Monthly Archive: April 2009

10/04/2009

CVE-2008-6701

NetScout (formerly Network General) Visualizer V2100 and InfiniStream i1730 do not restrict access to ResourceManager/en_US/domains/add_domain.jsp, which allows remote attackers to gain administrator privileges via a direct request. Date published : 2009-04-10 http://www.securityfocus.com/archive/1/493171/100/0/threaded http://osvdb.org/46195

10/04/2009

CVE-2008-6700

Multiple cross-site scripting (XSS) vulnerabilities in Butterfly Organizer 2.0.0 allow remote attackers to inject arbitrary web script or HTML via the (1) mytable parameter to view.php, (2) mytable parameter to viewdb2.php, (3) tablehere parameter...

10/04/2009

CVE-2008-6699

Cross-site scripting (XSS) vulnerability in Resource Library (tjs_reslib) 0.1.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. Date published : 2009-04-10 http://www.securityfocus.com/bid/29832 http://typo3.org/teams/security/security-bulletins/typo3-20080619-1/

10/04/2009

CVE-2008-6698

Cross-site scripting (XSS) vulnerability in TARGET-E WorldCup Bets (worldcup) 2.0.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. Date published : 2009-04-10 http://www.securityfocus.com/bid/29826 http://typo3.org/teams/security/security-bulletins/typo3-20080619-1/

10/04/2009

CVE-2008-6697

SQL injection vulnerability in TARGET-E WorldCup Bets (worldcup) 2.0.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. Date published : 2009-04-10 http://www.securityfocus.com/bid/29826 http://typo3.org/teams/security/security-bulletins/typo3-20080619-1/

10/04/2009

CVE-2008-6696

SQL injection vulnerability in Fussballtippspiel (toto) 0.1.1 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. Date published : 2009-04-10 http://www.securityfocus.com/bid/29824 http://typo3.org/extensions/repository/view/toto/0.1.2/

10/04/2009

CVE-2008-6695

SQL injection vulnerability in TIMTAB social bookmark icons (timtab_sociable) 2.0.4 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. Date published : 2009-04-10 http://www.securityfocus.com/bid/29823 http://typo3.org/extensions/repository/view/timtab_sociable/2.0.5/

10/04/2009

CVE-2008-6694

SQL injection vulnerability in Random Prayer (ste_prayer) 0.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. Date published : 2009-04-10 http://www.securityfocus.com/bid/29827 http://typo3.org/teams/security/security-bulletins/typo3-20080619-1/

10/04/2009

CVE-2008-6693

SQL injection vulnerability in Download system (sb_downloader) extension 0.1.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. Date published : 2009-04-10 http://www.securityfocus.com/bid/29825 http://typo3.org/teams/security/security-bulletins/typo3-20080619-1/

10/04/2009

CVE-2008-6692

SQL injection vulnerability in Diocese of Portsmouth Training Courses (pd_trainingcourses) extension 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. Date published : 2009-04-10 http://www.securityfocus.com/bid/29822 http://typo3.org/teams/security/security-bulletins/typo3-20080619-1/

10/04/2009

CVE-2008-6691

SQL injection vulnerability in Diocese of Portsmouth Calendar Today (pd_calendar_today) extension 0.0.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. Date published : 2009-04-10 http://www.securityfocus.com/bid/29819 http://typo3.org/teams/security/security-bulletins/typo3-20080619-1/

10/04/2009

CVE-2008-6690

Unspecified vulnerability in nepa-design.de Spam Protection (nd_antispam) extension 1.0.3 for TYPO3 allows remote attackers to modify configuration via unknown vectors. Date published : 2009-04-10 http://www.securityfocus.com/bid/29833 http://typo3.org/teams/security/security-bulletins/typo3-20080619-1/

10/04/2009

CVE-2008-6689

SQL injection vulnerability in JobControl (dmmjobcontrol) 1.15.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. Date published : 2009-04-10 http://typo3.org/teams/security/security-bulletins/typo3-20080619-1/ http://osvdb.org/46386

10/04/2009

CVE-2008-6688

Cross-site scripting (XSS) vulnerability in JobControl (dmmjobcontrol) 1.15.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. Date published : 2009-04-10 http://www.securityfocus.com/bid/29828 http://typo3.org/teams/security/security-bulletins/typo3-20080619-1/

Monthly Archive: April 2009

CVE-2008-6701

CVE-2008-6700

CVE-2008-6699

CVE-2008-6698

CVE-2008-6697

CVE-2008-6696

CVE-2008-6695

CVE-2008-6694

CVE-2008-6693

CVE-2008-6692

CVE-2008-6691

CVE-2008-6690

CVE-2008-6689

CVE-2008-6688

Recent Posts

Categories

Monthly Archive: April 2009

Recent Posts

Categories

Tags