Monthly Archive: July 2005

A design error in Opera 8.01 and earlier allows user-assisted attackers to execute arbitrary code by overlaying a malicious new window above a file download dialog box, then tricking the user into double-clicking on...

Opera 8.01 allows remote attackers to conduct cross-site scripting (XSS) attacks or modify which files are uploaded by tricking a user into dragging an image that is a "javascript:" URI. Date published : 2005-07-28...

Opera 8.01, when the "Arial Unicode MS" font (ARIALUNI.TTF) is installed, does not properly handle extended ASCII characters in the file download dialog box, which allows remote attackers to spoof file extensions and possibly...

SQL injection vulnerability in sendcard.php in Sendcard 3.2.3 allows remote attackers to execute arbitrary SQL commands via the id parameter. Date published : 2005-07-27 http://www.securityfocus.com/bid/14351 http://www.osvdb.org/18153

The login protocol in RealChat 3.5.1b does not use authentication, which allows remote attackers to log on as other users by sniffing the beginning of a chat session and replaying it via a modified...

Cross-site scripting (XSS) vulnerability in search.php in PHPSiteSearch 1.7.7d allows remote attackers to inject arbitrary web script or HTML via the query parameter. Date published : 2005-07-27 http://www.securityfocus.com/bid/14344 http://www.rgod.altervista.org/PHPSiteSearch177dpoc.txt

PHP-Fusion allows remote attackers to inject arbitrary Cascading Style Sheets (CSS) via the BBCode color tag. Date published : 2005-07-27 http://www.securityfocus.com/bid/14332 http://www.osvdb.org/18111

The inc.login.php scripts in PHPFinance 0.3 allows remote attackers to bypass the login and gain privileges. Date published : 2005-07-27 http://www.securityfocus.com/bid/14322 http://cvs.sourceforge.net/viewcvs.py/phpfinance/phpfinance/inc.conf.php?rev=1.2&view=log

PHP Surveyor 0.98 allows remote attackers to trigger SQL errors via missing parameters to (1) browse.php, (2) export.php, (3) conditions.php, or (4) spss.php. Date published : 2005-07-27 http://www.securityfocus.com/bid/14331 http://marc.info/?l=bugtraq&m=112188282401681&w=2

Multiple SQL injection vulnerabilities in PHP Surveyor 0.98 allows remote attackers to execute arbitrary SQL commands via (1) the sid, start, and id parameters to browse.php, the sid parameter to (2) dataentry.php, (3) export.php,...

Cross-site scripting (XSS) vulnerability in guestbook.php in phpBook 1.46 allows remote attackers to inject arbitrary web script or HTML via the admin parameter. Date published : 2005-07-27 http://www.securityfocus.com/bid/14390 http://www.osvdb.org/18295

Cross-site scripting (XSS) vulnerability in MediaWiki 1.4.6 and earlier allows remote attackers to inject arbitrary web script or HTML via a parameter to the page move template. Date published : 2005-07-27 http://www.securityfocus.com/bid/14327 http://security.gentoo.org/glsa/glsa-200507-18.xml

Mozilla Firefox 1.0.4 and 1.0.5 does not choose the challenge with the strongest authentication scheme available as required by RFC2617, which might cause credentials to be sent in plaintext even if an encrypted channel...

show_news.php in CuteNews 1.3.6 allows remote attackers to obtain the full path of the server via an invalid archive parameter. Date published : 2005-07-27 http://securitytracker.com/id?1014514 http://secunia.com/advisories/16129