Monthly Archive: July 2007

SQL injection vulnerability in index.php in MAXdev MDPro (MD-Pro) 1.0.8x and earlier before 20070720 allows remote attackers to execute arbitrary SQL commands via the topicid parameter in a view action in the Topics module,...

Multiple SQL injection vulnerabilities in A-shop 0.70 and earlier allow remote attackers to execute arbitrary SQL commands via unspecified vectors. Date published : 2007-07-20 https://www.exploit-db.com/exploits/4198 https://exchange.xforce.ibmcloud.com/vulnerabilities/35484

Directory traversal vulnerability in admin/filebrowser.asp in A-shop 0.70 and earlier, and possibly 0.71, allows remote attackers to delete arbitrary files via unspecified filename references in the delfiles parameter. Date published : 2007-07-20 http://www.securityfocus.com/bid/24971 https://www.exploit-db.com/exploits/4198

PHP remote file inclusion vulnerability in link_main.php in the SupaNav 1.0.0 module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. Date published : 2007-07-20 https://www.exploit-db.com/exploits/4197...

PHP remote file inclusion vulnerability in postscript/postscript.php in BBS E-Market allows remote attackers to execute arbitrary PHP code via a URL in the p_mode parameter. Date published : 2007-07-20 http://www.securityfocus.com/bid/24957 https://www.exploit-db.com/exploits/4195

SQL injection vulnerability in insertorder.cfm in QuickEStore 8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the CFTOKEN parameter, a different vector than CVE-2006-2053. Date published : 2007-07-20 http://www.securityfocus.com/bid/24961 https://www.exploit-db.com/exploits/4193

uploadimg.php in the Expose RC35 and earlier (com_expose) component for Joomla! sends an error message but does not exit when it detects an attempt to upload a non-JPEG file, which allows remote attackers to...

The wrap_setuid_third_party_application function in the installation script for the Samsung SCX-4200 Driver 2.00.95 adds setuid permissions to third party applications such as xsane and xscanimage, which allows local users to gain privileges. Date published...

Interpretation conflict between Microsoft Internet Explorer and DocuWiki before 2007-06-26b allows remote attackers to inject arbitrary JavaScript and conduct cross-site scripting (XSS) attacks when spellchecking UTF-8 encoded messages via the spell_utf8test function in lib/exe/spellcheck.php,...

Use-after-free vulnerability in the BitTorrent support in Opera before 9.22 allows user-assisted remote attackers to execute arbitrary code via a crafted header in a torrent file, which leaves a dangling pointer to an invalid...

Buffer overflow in Yahoo! Messenger 8.1 allows user-assisted remote authenticated users to execute arbitrary code via a long e-mail address in an address book entry. NOTE: this might overlap CVE-2007-3638. Date published : 2007-07-20...

Multiple buffer overflows in Ipswitch IMail Server 2006 before 2006.21 (1) allow remote attackers to execute arbitrary code via unspecified vectors in Imailsec and (2) allow attackers to have an unknown impact via an...

Ipswitch IMail Server 2006 before 2006.21 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors involving an "overwritten destructor." Date published : 2007-07-20 http://docs.ipswitch.com/IMail%202006.21/ReleaseNotes/IMail_RelNotes.htm#NewRelease http://secunia.com/advisories/26123

Multiple buffer overflows in the IMAP service (imapd32.exe) in Ipswitch IMail Server 2006 before 2006.21 allow remote authenticated users to execute arbitrary code via the (1) Search or (2) Search Charset command. Date published...