| Affected: |  | PHPADSNEW : phpAdsNew 2.0 |
| | | PHPOPENADS : phpPgAds 2.0 |
| | | PHPNUKE : PHP-Nuke 7.9 |
| | | WEBSITEBAKER : Website Baker 2.6 |
| | | BITWEAVER : bitweaver 1.3 |
| | | FREEFORUM : FreeForum 0.9 |
| | | CMSIMPLE : cmsimple 2.7 |
| | | PHPLINKDIRECTORY : PHP Link Directory 3.0 |
| | | OPENREALTY : Open-Realty 2.3 |
| | | UPLOADSCRIPT : UploadScript 1.02 |
| | | UPLOADSERVICE : Upload Service 1.0 |
| | | ADVANCEDGUESTBOO : Advanced Guestbook 2.4 |
| | | SCRIPTSEZ : Random PHP Quote 1.0 |
| | | YANAFRAMEWORK : Yana Framework 2.8 |
| | | INDISGUISE : Enthusiast 3.1 |
| | | PHPXD : phpxd 0.3 |
| | | BBCLONE : bbclone 0.31 |
| | | RPW : RPW 1.0 |
| | | ASPEDGE : ASP EDGE 1.2 |
| | | ASPNEWS : ASP NEWS 3 |
| | | VOTEPRO : Vote-Pro 4.0 |
| | | FREEWEBSHOP : FreeWebshop.org Script 2.2 |
| | | DRUPAL : Drupal Acidfree Module 4.6 |
| | | OPENADS : Openads 2.0 |
| | | WEBGUI : WebGUI 7.3 |
| | | DJANGO : django 0.95 |
| | | ZIXFORUM : ZixForum 1.14 |
| | | MAXTRICITY : Maxtricity Tagger 0.1 |
| CVE: |  | CVE-2007-0629 (The www_purgeList method in Plain Black WebGUI before 7.3.8 does not properly check user permissions, which allows attackers to delete unauthorized assets. NOTE: some of these details are obtained from third party information.) |
| | | CVE-2007-0610 (Cross-site scripting (XSS) vulnerability in the mailform feature in CMSimple 2.7 fix1 allows remote attackers to inject arbitrary web script or HTML via the sender parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.) |
| | | CVE-2007-0566 (SQL injection vulnerability in news_detail.asp in ASP NEWS 3 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.) |
| | | CVE-2007-0560 (SQL injection vulnerability in user.asp in ASP EDGE 1.2b and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter.) |
| | | CVE-2007-0559 (PHP remote file inclusion vulnerability in config.php in RPW 1.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the sql_language parameter.) |
| | | CVE-2007-0551 (Multiple PHP remote file inclusion vulnerabilities in cmsimple/cms.php in CMSimple 2.7 allow remote attackers to execute arbitrary PHP code via a URL in the (1) pth[file][config] and (2) pth[file][image] parameters.) |
| | | CVE-2007-0546 (Toxiclab Shoutbox 1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for db.mdb.) |
| | | CVE-2007-0545 (Maxtricity Tagger 0.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for tagger.mdb.) |
| | | CVE-2007-0543 (ZixForum 1.14 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for Zixforum.mdb. NOTE: a followup post suggests that this issue only occurs if the administrator does not properly follow installation directions.) |
| | | CVE-2007-054 |
| | | CVE-2007-0535 (Multiple eval injection vulnerabilities in Vote! Pro 4.0, and possibly earlier, allow remote attackers to execute arbitrary code via requests to unspecified PHP scripts with the poll_id parameter, which is supplied to eval function calls, a different set of vectors than CVE-2007-0504. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.) |
| | | CVE-2007-0533 (The AToZed IntraWeb component 8.0 and earlier for Borland Delphi and Kylix, and IntraWeb 9.0 before build (9.0.12), allows remote attackers to cause a denial of service (thread hang or CPU consumption) via a crafted HTTP request, related to the OnBeforeDispatch function in the TIWServerController object.) |
| | | CVE-2007-0531 (PHP remote file inclusion vulnerability in includes/login.php in FreeWebShop 2.2.3 and 2.2.4 before 20070123 allows remote attackers to execute arbitrary PHP code via a URL in the lang_file parameter.) |
| | | CVE-2007-0530 (** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in Advanced Guestbook 2.4.2 allow remote attackers to execute arbitrary PHP code via a URL in the include_path parameter to (1) index.php, (2) addentry.php, or (3) picture.php, a different set of vectors than CVE-2006-5804. NOTE: this issue has been disputed by third party researchers, stating that the include_path variable is instantiated before use.) |
