Monthly Archive: January 2008

cpie.php in XCMS 1.83 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to conduct direct static code injection attacks and execute arbitrary code via the...

Directory traversal vulnerability in wiki/edit.php in Bitweaver R2 CMS allows remote attackers to obtain sensitive information (script source code) via a .. (dot dot) in the suck_url parameter. Date published : 2008-01-04 http://www.securityfocus.com/bid/27081 http://www.securityfocus.com/archive/1/485642/100/0/threaded

Unrestricted file upload vulnerability in fisheye/upload.php in Bitweaver R2 CMS allows remote attackers to upload arbitrary files by using the image/gif content type, and possibly other image and PDF content types, as demonstrated by...

PHP remote file inclusion vulnerability in includes/tumbnail.php in MatPo Bilder Galerie 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter. Date published : 2008-01-04 http://www.securityfocus.com/bid/27073 https://www.exploit-db.com/exploits/4815

Directory traversal vulnerability in index.php in SanyBee Gallery 0.1.0 and 0.1.1 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the p parameter. Date published : 2008-01-04 http://www.securityfocus.com/bid/27072...

SQL injection vulnerability in index.php in w-Agora 4.2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cat parameter. Date published : 2008-01-04 http://www.securityfocus.com/bid/27070 https://www.exploit-db.com/exploits/4817

Multiple cross-site scripting (XSS) vulnerabilities in LiveCart 1.0.1, and possibly other versions before 1.1.0, allow remote attackers to inject arbitrary web script or HTML via (1) the return parameter to user/remindPassword, (2) the q...

Unspecified vulnerability in Joomla! before 1.5 RC4 allows remote authenticated users to gain privileges via unspecified vectors, aka "registered user privilege escalation vulnerability." Date published : 2008-01-03 http://www.securityfocus.com/bid/28111 http://www.joomla.org/content/view/4335/116/

Joomla! before 1.5 RC4 allows remote authenticated administrators to promote arbitrary users to the administrator group, in violation of the intended security model. Date published : 2008-01-03 http://www.securityfocus.com/bid/28111 http://www.joomla.org/content/view/4335/116/

Cross-site scripting (XSS) vulnerability in the com_poll component in Joomla! before 1.5 RC4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Date published : 2008-01-03 http://www.securityfocus.com/bid/28111 http://www.joomla.org/content/view/4335/116/

Multiple cross-site request forgery (CSRF) vulnerabilities in Joomla! before 1.5 RC4 allow remote attackers to (1) add a Super Admin, (2) upload an extension containing arbitrary PHP code, and (3) modify the configuration as...

Cross-site scripting (XSS) vulnerability in dir.php in milliscripts Redirection allows remote attackers to inject arbitrary web script or HTML via the cat parameter in a browse action. Date published : 2008-01-03 http://www.securityfocus.com/bid/27078 http://www.securityfocus.com/archive/1/485653/100/0/threaded

Creammonkey 0.9 through 1.1 and GreaseKit 1.2 through 1.3 does not properly prevent access to dangerous functions, which allows remote attackers to read the configuration, modify the configuration, or send an HTTP request via...

SQL injection vulnerability in index.php in IPTBB 0.5.4 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter in a viewdir action. Date published : 2008-01-03 http://www.securityfocus.com/bid/27082 https://www.exploit-db.com/exploits/4821