Monthly Archive: November 2006

Multiple SQL injection vulnerabilities in Enthrallweb eClassifieds allow remote attackers to execute arbitrary SQL commands via the (1) AD_ID, (2) cat_id, (3) sub_id, and (4) ad_id parameters to (a) ad.asp, the (5) cid parameter...

** DISPUTED ** SQL injection vulnerability in products.asp in Evolve shopping cart (aka Evolve Merchant) allows remote attackers to execute arbitrary SQL commands via the partno parameter. NOTE: the vendor disputes this issue, stating...

SQL injection vulnerability in item.asp in WarHound General Shopping Cart allows remote attackers to execute arbitrary SQL commands via the ItemID parameter. Date published : 2006-11-30 http://www.securityfocus.com/bid/21324 http://www.securityfocus.com/archive/1/452707/100/0/threaded

Multiple cross-site scripting (XSS) vulnerabilities in result.asp in Enthrallweb eHomes allow remote attackers to inject arbitrary web script or HTML via the (1) city or (2) State parameter. Date published : 2006-11-30 http://www.securityfocus.com/bid/21193 http://www.securityfocus.com/archive/1/452107/100/100/threaded

Multiple SQL injection vulnerabilities in Enthrallweb eHomes allow remote attackers to execute arbitrary SQL commands via the (1) cid parameter to (a) dircat.asp; the (2) sid parameter to (b) dirSub.asp; the (3) TYPE_ID parameter...

Directory traversal vulnerability in startdown.php in the Flyspray ME 1.0.1 (com_flyspray) component for Mambo allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. Date published : 2006-11-30...

PHP remote file inclusion vulnerability in modules/NukeAI/util.php in the NukeAI 0.0.3 Beta module for PHP-Nuke, aka Program E is an AIML chatterbot, allows remote attackers to execute arbitrary PHP code via a URL in...

Heap-based buffer overflow in Borland idsql32.dll 5.1.0.4, as used by RevilloC MailServer; 5.2.0.2 as used by Borland Developer Studio 2006; and possibly other versions allows remote attackers to execute arbitrary code via a long...

Multiple SQL injection vulnerabilities in the (1) rate_article and (2) rate_complete functions in modules/News/index.php in the News module in Francisco Burzi PHP-Nuke 7.9 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute...

Stack-based buffer overflow in BlazeVideo BlazeDVD Standard and Professional 5.0, and possibly earlier, allows remote attackers to execute arbitrary code via a long filename in a PLF playlist. Date published : 2006-11-30 http://www.securityfocus.com/bid/21337 http://www.exploit-db.com/exploits/23783

Multiple cross-site scripting (XSS) vulnerabilities in cPanel WebHost Manager (WHM) 3.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the (1) email parameter to (a) scripts2/dochangeemail, the (2) supporturl parameter...

Multiple cross-site scripting (XSS) vulnerabilities in b2evolution 1.8.2 through 1.9 beta allow remote attackers to inject arbitrary web script or HTML via the (1) app_name parameter in (a) _404_not_found.page.php, (b) _410_stats_gone.page.php, and (c) _referer_spam.page.php...

Cross-site scripting (XSS) vulnerability in the search functionality in Fixit iDMS Pro Image Gallery allows remote attackers to inject arbitrary web script or HTML via a search field (txtsearchtext parameter). Date published : 2006-11-30...

Multiple SQL injection vulnerabilities in Fixit iDMS Pro Image Gallery allow remote attackers to execute arbitrary SQL commands via the (1) show_id or (2) parentid parameter to (a) filelist.asp, or the (3) fid parameter...