Monthly Archive: September 2009

SQL injection vulnerability in lesson.php in Alqatari Q R Script 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information....

Multiple cross-site scripting (XSS) vulnerabilities in Joker Board (aka JBoard) 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the notice parameter to editform.php, (2) the edit_user_message parameter...

Multiple SQL injection vulnerabilities in Joker Board (aka JBoard) 2.0 and earlier allow remote attackers to execute arbitrary SQL commands via (1) core/select.php or (2) the city parameter to top_add.inc.php, reachable through sboard.php. Date...

Stack-based buffer overflow in akPlayer 1.9.0 allows remote attackers to execute arbitrary code via a long string in a .plt playlist file. Date published : 2009-09-03 http://www.exploit-db.com/exploits/9568 http://packetstormsecurity.org/0909-exploits/akplayer-overflow.txt

Multiple cross-site scripting (XSS) vulnerabilities in AOM Software Beex 3 allow remote attackers to inject arbitrary web script or HTML via the navaction parameter to (1) news.php and (2) partneralle.php. Date published : 2009-09-03...

PHP remote file inclusion vulnerability in include/engine/content/elements/menu.php in KingCMS 0.6.0 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[AdminPath] parameter. Date published : 2009-09-03 http://www.exploit-db.com/exploits/9566

PHP remote file inclusion vulnerability in engine/api/api.class.php in DataLife Engine (DLE) 8.2 allows remote attackers to execute arbitrary PHP code via a URL in the dle_config_api parameter. Date published : 2009-09-03 http://www.securityfocus.com/bid/36212 http://www.exploit-db.com/exploits/9572

SQL injection vulnerability in the Artetics.com Art Portal (com_artportal) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the portalid parameter to index.php. Date published : 2009-09-03 http://www.securityfocus.com/bid/36206 http://www.exploit-db.com/exploits/9563

Directory traversal vulnerability in the Agora (com_agora) component 3.0.0b for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the action parameter to the avatars page, reachable...

SQL injection vulnerability in root/includes/prime_quick_style.php in the Prime Quick Style addon before 1.2.3 for phpBB 3 allows remote authenticated users to execute arbitrary SQL commands via the prime_quick_style parameter to ucp.php. Date published :...

Numara FootPrints 7.5a through 7.5a1 and 8.0 through 8.0a allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) transcriptFile parameter to MRcgi/MRchat.pl or (2) LOADFILE parameter to MRcgi/MRABLoad2.pl. NOTE: some...

Unrestricted file upload vulnerability in EkinBoard 1.1.0 and earlier allows remote attackers to execute arbitrary code by uploading an avatar file with an executable extension followed by a safe extension, then accessing it via...

EkinBoard 1.1.0 and earlier, when register_globals is enabled, allows remote attackers to bypass authorization and gain administrator privileges by setting the _groups[] parameter to 2, as demonstrated via backup.php. Date published : 2009-09-02 http://www.securityfocus.com/bid/27166...

NetRisk 1.9.7 does not properly restrict access to admin/change_submit.php, which allows remote attackers to change the password of arbitrary users via a direct request. Date published : 2009-09-02 http://www.securityfocus.com/bid/27150 http://downloads.securityfocus.com/vulnerabilities/exploits/27150.pl