Vulnerability Summary for the Week of October 31, 2011
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
- High: vulnerabilities with a CVSS base score of 7.0–10.0
- Medium: vulnerabilities with a CVSS base score of 4.0–6.9
- Low: vulnerabilities with a CVSS base score of 0.0–3.9
Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.
High Vulnerabilities
Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
2daybiz -- polls_script | SQL injection vulnerability in searchvote.php in 2daybiz Polls (aka Advanced Poll) Script allows remote attackers to execute arbitrary SQL commands via the category parameter. | 2011-11-02 | 7.5 | CVE-2010-5004 |
2daybiz -- network_community_script | SQL injection vulnerability in view_photo.php in 2daybiz Network Community Script allows remote attackers to execute arbitrary SQL commands via the alb parameter. | 2011-11-02 | 7.5 | CVE-2010-5015 |
2daybiz -- online_classified_script | SQL injection vulnerability in view_photo.php in 2daybiz Online Classified Script allows remote attackers to execute arbitrary SQL commands via the alb parameter. | 2011-11-02 | 7.5 | CVE-2010-5019 |
adwordsadsensetools -- sensesites_commonsense_cms | SQL injection vulnerability in article.php in SenseSites CommonSense CMS allows remote attackers to execute arbitrary SQL commands via the article_id parameter. | 2011-11-02 | 7.5 | CVE-2010-5037 |
autartica -- com_autartimonial | SQL injection vulnerability in the AutarTimonial (com_autartimonial) component 1.0.8 for Joomla! allows remote attackers to execute arbitrary SQL commands via the limit parameter in an autartimonial action to index.php. NOTE: some of these details are obtained from third party information. | 2011-11-01 | 7.5 | CVE-2010-5003 |
b-elektro -- com_addressbook | SQL injection vulnerability in the Front-edit Address Book (com_addressbook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a contact action to index.php. | 2011-11-01 | 7.5 | CVE-2010-4990 |
brotherscripts -- business_directory | SQL injection vulnerability in articlesdetails.php in BrotherScripts (BS) Business Directory allows remote attackers to execute arbitrary SQL commands via the id parameter. | 2011-11-01 | 7.5 | CVE-2010-4969 |
brotherscripts -- auto_dealer | SQL injection vulnerability in info.php in BrotherScripts (BS) and ScriptsFeed Auto Dealer allows remote attackers to execute arbitrary SQL commands via the id parameter. | 2011-11-01 | 7.5 | CVE-2010-4974 |
cafuego -- sdms | SQL injection vulnerability in detail.php in Simple Document Management System (SDMS) allows remote attackers to execute arbitrary SQL commands via the doc_id parameter. | 2011-11-01 | 7.5 | CVE-2010-4986 |
cisco -- unified_communications_manager | Memory leak in Cisco Unified Communications Manager (CUCM) 6.x before 6.1(5)su2, 7.x before 7.1(5b)su3, 8.x before 8.0(3a)su1, and 8.5 before 8.5(1) allows remote attackers to cause a denial of service (memory consumption and process failure) via a malformed SIP message, aka Bug ID CSCti75128. | 2011-11-01 | 7.8 | CVE-2011-0941 |
cisco -- small_business_srp520_series_firmware | Cross-site request forgery (CSRF) vulnerability in the Services Ready Platform Configuration Utility web interface on the Cisco Small Business SRP521W, SRP526W, and SRP527W with firmware before 1.1.24 and the Small Business SRP541W, SRP546W, and SRP547W with firmware before 1.2.1 allows remote attackers to hijack the authentication of administrators for requests that execute arbitrary commands, aka Bug ID CSCtr45124. | 2011-11-03 | 9.3 | CVE-2011-4005 |
codefabrik -- ecomat_cms | SQL injection vulnerability in index.php in Ecomat CMS 5.0 allows remote attackers to execute arbitrary SQL commands via the show parameter in a web action. | 2011-11-02 | 7.5 | CVE-2010-5029 |
cramerdev -- document_library | SQL injection vulnerability in view_group.asp in Digital Interchange Document Library 5.8.5 allows remote attackers to execute arbitrary SQL commands via the intGroupID parameter. | 2011-11-02 | 7.5 | CVE-2010-5021 |
cramerdev -- digital_interchange_calendar | SQL injection vulnerability in index.asp in Digital Interchange Calendar 5.8.5 allows remote attackers to execute arbitrary SQL commands via the intDivisionID parameter. | 2011-11-02 | 7.5 | CVE-2010-5023 |
david_noguera_gutierrez -- dalogin | SQL injection vulnerability in new.php in DaLogin 2.2 and 2.2.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information. | 2011-11-02 | 7.5 | CVE-2010-5012 |
