Monthly Archive: April 2005

Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 7.6 allow remote attackers to inject arbitrary web script or HTML via (1) the bid parameter to the EmailStats op in banners.pgp, (2) the ratenum parameter in...

SQL injection vulnerability in the Top module for PHP-Nuke 6.x through 7.6 allows remote attackers to execute arbitrary SQL commands via the querylang parameter. Date published : 2005-04-07 http://marc.info/?l=bugtraq&m=111281649616901&w=2 http://www.waraxe.us/advisory-41.html

The Web_Links module for PHP-Nuke 7.6 allows remote attackers to obtain sensitive information via an invalid show parameter, which triggers a division by zero PHP error that leaks the full pathname of the server....

Multiple SQL injection vulnerabilities in the Web_Links module for PHP-Nuke 7.6 allow remote attackers to execute arbitrary SQL commands via (1) the email or url parameters in the Add function, (2) the url parameter...

Multiple SQL injection vulnerabilities in the Downloads module for PHP-Nuke 7.6 allow remote attackers to inject arbitrary web script or HTML via (1) the email or url parameters in the Add function, (2) the...

Multiple cross-site scripting (XSS) vulnerabilities in ProductCart 2.7 allow remote attackers to inject arbitrary web script or HTML via (1) the keyword parameter to advSearch_h.asp, (2) the redirectUrl parameter to NewCust.asp, (3) the country...

Multiple SQL injection vulnerabilities in ProductCart 2.7 allow remote attackers to execute arbitrary SQL commands via (1) the Category or resultCnt parameters to advSearch_h.asp, and possibly (2) the offset parameter to tarinasworld_butterflyjournal.asp. NOTE: it...

Buffer overflow in nwprint in SCO OpenServer 5.0.7 allows local users to execute arbitrary code via a long command line argument. Date published : 2005-04-07 http://www.securityfocus.com/bid/12986 http://marc.info/?l=bugtraq&m=111263251718491&w=2

Cross-site scripting (XSS) vulnerability in index.php in phpMyAdmin before 2.6.2-rc1 allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter. Date published : 2005-04-07 http://www.securityfocus.com/bid/12982 http://marc.info/?l=bugtraq&m=111264361622660&w=2

RC.BOOT in IBM AIX 5.1, 5.2, and 5.3 does not "use a secure location for temporary files," which allows local users to have an unknown impact, probably by overwriting files. Date published : 2005-04-06...

unshar (unshar.c) in sharutils 4.2.1 allows local users to overwrite arbitrary files via a symlink attack on the unsh.X temporary file. Date published : 2005-04-06 http://www.securityfocus.com/bid/12981 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=302412

The find_replen function in jsstr.c in the Javascript engine for Mozilla Suite 1.7.6, Firefox 1.0.1 and 1.0.2, and Netscape 7.2 allows remote attackers to read portions of heap memory in a Javascript string via...

Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being...

Unknown vulnerability in IRC Services NickServ LISTLINKS before 5.0.50 allows remote attackers to obtain the links of a nick. Date published : 2005-04-06 http://www.ircservices.esper.net/Changes.txt http://securitytracker.com/id?1013622