| | | CVE-2007-0529 (Cross-site scripting (XSS) vulnerability in index.html (aka the administration page) in PHP Link Directory (phpLD) 3.0.6 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted link, which is triggered when the administrator uses the "Validate Links" functionality.) |
| | | CVE-2007-0527 (SQL injection vulnerability in the is_remembered function in class.login.php in Website Baker 2.6.5 and earlier allows remote attackers to execute arbitrary SQL commands via the REMEMBER_KEY cookie parameter. NOTE: some of these details are obtained from third party information.) |
| | | CVE-2007-0526 (Multiple cross-site scripting (XSS) vulnerabilities in Bitweaver 1.3.1 allow remote attackers to inject arbitrary web script or HTML via the URL (PATH_INFO) to (1) articles/edit.php, (2) articles/list.php, (3) blogs/list_blogs.php, or (4) blogs/rankings.php.) |
| | | CVE-2007-0520 (SQL injection vulnerability in banner.php in Unique Ads (UDS) 1.x allows remote attackers to execute arbitrary SQL commands via the bid parameter.) |
| | | CVE-2007-0516 (Yana Framework before 2.8.5a allows remote authenticated users with permissions to modify a guestbook profile to modify or delete arbitrary guestbook profiles via unspecified vectors. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.) |
| | | CVE-2007-0511 (Multiple PHP remote file inclusion vulnerabilities in phpXMLDOM (phpXD) 0.3 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) dom.php, (2) dtd.php, or (3) parser.php in include/.) |
| | | CVE-2007-0508 (PHP remote file inclusion vulnerability in lib/selectlang.php in BBClone 0.31 allows remote attackers to execute arbitrary PHP code via a URL in the BBC_LANGUAGE_PATH parameter.) |
| | | CVE-2007-0507 (SQL injection vulnerability in the Acidfree module for Drupal before 4.6.x-1.0, and before 4.7.x-1.0 in the 4.7 series, allows remote authenticated users with "create acidfree albums" privileges to execute arbitrary SQL commands via node titles.) |
| | | CVE-2007-0504 (Eval injection vulnerability in poll_frame.php in Vote! Pro 4.0, and possibly other scripts, allows remote attackers to execute arbitrary code via the poll_id parameter, which is supplied to an eval function call, a different vulnerability type than CVE-2005-4632.) |
| | | CVE-2007-0490 (index.php in Open-Realty 2.3.4 allows remote attackers to obtain sensitive information (the full path) via an invalid listingID parameter in a listingview action.) |
| | | CVE-2007-0487 (** DISPUTED ** PHP remote file inclusion vulnerability in index.php in FreeForum 0.9.0 allows remote attackers to execute arbitrary PHP code via a URL in the fpath parameter. NOTE: this issue has been disputed by third party researchers, stating that fpath variable is initialized before being used.) |
| | | CVE-2007-0486 (** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in Openads (aka phpAdsNew) 2.0.7 allow remote attackers to execute arbitrary PHP code via a URL in the (1) phpAds_geoPlugin parameter to libraries/lib-remotehost.inc, the (2) filename parameter to admin/report-index, or the (3) phpAds_config[my_footer] parameter to admin/lib-gui.inc. NOTE: the vendor has disputed this issue, stating that the relevant variables are used within function definitions.) |
| | | CVE-2007-0484 (Multiple SQL injection vulnerabilities in Enthusiast 3.1 allow remote attackers to execute arbitrary SQL commands via the cat parameter to (1) show_owned.php, (2) show_joined.php, and possibly other files. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.) |
| | | CVE-2007-0483 (Multiple cross-site scripting (XSS) vulnerabilities in Enthusiast 3.1 allow remote attackers to inject arbitrary web script or HTML via the URI for (1) show_owned.php or (2) show_joined.php. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.) |