denaliintranet -- brightsuite_groupware | SQL injection vulnerability in pages/contact_list_mail_form.asp in BrightSuite Groupware 5.4 allows remote attackers to execute arbitrary SQL commands via the ContactID parameter. | 2011-11-02 | 7.5 | CVE-2010-5008 |
deon_george -- phpldapadmin | The masort function in lib/functions.php in phpLDAPadmin 1.2.x before 1.2.2 allows remote attackers to execute arbitrary PHP code via the orderby parameter (aka sortby variable) in a query_engine action to cmd.php, as exploited in the wild in October 2011. | 2011-11-02 | 7.5 | CVE-2011-4075 |
dlink -- des-3800_firmware | Buffer overflow in the SSH server functionality on the D-Link DES-3800 with firmware before 4.50B052, DWL-2100AP with firmware before 2.50RC548, and DWL-3200AP with firmware before 2.55RC549 allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors. | 2011-11-03 | 10.0 | CVE-2011-3992 |
eliteladders -- elite_gaming_ladders | SQL injection vulnerability in standings.php in Elite Gaming Ladders 3.5 allows remote attackers to execute arbitrary SQL commands via the ladder[id] parameter. | 2011-11-02 | 7.5 | CVE-2010-5014 |
eliteladders -- elite_gaming_ladders | SQL injection vulnerability in matchdb.php in Elite Gaming Ladders 3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the match parameter. | 2011-11-02 | 7.5 | CVE-2010-5016 |
eliteladders -- elite_gaming_ladders | SQL injection vulnerability in stats.php in Elite Gaming Ladders 3.0 allows remote attackers to execute arbitrary SQL commands via the account parameter. | 2011-11-02 | 7.5 | CVE-2010-5017 |
emophp -- emo_realty_manager | SQL injection vulnerability in googlemap/index.php in EMO Realty Manager allows remote attackers to execute arbitrary SQL commands via the cat1 parameter. | 2011-11-02 | 7.5 | CVE-2010-5006 |
esoftpro -- online_guestbook_pro | SQL injection vulnerability in ogp_show.php in esoftpro Online Guestbook Pro 5.1 allows remote attackers to execute arbitrary SQL commands via the search parameter. | 2011-11-01 | 7.5 | CVE-2010-4996 |
esoftpro -- online_photo_pro | SQL injection vulnerability in index.php in esoftpro Online Photo Pro 2.0 allows remote attackers to execute arbitrary SQL commands via the section parameter. | 2011-11-01 | 7.5 | CVE-2010-4999 |
esoftpro -- online_contact_manager | SQL injection vulnerability in view.php in esoftpro Online Contact Manager 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 2011-11-01 | 7.5 | CVE-2010-5001 |
familycms -- family_connections_who_is_chatting | PHP remote file inclusion vulnerability in mod_chatting/themes/default/header.php in Family Connections Who is Chatting 2.2.3 allows remote attackers to execute arbitrary PHP code via a URL in the TMPL[path] parameter. | 2011-11-01 | 7.5 | CVE-2010-4988 |
farsi-cms -- ziggurat_farsi_cms | SQL injection vulnerability in main.asp in Ziggurat Farsi CMS allows remote attackers to execute arbitrary SQL commands via the grp parameter. | 2011-11-01 | 7.5 | CVE-2010-4989 |
fusebox -- fusebox | SQL injection vulnerability in ProductList.cfm in Fusebox 5.5.1 allows remote attackers to execute arbitrary SQL commands via the CatDisplay parameter. | 2011-11-02 | 7.5 | CVE-2010-5033 |
ge -- intelligent_platforms_proficy_historian | Stack-based buffer overflow in the Data Archiver service in GE Intelligent Platforms Proficy Historian before 3.5 SIM 17 and 4.x before 4.0 SIM 12 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted TCP message traffic. | 2011-11-02 | 10.0 | CVE-2011-1918 |
ge -- intelligent_platforms_proficy_historian | Multiple stack-based buffer overflows in GE Intelligent Platforms Proficy Applications before 4.4.1 SIM 101 and 5.x before 5.0 SIM 43 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted TCP message traffic to (1) PRProficyMgr.exe in Proficy Server Manager, (2) PRGateway.exe in Proficy Server Gateway, (3) PRRDS.exe in Proficy Remote Data Service, or (4) PRLicenseMgr.exe in Proficy Server License Manager. | 2011-11-02 | 10.0 | CVE-2011-1919 |
google -- app_engine_python_sdk | The FakeFile implementation in the sandbox environment in the Google App Engine Python SDK before 1.5.4 does not properly control the opening of files, which allows local users to bypass intended access restrictions and create arbitrary files via ALLOWED_MODES and ALLOWED_DIRS changes within the code parameter to _ah/admin/interactive/execute, a different vulnerability than CVE-2011-1364. | 2011-10-30 | 7.2 | CVE-2011-4211 |
