • palmos
  • peoplesoft
  • perl
  • php
  • postfix
  • red hat
  • samba
  • solaris
  • sql
  • ssh
  • tomcat
  • vim
  • vmware
  • webct
  • windows ce
  • windowsce