Monthly Archive: July 2009

The Embedded OpenType (EOT) Font Engine (T2EMBED.DLL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to...

SQL injection vulnerability in content.php in Scripts For Sites (SFS) EZ Career allows remote attackers to execute arbitrary SQL commands via the topic parameter. Date published : 2009-07-14 http://www.securityfocus.com/bid/32037 https://www.exploit-db.com/exploits/6919

SQL injection vulnerability in modules.php in the Current_Issue module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a summary action. Date published : 2009-07-14 http://www.securityfocus.com/archive/1/497944/100/0/threaded http://osvdb.org/51889

SQL injection vulnerability in modules.php in the Sectionsnew module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action. Date published : 2009-07-14 http://www.securityfocus.com/archive/1/497939/100/0/threaded http://osvdb.org/51890

Xigla Software Absolute Live Support .NET 5.1 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. Date published : 2009-07-14 http://www.securityfocus.com/bid/32010 https://www.exploit-db.com/exploits/6892

Xigla Software Absolute Form Processor .NET 4.0 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. Date published : 2009-07-14 http://www.securityfocus.com/bid/32009 https://www.exploit-db.com/exploits/6891

Absolute Content Rotator 6.0 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. Date published : 2009-07-14 http://www.securityfocus.com/bid/32026 https://www.exploit-db.com/exploits/6889

Xigla Software Absolute Newsletter 6.0 and 6.1 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. Date published : 2009-07-14 http://www.securityfocus.com/bid/32029 https://www.exploit-db.com/exploits/6904

Xigla Software Absolute Poll Manager XE 4.1 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. Date published : 2009-07-14 http://www.securityfocus.com/bid/32005 https://www.exploit-db.com/exploits/6883

Xigla Software Absolute Control Panel XE 1.5 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. Date published : 2009-07-14 http://www.securityfocus.com/bid/32025 https://www.exploit-db.com/exploits/6893

Absolute Banner Manager .NET 4.0 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. Date published : 2009-07-14 http://www.securityfocus.com/bid/32023 https://www.exploit-db.com/exploits/6890

Absolute Podcast .NET 1.0 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. Date published : 2009-07-14 http://www.securityfocus.com/bid/32003 https://www.exploit-db.com/exploits/6882

Xigla Software Absolute News Manager.NET 5.1 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. Date published : 2009-07-14 http://www.securityfocus.com/bid/32024 https://www.exploit-db.com/exploits/6900

Xigla Software Absolute News Feed 1.0 and possibly 1.5 allows remote attackers to bypass authentication and gain administrative access by setting a certain cookie. Date published : 2009-07-14 http://www.securityfocus.com/bid/32027 https://www.exploit-db.com/exploits/6901