google -- app_engine_python_sdk | The sandbox environment in the Google App Engine Python SDK before 1.5.4 does not properly prevent os.popen calls, which allows local users to bypass intended access restrictions and execute arbitrary commands via a dev_appserver.RestrictedPathFunction._original_os reference within the code parameter to _ah/admin/interactive/execute, a different vulnerability than CVE-2011-1364. | 2011-10-30 | 7.2 | CVE-2011-4212 |
google -- app_engine_python_sdk | The sandbox environment in the Google App Engine Python SDK before 1.5.4 does not properly prevent use of the os module, which allows local users to bypass intended access restrictions and execute arbitrary commands via a file_blob_storage.os reference within the code parameter to _ah/admin/interactive/execute, a different vulnerability than CVE-2011-1364. | 2011-10-30 | 7.2 | CVE-2011-4213 |
groonesworld -- simple_contact_form | PHP remote file inclusion vulnerability in contact/contact.php in Groone's Simple Contact Form allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter. | 2011-11-02 | 7.5 | CVE-2010-5038 |
harmistechnology -- com_jesubmit | SQL injection vulnerability in the JExtensions JE Story Submit (com_jesubmit) component 1.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the view parameter to index.php. | 2011-11-02 | 7.5 | CVE-2010-5022 |
harmistechnology -- com_jejob | SQL injection vulnerability in the JExtensions JE Job (com_jejob) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an item action to index.php. | 2011-11-02 | 7.5 | CVE-2010-5028 |
ibm -- rational_appscan | Unspecified vulnerability in the Import feature in IBM Rational AppScan Enterprise and AppScan Reporting Console 5.2 through 7.9.x and 8.x before 8.0.1.1 allows remote attackers to execute arbitrary commands on an agent server via a crafted ZIP archive. | 2011-10-30 | 8.8 | CVE-2011-1366 |
ibm -- rational_appscan | Unspecified vulnerability in the File Load feature in IBM Rational AppScan Standard and Express 7.8.x, 7.9.x, and 8.0.x before 8.0.0.3 allows remote attackers to execute arbitrary commands via a crafted .scan file. | 2011-10-30 | 9.3 | CVE-2011-1367 |
infor -- enspire_distribution_management_solution | SQL injection vulnerability in eClient 7.3.2.3 in Enspire Distribution Management Solution 7.3.2.7 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 2011-11-01 | 7.5 | CVE-2011-1915 |
instantphp -- jobs_pro | SQL injection vulnerability in the Jobs Pro component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the detailed_results parameter to search_jobs.html. | 2011-11-01 | 7.5 | CVE-2010-4994 |
investintech -- slimpdf_reader | Investintech.com SlimPDF Reader does not properly restrict write operations, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document. | 2011-11-01 | 9.3 | CVE-2011-4216 |
investintech -- slimpdf_reader | Investintech.com SlimPDF Reader does not properly restrict read operations during block data moves, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document. | 2011-11-01 | 9.3 | CVE-2011-4217 |
investintech -- slimpdf_reader | Investintech.com SlimPDF Reader does not prevent faulting-instruction data from affecting write operations, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document. | 2011-11-01 | 9.3 | CVE-2011-4218 |
investintech -- slimpdf_reader | Investintech.com SlimPDF Reader does not prevent faulting-address data from affecting branch selection, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document. | 2011-11-01 | 9.3 | CVE-2011-4219 |
investintech -- slimpdf_reader | Investintech.com SlimPDF Reader does not properly restrict the arguments to unspecified function calls, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document. | 2011-11-01 | 9.3 | CVE-2011-4220 |
investintech -- able2doc | Unspecified vulnerability in Investintech.com Able2Doc and Able2Doc Professional allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted document. | 2011-11-01 | 9.3 | CVE-2011-4221 |
investintech -- able2extract | Unspecified vulnerability in Investintech.com Able2Extract and Able2Extract Server allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted document. | 2011-11-01 | 9.3 | CVE-2011-4222 |
investintech -- absolute_pdf_server | Unspecified vulnerability in Investintech.com Absolute PDF Server allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document. | 2011-11-01 | 9.3 | CVE-2011-4223 |
