Monthly Archive: September 2006

Format string vulnerability in Easy Address Book Web Server 1.2 allows remote attackers to cause a denial of service (crash) or "compromise the server" via encoded format string specifiers in the query string. Date...

(1) Amazing Little Poll and (2) Amazing Little Picture Poll store sensitive information under the web root with insufficient access control, which allows remote attackers to read the admin password via a direct request...

(1) Amazing Little Poll and (2) Amazing Little Picture Poll have a default password of "dsapoll", which allows remote attackers to create a new poll by entering default credentials via lp_admin.php. Date published :...

Directory traversal vulnerability in download/index.php, and possibly download.php, in threesquared.net (aka Ben Speakman) Php download allows remote attackers to overwrite arbitrary local files via .. (dot dot) sequence in the file parameter. Date published...

Cisco IOS 12.0, 12.1, and 12.2, when GRE IP tunneling is used and the RFC2784 compliance fixes are missing, does not verify the offset field of a GRE packet during decapsulation, which leads to...

PHP remote file inclusion vulnerability in bp_news.php in BinGo News (BP News) 3.01 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the bnrep parameter. Date published : 2006-09-08...

PHP remote file inclusion vulnerability in bp_ncom.php in BinGo News (BP News) 3.01 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the bnrep parameter. Date published : 2006-09-08...

PHP remote file inclusion vulnerability in news.php in Sponge News 2.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the sndir parameter. Date published : 2006-09-08 http://www.securityfocus.com/bid/19862 https://www.exploit-db.com/exploits/2309

Cross-site scripting (XSS) vulnerability in the Drupal 4.7 Pathauto module before pathauto_node.inc 1.17.2.1 and the Drupal 4.6 Pathauto module before pathauto_node.inc 1.14.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified...

PHP remote file inclusion vulnerability in akarru.gui/main_content.php in Akarru Social BookMarking Engine 0.4.3.34 and earlier, and possibly 0.4.4.120, allows remote attackers to execute arbitrary PHP code via a URL in the bm_content parameter. Date...

PHP remote file inclusion vulnerability in modules/home.module.php in phpFullAnnu 5.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the repmod parameter. Date published : 2006-09-08 http://www.securityfocus.com/bid/19875 https://www.exploit-db.com/exploits/2313

SQL injection vulnerability in consult/joueurs.php in Uni-Vert PhpLeague 0.82 and earlier allows remote attackers to execute arbitrary SQL commands via the id_joueur parameter. NOTE: the provenance of this information is unknown; the details are...

AuditWizard 6.3.2, when using "Remote Audit," logs the administrator password in plaintext to LaytonCmdSvc.log, which allows local users to obtain sensitive information by reading the file. Date published : 2006-09-08 http://www.securityfocus.com/bid/19860 http://www.securityfocus.com/archive/1/445220/100/0/threaded

SQL injection vulnerability in kategori.asp in Muratsoft Haber Portal 3.6 allows remote attackers to execute arbitrary SQL commands via the kat parameter. Date published : 2006-09-08 http://www.securityfocus.com/bid/19821 https://www.exploit-db.com/exploits/2294