Monthly Archive: April 2007

Race condition in the Virtual DOS Machine (VDM) in the Windows Kernel in Microsoft Windows NT 4.0 allows local users to modify memory and gain privileges via the temporary DevicePhysicalMemory section handle, a related...

SQL injection vulnerability in fotokategori.asp in Gazi Okul Sitesi 2007 allows remote attackers to execute arbitrary SQL commands via the query string. Date published : 2007-04-11 http://www.securityfocus.com/bid/23316 http://www.securityfocus.com/archive/1/464738/100/0/threaded

Mozilla Firefox does not warn the user about HTTP elements on an HTTPS page when the HTTP elements are dynamically created by a delayed document.write, which allows remote attackers to supply unauthenticated content and...

Cross-site scripting (XSS) vulnerability in admin/modify.php in Sam Crew MyBlog remote attackers to inject arbitrary web script or HTML via the id parameter. Date published : 2007-04-11 http://www.securityfocus.com/archive/1/464712/100/0/threaded http://securityreason.com/securityalert/2549

PHP remote file inclusion vulnerability in games.php in Sam Crew MyBlog, possibly 1.0 through 1.6, allows remote attackers to execute arbitrary PHP code via a URL in the scoreid parameter. Date published : 2007-04-11...

** DISPUTED ** PHP remote file inclusion vulnerability in index.php in stat12 allows remote attackers to execute arbitrary PHP code via a URL in the langpath parameter. NOTE: this issue was published by an...

Session fixation vulnerability in eXV2 CMS 2.0.4.3 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID cookie. Date published : 2007-04-11 http://marc.info/?l=bugtraq&m=117570977117962&w=2 http://www.majorsecurity.de/index_2.php?major_rls=major_rls38

Multiple cross-site scripting (XSS) vulnerabilities in eXV2 CMS 2.0.4.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the set_lang parameter to (1) archive.php, (2) article.php, (3) index.php, or (4)...

member.php in MyBB (aka MyBulletinBoard), when debug mode is available, allows remote authenticated users to change the password of any account by providing the account’s registered e-mail address in a debug request for a...

SQL injection vulnerability in the create_session function in class_session.php in MyBB (aka MyBulletinBoard) 1.2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the Client-IP HTTP header, as utilized by index.php, a...

SQL injection vulnerability in index.php in the WF-Snippets 1.02 and earlier module for XOOPS allows remote attackers to execute arbitrary SQL commands via the c parameter in a cat action. Date published : 2007-04-11...

PHP remote file inclusion vulnerability in mutant_functions.php in the Mutant 0.9.2 portal for phpBB 2.2 allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. Date published : 2007-04-11...

SQL injection vulnerability in visit.php in the Rha7 Downloads (rha7downloads) 1.0 module for XOOPS, and possibly other versions up to 1.10, allows remote attackers to execute arbitrary SQL commands via the lid parameter. Date...

Unspecified vulnerability in the process_cmdent function in command.cpp in TinyMUX before 2.4 has unknown impact and attack vectors, related to lack of the "’other half’ of buffer overflow protection." Date published : 2007-04-11 http://www.tinymux.org/changes.txt...