iscripts -- reservelogic | SQL injection vulnerability in packagedetails.php in iScripts ReserveLogic 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter. | 2011-11-01 | 7.5 | CVE-2010-4980 |
iscripts -- cybermatch | SQL injection vulnerability in profile.php in iScripts CyberMatch 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 2011-11-01 | 7.5 | CVE-2010-4983 |
iscripts -- easybiller | SQL injection vulnerability in viewhistorydetail.php in iScripts EasyBiller 1.1 allows remote attackers to execute arbitrary SQL commands via the planid parameter. | 2011-11-02 | 7.5 | CVE-2010-5034 |
iscripts -- eswap | SQL injection vulnerability in addsale.php in iScripts eSwap 2.0 allows remote attackers to execute arbitrary SQL commands via the type parameter. | 2011-11-02 | 7.5 | CVE-2010-5036 |
joe_pieruccini -- mclogin_system | SQL injection vulnerability in login/login_index.php in MCLogin System 1.1 and 1.2 allows remote attackers to execute arbitrary SQL commands via the myusername parameter (aka Username field) in a do_login action. NOTE: some of these details are obtained from third party information. | 2011-11-02 | 7.5 | CVE-2010-5000 |
john_bradshaw -- np_gallery_plugin | SQL injection vulnerability in index.php in the NP_Gallery plugin 0.94 for Nucleus allows remote attackers to execute arbitrary SQL commands via the id parameter in a plugin action. | 2011-11-02 | 7.5 | CVE-2010-5041 |
kay_messerschmidt -- com_eventcal | SQL injection vulnerability in the eventcal (com_eventcal) component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. | 2011-11-01 | 7.5 | CVE-2010-4993 |
kmsoft -- guestbook | SQL injection vulnerability in default.asp in KMSoft Guestbook (aka GBook) allows remote attackers to execute arbitrary SQL commands via the p parameter. | 2011-11-01 | 7.5 | CVE-2010-4987 |
maulana_al_matien -- ardeacore_php_framework | PHP remote file inclusion vulnerability in ardeaCore/lib/core/ardeaInit.php in ardeaCore PHP Framework 2.2 allows remote attackers to execute arbitrary PHP code via a URL in the pathForArdeaCore parameter. NOTE: some of these details are obtained from third party information. | 2011-11-02 | 7.5 | CVE-2010-4998 |
mckenziecreations -- virtual_real_estate_manager | SQL injection vulnerability in listing_detail.asp in Mckenzie Creations Virtual Real Estate Manager (VRM) 3.5 allows remote attackers to execute arbitrary SQL commands via the Lid parameter. | 2011-11-02 | 7.5 | CVE-2010-5013 |
miniwork -- com_canteen | SQL injection vulnerability in menu.php in the Canteen (com_canteen) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the mealid parameter to index.php. | 2011-11-01 | 7.5 | CVE-2010-4977 |
mykazaam -- address_&_contact_organizer | SQL injection vulnerability in address_book/contacts.php in My Kazaam Address & Contact Organizer allows remote attackers to execute arbitrary SQL commands via the var1 parameter. | 2011-11-01 | 7.5 | CVE-2010-4982 |
mykazaam -- notes_management_system | SQL injection vulnerability in notes.php in My Kazaam Notes Management System allows remote attackers to execute arbitrary SQL commands via vectors involving the "Enter Reference Number Below" text box. | 2011-11-01 | 7.5 | CVE-2010-4984 |
neojoomla -- com_neorecruit | SQL injection vulnerability in the NeoRecruit (com_neorecruit) component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in an offer_view action to index.php, a different vector than CVE-2007-4506. | 2011-11-01 | 7.5 | CVE-2010-4995 |
netartmedia -- iboutique | SQL injection vulnerability in index.php in NetArt Media iBoutique 4.0 allows remote attackers to execute arbitrary SQL commands via the page parameter. | 2011-11-02 | 7.5 | CVE-2010-5020 |
nicholas_berry -- candid | SQL injection vulnerability in image/view.php in CANDID allows remote attackers to execute arbitrary SQL commands via the image_id parameter. | 2011-11-01 | 7.5 | CVE-2010-4979 |
ninjaforge -- ninjamonials | SQL injection vulnerability in the NinjaMonials (com_ninjamonials) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a display action to index.php. | 2011-11-01 | 7.5 | CVE-2010-4991 |
olykit -- swoopo_clone_2010 | SQL injection vulnerability in index.php in OlyKit Swoopo Clone 2010 allows remote attackers to execute arbitrary SQL commands via the id parameter in a product action. | 2011-11-02 | 7.5 | CVE-2010-4997 |
