Unspecified vulnerability in Avaya IP Softphone 6.0 SP4 and 6.01.85 allows remote attackers to cause a denial of service (crash) via a large amount of H.323 data. Date published : 2009-02-13 http://www.securityfocus.com/bid/31635 http://support.avaya.com/elmodocs2/security/ASA-2008-363.htm
Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Avaya one-X Desktop Edition 2.1.0.78 allows remote attackers to cause a denial of service (crash) via unspecified vectors. Date published : 2009-02-13 http://www.securityfocus.com/bid/31636 http://support.avaya.com/elmodocs2/security/ASA-2008-370.htm
Directory traversal vulnerability in faqsupport/wce.download.php in WebBiscuits Modules Controller 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the download parameter. Date published : 2009-02-13 http://www.securityfocus.com/bid/31655 https://www.exploit-db.com/exploits/6703
PHP remote file inclusion vulnerability in adminhead.php in WebBiscuits Modules Controller 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter. Date published : 2009-02-13 http://www.securityfocus.com/bid/31655...
EveryBlog 5.x and 6.x, a module for Drupal, allows remote attackers to bypass access restrictions via unknown vectors. Date published : 2009-02-13 http://www.securityfocus.com/bid/31656 http://drupal.org/node/318746
Unspecified vulnerability in EveryBlog 5.x and 6.x, a module for Drupal, allows remote attackers to gain privileges as another user or an administrator via unknown attack vectors. Date published : 2009-02-13 http://www.securityfocus.com/bid/31656 http://drupal.org/node/318746
Cross-site scripting (XSS) vulnerability in EveryBlog 5.x and 6.x, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Date published : 2009-02-13 http://www.securityfocus.com/bid/31656 http://drupal.org/node/318746
SQL injection vulnerability in EveryBlog 5.x and 6.x, a module for Drupal, allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Date published : 2009-02-13 http://www.securityfocus.com/bid/31656 http://drupal.org/node/318746
SQL injection vulnerability in arsaprint.php in Full PHP Emlak Script allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3942. Date published : 2009-02-13 https://www.exploit-db.com/exploits/6659 https://exchange.xforce.ibmcloud.com/vulnerabilities/45643
Eval injection vulnerability in reserve.php in phpScheduleIt 1.2.10 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via the start_date parameter. Date published : 2009-02-13 http://www.securityfocus.com/bid/31520 http://phpscheduleit.svn.sourceforge.net/viewvc/phpscheduleit/1.2.11/reserve.php?r1=318&r2=328
Session fixation vulnerability in moziloWiki 1.0.1 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter. Date published : 2009-02-13 http://www.securityfocus.com/bid/31493 http://marc.info/?l=bugtraq&m=122278832621348&w=2
Cross-site scripting (XSS) vulnerability in index.php in moziloWiki 1.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) action and (2) page parameters. Date published : 2009-02-13 http://www.securityfocus.com/bid/31493...
Directory traversal vulnerability in print.php in moziloWiki 1.0.1 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter. Date published : 2009-02-13 http://www.securityfocus.com/bid/31493 http://marc.info/?l=bugtraq&m=122278832621348&w=2
Session fixation vulnerability in moziloCMS 1.10.2 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter. Date published : 2009-02-13 http://www.securityfocus.com/bid/31495 http://cms.mozilo.de/index.php?cat=10_moziloCMS&page=60_Changelog