oneorzero -- aims | OneOrZero Action & Information Management System (AIMS) 2.7.0 allows remote attackers to bypass authentication and obtain administrator privileges via a crafted oozimsrememberme cookie. | 2011-11-01 | 10.0 | CVE-2011-4214 |
oneorzero -- aims | SQL injection vulnerability in lib/ooz_access.php in OneOrZero Action & Information Management System (AIMS) 2.7.0 allows remote attackers to execute arbitrary SQL commands via the cookieName variable. | 2011-11-01 | 7.5 | CVE-2011-4215 |
paymentsplus -- payments_plus | SQL injection vulnerability in the Payments Plus component 2.1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the type parameter to add.html. | 2011-11-01 | 7.5 | CVE-2010-4992 |
php -- php | The is_a function in PHP 5.3.7 and 5.3.8 triggers a call to the __autoload function, which makes it easier for remote attackers to execute arbitrary code by providing a crafted URL and leveraging potentially unsafe behavior in certain PEAR packages and custom autoloaders. | 2011-11-03 | 7.5 | CVE-2011-3379 |
schoolmation -- schoolmation | SQL injection vulnerability in schoolmv2/html/studentmain.php in SchoolMation 2.3 allows remote attackers to execute arbitrary SQL commands via the session parameter. | 2011-11-02 | 7.5 | CVE-2010-5011 |
scriptsfeed -- recipes_listing_portal | SQL injection vulnerability in control/admin_login.php in ScriptsFeed Recipes Listing Portal 1.0 allows remote attackers to execute arbitrary SQL commands via the loginid parameter (aka the UserName field). NOTE: some of these details are obtained from third party information. | 2011-11-02 | 7.5 | CVE-2010-5039 |
tamlyncreative -- com_bfquiztrial | SQL injection vulnerability in the BF Quiz (com_bfquiztrial) component before 1.3.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a bfquiztrial action to index.php. | 2011-11-02 | 7.5 | CVE-2010-5032 |
techjoomla -- com_socialads | SQL injection vulnerability in the Techjoomla SocialAds For JomSocial (com_socialads) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the ads description field in a showad action to index.php. | 2011-11-01 | 7.5 | CVE-2010-4975 |
unrealadmin -- utstats | SQL injection vulnerability in index.php in UTStats Beta 4 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter in a matchp action. | 2011-11-02 | 7.5 | CVE-2010-5009 |
webmaster-tips -- com_wmtpic | SQL injection vulnerability in the webmaster-tips.net Flash Gallery (com_wmtpic) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. | 2011-11-01 | 7.5 | CVE-2010-4968 |
wikiwebhelp -- wiki_web_help | SQL injection vulnerability in handlers/getpage.php in Wiki Web Help 0.28 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 2011-11-01 | 7.5 | CVE-2010-4970 |
yourfreeworld -- banner_management | SQL injection vulnerability in trackads.php in YourFreeWorld Banner Management allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information. | 2011-11-01 | 7.5 | CVE-2010-4981 |
ypninc -- jokescript | SQL injection vulnerability in index.php in YPNinc JokeScript allows remote attackers to execute arbitrary SQL commands via the ypncat_id parameter. | 2011-11-01 | 7.5 | CVE-2010-4972 |
Medium Vulnerabilities
Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
2daybiz -- online_classified_script | Cross-site scripting (XSS) vulnerability in products/classified/headersearch.php in 2daybiz Online Classified Script allows remote attackers to inject arbitrary web script or HTML via the sid parameter. | 2011-11-02 | 4.3 | CVE-2010-5018 |
ark-web -- a-form | The A-Form and A-Form bamboo before 1.3.6 and 2.x before 2.0.3, and A-Form PC and PC/Mobile before 3.1, plug-ins for Movable Type do not require administrative authentication, which allows remote authenticated users to modify data via unspecified vectors. | 2011-11-03 | 5.5 | CVE-2011-2676 |
ark-web -- a-form_pc | Cross-site scripting (XSS) vulnerability in the A-Form PC and PC/Mobile before 3.1 plug-ins for Movable Type allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-2676. | 2011-11-03 | 4.3 | CVE-2011-4274 |
blueconstantmedia -- com_djartgallery | Cross-site scripting (XSS) vulnerability in the DJ-ArtGallery (com_djartgallery) component 0.9.1 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the cid[] parameter in an editItem action to administrator/index.php. NOTE: some of these details are obtained from third party information. | 2011-11-02 | 4.3 | CVE-2010-5042 |
blueconstantmedia -- com_djartgallery | SQL injection vulnerability in the DJ-ArtGallery (com_djartgallery) component 0.9.1 for Joomla! allows remote authenticated users to execute arbitrary SQL commands via the cid[] parameter in an editItem action to administrator/index.php. | 2011-11-02 | 6.0 | CVE-2010-5043 |
codefabrik -- ecomat_cms | Cross-site scripting (XSS) vulnerability in index.php in Ecomat CMS 5.0 allows remote attackers to inject arbitrary web script or HTML via the lang parameter in a web action. | 2011-11-02 | 4.3 | CVE-2010-5030 |
controlsystemworks -- csworks | The LiveData Service in CSWorks before 2.0.4115.1 allows remote attackers to cause a denial of service (service crash) via crafted TCP packets. | 2011-11-03 | 5.0 | CVE-2011-3996 |
courseforum -- projectforum | Cross-site scripting (XSS) vulnerability in CourseForum ProjectForum 7.0.1.3038 allows remote attackers to inject arbitrary web script or HTML via a crafted name of an object within a more object on a wiki page. | 2011-11-03 | 4.3 | CVE-2011-4277 |
cutesite -- cutesite_cms | SQL injection vulnerability in manage/add_user.php in CuteSITE CMS 1.2.3 and 1.5.0 allows remote authenticated users, with Read privileges, to execute arbitrary SQL commands via the user_id parameter. NOTE: some of these details are obtained from third party information. | 2011-11-02 | 6.8 | CVE-2010-5024 |
cutesite -- cutesite_cms | Cross-site scripting (XSS) vulnerability in manage/main.php in CuteSITE CMS 1.2.3 and 1.5.0 allows remote attackers to inject arbitrary web script or HTML via the fld_path parameter. NOTE: some of these details are obtained from third party information. | 2011-11-02 | 4.3 | CVE-2010-5025 |
daemon-tools -- daemon_tools | dtsoftbus01.sys in DAEMON Tools Lite before 4.41.3, Pro Standard before 4.41.0315, and Pro Advanced before 4.41.0315 allows local users to cause a denial of service (system crash) via an invalid DeviceIoControl request to \.dtsoftbusctl. | 2011-11-03 | 4.9 | CVE-2011-3987 |
deon_george -- phpldapadmin | Cross-site scripting (XSS) vulnerability in cmd.php in phpLDAPadmin 1.2.x before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via an _debug command. | 2011-11-02 | 4.3 | CVE-2011-4074 |
exponentcms -- exponent_cms | Cross-site scripting (XSS) vulnerability in modules/slideshowmodule/slideshow.js.php in Exponent CMS 0.97.0 allows remote attackers to inject arbitrary web script or HTML via the u parameter. | 2011-11-01 | 4.3 | CVE-2010-5002 |
filenice -- filenice | Cross-site scripting (XSS) vulnerability in index.php in fileNice 1.1 allows remote attackers to inject arbitrary web script or HTML via the sstring parameter (aka the Search Box). NOTE: some of these details are obtained from third party information. | 2011-11-02 | 4.3 | CVE-2010-5031 |
ge -- intelligent_platforms_proficy_historian | Cross-site scripting (XSS) vulnerability in the Web Administrator component in GE Intelligent Platforms Proficy Historian 4.x and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. | 2011-11-02 | 4.3 | CVE-2011-3320 |
goahead -- goahead_webserver | Multiple cross-site scripting (XSS) vulnerabilities in GoAhead Webserver 2.18 allow remote attackers to inject arbitrary web script or HTML via (1) the group parameter to goform/AddGroup, related to addgroup.asp; (2) the url parameter to goform/AddAccessLimit, related to addlimit.asp; or the (3) user (aka User ID) or (4) group parameter to goform/AddUser, related to adduser.asp. | 2011-11-03 | 4.3 | CVE-2011-4273 |
google -- app_engine_python_sdk | Cross-site request forgery (CSRF) vulnerability in _ah/admin/interactive/execute (aka the Interactive Console) in the SDK Console (aka Admin Console) in the Google App Engine Python SDK before 1.5.4 allows remote attackers to hijack the authentication of administrators for requests that execute arbitrary Python code via the code parameter. | 2011-10-30 | 6.8 | CVE-2011-1364 |
hp -- openview_network_node_manager | Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1208. | 2011-11-02 | 6.4 | CVE-2011-3165 |
hp -- openview_network_node_manager | Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1209. | 2011-11-02 | 6.4 | CVE-2011-3166 |
hp -- openview_network_node_manager | Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1210. | 2011-11-02 | 6.4 | CVE-2011-3167 |
ibm -- websphere_mq | Heap-based buffer overflow in the client in IBM WebSphere MQ 6.0 before 6.0.2.7 and 7.0 before 7.0.1.0 allows local users to gain privileges via crafted SSL information in a Client Channel Definition Table (CCDT) file. | 2011-10-30 | 4.1 | CVE-2009-0900 |
ibm -- websphere_application_server | The Java Naming and Directory Interface (JNDI) implementation in IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.39, 6.1 before 6.1.0.29, and 7.0 before 7.0.0.7 does not properly restrict access to UserRegistry object methods, which allows remote attackers to obtain sensitive information via a crafted method call. | 2011-10-30 | 5.0 | CVE-2009-2747 |
ibm -- websphere_application_server | Cross-site scripting (XSS) vulnerability in the Administration Console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.29 and 7.1 before 7.0.0.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2011-10-30 | 4.3 | CVE-2009-2748 |
ibm -- websphere_mq | IBM WebSphere MQ 7.x before 7.0.1.4 allows remote attackers to cause a denial of service (disk consumption) via multiple connection attempts to a stopped queue manager. | 2011-10-29 | 4.3 | CVE-2010-0780 |
ibm -- websphere_application_server | The JavaServer Faces (JSF) application functionality in IBM WebSphere Application Server 8.x before 8.0.0.1 does not properly handle requests, which allows remote attackers to read unspecified files via unknown vectors. | 2011-10-29 | 5.0 | CVE-2011-1368 |
ibm -- lotus_sametime | The default configuration of the Sametime configuration servlet (SCS) in the server in IBM Lotus Sametime 7.0 through 8.5.2 does not enable an authentication requirement, which allows remote attackers to read the configuration settings by examining a response message. | 2011-10-29 | 5.0 | CVE-2011-1370 |
iscripts -- eswap | Cross-site scripting (XSS) vulnerability in search.php in iScripts eSwap 2.0 allows remote attackers to inject arbitrary web script or HTML via the txtHomeSearch parameter (aka the search field). NOTE: some of these details are obtained from third party information. | 2011-11-02 | 4.3 | CVE-2010-5035 |
john_bradshaw -- np_gallery_plugin | PHP remote file inclusion vulnerability in nucleus/plugins/NP_gallery.php in the NP_Gallery plugin 0.94 for Nucleus allows remote attackers to execute arbitrary PHP code via a URL in the DIR_NUCLEUS parameter. NOTE: some of these details are obtained from third party information. | 2011-11-02 | 6.8 | CVE-2010-5040 |
kanich -- com_searchlog | SQL injection vulnerability in models/log.php in the Search Log (com_searchlog) component 3.1.0 for Joomla! allows remote authenticated users, with Public Back-end privileges, to execute arbitrary SQL commands via the search parameter in a log action to administrator/index.php. NOTE: some of these details are obtained from third party information. | 2011-11-02 | 6.0 | CVE-2010-5044 |
metinfo -- metinfo | Cross-site scripting (XSS) vulnerability in search/search.php in MetInfo 3.0 allows remote attackers to inject arbitrary web script or HTML via the searchword parameter (aka Search Box field). NOTE: some of these details are obtained from third party information. | 2011-11-01 | 4.3 | CVE-2010-4976 |
mykazaam -- notes_management_system | Cross-site scripting (XSS) vulnerability in notes.php in My Kazaam Notes Management System allows remote attackers to inject arbitrary web script or HTML via vectors involving the "Enter Reference Number Below" text box. | 2011-11-01 | 4.3 | CVE-2010-4985 |
nicholas_berry -- candid | Cross-site scripting (XSS) vulnerability in image/view.php in CANDID allows remote attackers to inject arbitrary web script or HTML via the image_id parameter. | 2011-11-01 | 4.3 | CVE-2010-4978 |
php -- php | include/iniset.php in Roundcube Webmail 0.5.4 and earlier, when PHP 5.3.7 or 5.3.8 is used, allows remote attackers to trigger a GET request for an arbitrary URL, and cause a denial of service (resource consumption and inbox outage), via a Subject header containing only a URL, a related issue to CVE-2011-3379. | 2011-11-03 | 5.0 | CVE-2011-4078 |
phpmyadmin -- phpmyadmin | Cross-site scripting (XSS) vulnerability in the setup interface in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to inject arbitrary web script or HTML via a crafted value. | 2011-11-01 | 4.3 | CVE-2011-4064 |
pligg -- pligg_cms | Cross-site scripting (XSS) vulnerability in Pligg before 1.2.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2011-11-03 | 4.3 | CVE-2011-3986 |
rayzz -- photoz | Cross-site scripting (XSS) vulnerability in members/profileCommentsResponse.php in Rayzz Photoz allows remote attackers to inject arbitrary web script or HTML via the profileCommentTextArea parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | 2011-11-02 | 4.3 | CVE-2010-5005 |
schoolmation -- schoolmation | Cross-site scripting (XSS) vulnerability in schoolmv2/html/studentmain.php in SchoolMation 2.3 allows remote attackers to inject arbitrary web script or HTML via the session parameter. | 2011-11-02 | 4.3 | CVE-2010-5010 |
sellatsite -- smart_asp_survey | Cross-site scripting (XSS) vulnerability in poll/default.asp in Smart ASP Survey allows remote attackers to inject arbitrary web script or HTML via the catid parameter. | 2011-11-02 | 4.3 | CVE-2010-5045 |
sfiab -- science_fair_in_a_box | SQL injection vulnerability in winners.php in Science Fair In A Box (SFIAB) 2.0.6 and 2.2.0 allows remote attackers to execute arbitrary SQL commands via the type parameter. NOTE: some of these details are obtained from third party information. | 2011-11-02 | 6.8 | CVE-2010-5026 |
sfiab -- science_fair_in_a_box | Cross-site scripting (XSS) vulnerability in winners.php in Science Fair In A Box (SFIAB) 2.0.6 and 2.2.0 allows remote attackers to inject arbitrary web script or HTML via the type parameter. NOTE: some of these details are obtained from third party information. | 2011-11-02 | 4.3 | CVE-2010-5027 |
skyarc -- autotagging | SKYARC MTCMS before 5.252, and the MultiFileUploader 0.44 and earlier, DuplicateEntry 1.2 and earlier, MailPack 1.741 and earlier, and AutoTagging 0.08 and earlier plugins for Movable Type, uses weak permissions, which allows remote authenticated users to modify files and settings via unspecified vectors. | 2011-11-03 | 5.5 | CVE-2011-3993 |
skyarc -- autotagging | Cross-site request forgery (CSRF) vulnerability in SKYARC MTCMS before 5.252, and the MultiFileUploader 0.44 and earlier, DuplicateEntry 1.2 and earlier, MailPack 1.741 and earlier, and AutoTagging 0.08 and earlier plugins for Movable Type, allows remote attackers to hijack the authentication of arbitrary users for requests that modify data. | 2011-11-03 | 6.8 | CVE-2011-3994 |
sourcefabric -- campsite | Cross-site scripting (XSS) vulnerability in the search feature in Campsite 3.4.0 allows remote attackers to inject arbitrary web script or HTML via the f_search_keywords parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | 2011-11-01 | 4.3 | CVE-2010-4973 |
tasofro -- touhou_hisouten | Unspecified vulnerability in Twilight Frontier Touhou Hisouten 1.06 and earlier allows remote attackers to cause a denial of service (daemon crash) via unknown network traffic. | 2011-11-03 | 5.0 | CVE-2011-3995 |
unrealadmin -- utstats | Cross-site scripting (XSS) vulnerability in pages/match_report.php in UTStats Beta 4 and earlier allows remote attackers to inject arbitrary web script or HTML via the mid parameter. | 2011-11-02 | 4.3 | CVE-2010-5007 |
videowhisper -- php_2_way_video_chat | Cross-site scripting (XSS) vulnerability in VideoWhisper PHP 2 Way Video Chat component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the r parameter to index.php. | 2011-11-02 | 4.3 | CVE-2010-4971 |
wireshark -- wireshark | The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.3 does not initialize a certain variable, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. | 2011-11-03 | 4.3 | CVE-2011-4100 |
wireshark -- wireshark | The dissect_infiniband_common function in epan/dissectors/packet-infiniband.c in the Infiniband dissector in Wireshark 1.4.0 through 1.4.9 and 1.6.x before 1.6.3 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed packet. | 2011-11-03 | 4.3 | CVE-2011-4101 |
wireshark -- wireshark | Heap-based buffer overflow in the erf_read_header function in wiretap/erf.c in the ERF file parser in Wireshark 1.4.0 through 1.4.9 and 1.6.x before 1.6.3 allows remote attackers to cause a denial of service (application crash) via a malformed file. | 2011-11-03 | 4.3 | CVE-2011-4102 |
Low Vulnerabilities
Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
ibm -- websphere_mq | IBM WebSphere MQ 6.0 before 6.0.2.8 and 7.0 before 7.0.1.0 does not properly handle long group names, which might allow local users to gain privileges by leveraging combinations of group names with the same initial substring. | 2011-10-30 | 1.7 | CVE-2009-0905 |
Please share your thoughts
We recently updated our anonymous product survey; we’d welcome your feedback.