| | | CVE-2007-0477 (Cross-site scripting (XSS) vulnerability in Openads 2.0.x before 2.0.10, 2.3 before 2.3.31 (aka Max Media Manager before 0.3.31-alpha-pr2), and phpAdsNew/phpPgAds before 2.0.9-pr1 allows remote attackers to inject arbitrary web script or HTML via (1) the keyword parameter in admin-search.php and (2) affiliate-search.php. NOTE: this issue may overlap CVE-2007-0363.) |
| | | CVE-2007-0407 (Cross-site scripting (XSS) vulnerability in Operation/User.pm in Plain Black WebGUI before 7.3.5 (beta) allows remote attackers to inject arbitrary web script or HTML via the username parameter during anonymous registration, a different vector than CVE-2007-0308. NOTE: it is possible that a separate "WikiPage titles" issue was also fixed.) |
| | | CVE-2007-0405 (The LazyUser class in the AuthenticationMiddleware for Django 0.95 does not properly cache the user name across requests, which allows remote authenticated users to gain the privileges of a different user.) |
| | | CVE-2007-0404 (bin/compile-messages.py in Django 0.95 does not quote argument strings before invoking the msgfmt program through the os.system function, which allows attackers to execute arbitrary commands via shell metacharacters in a (1) .po or (2) .mo file.) |
| | | CVE-2007-0363 (Cross-site scripting (XSS) vulnerability in admin-search.php in (1) Openads for PostgreSQL (aka phpPgAds) before 2.0.10 and (2) Openads (aka phpAdsNew) before 2.0.10 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.) |
| | | CVE-2007-0308 (Cross-site scripting (XSS) vulnerability in Plain Black WebGUI before 7.3.4 (beta) allows remote attackers to inject arbitrary web script or HTML via Wiki Page titles.) |
| Original document |  | beks, Maxtricity Tagger Password Disclosure Vulnerability (24.01.2007) |
| | | me you, ZixForum <= 1.14 (Zixforum.mdb) Remote Password Disclosure Vulnerability (24.01.2007) |
| | | Matteo Beccati, [Full-disclosure] [OPENADS-SA-2007-001] phpAdsNew and phpPgAds 2.0.9-pr1 vulnerability fixed (24.01.2007) |
| | | beks, Toxiclab Shoutbox Password Disclosure Vulnerability (24.01.2007) |
| | | SECUNIA, [SA23826] Django Two Vulnerabilities (24.01.2007) |
| | | SECUNIA, [SA23754] WebGUI User Name Script Insertion Vulnerability (24.01.2007) |
| | | SECUNIA, [SA23720] Openads / Openads for PostgreSQL Cross-Site Scripting Vulnerability (24.01.2007) |
| | | PHPNUKE, [SA23748] PHP-Nuke "cat" Old Articles Block SQL Injection (24.01.2007) |
| | | SECUNIA, [SA23895] Drupal Acidfree Module "node titles" SQL Injection Vulnerability (24.01.2007) |
| | | SECUNIA, [SA23898] FreeWebShop.org "lang_file" File Inclusion Vulnerability (24.01.2007) |
| | | Advisory_(at)_Aria-Security.net, [Aria-Security Team] MyBB Cross-Site Scripting (24.01.2007) |
| | | ajannhwt_(at)_hotmail.com, ASP NEWS <= V3 (news_detail.asp) Remote SQL Injection Vulnerability (24.01.2007) |
| | | ajannhwt_(at)_hotmail.com, ASP EDGE <= V1.2b (user.asp) Remote SQL Injection Vulnerability (24.01.2007) |
| | | Dr Max Virus, phpXD <= 0.3 (path) Remote File Inclusion Vulnerability (24.01.2007) |
| | | Dr Max Virus, BBClone 0.31 (selectlang.php) Remote File Inclusion Vulnerability (24.01.2007) |
| | | Dr Max Virus, RPW 1.0.2 (config.php sql_language) Remote File Inclusion Vulnerability: (24.01.2007) |
| | | SECUNIA, [SA23865] Enthusiast Cross-Site Scripting and SQL Injection (24.01.2007) |
| | | SECUNIA, [SA23855] Yana Framework Guestbook Profile Security Bypass (24.01.2007) |
| | | the.tiger100_(at)_gmail.com, subscribe (pwd.txt) Remote Password Disclosur (24.01.2007) |
| | | the.tiger100_(at)_gmail.com, RANDOM PHP QUOTE 1.0 (pwd.txt) Remote Password Disclosur (24.01.2007) |
| | | C0r3 1mp4ct, AToZed Software Intraweb Component for Borland Delphi and Kylix DoS vulnerability (24.01.2007) |
| | | me you, Advanced Guestbook <=- 2.4.2 (include_path) Remote File Include Vulnerability (24.01.2007) |
| | | y3dips_(at)_gmail.com, [ECHO_ADV_62$2007] Upload Service 1.0 remote file inclusion (24.01.2007) |
| | | Rolf Huisman, SQL Injection by using Cookie Poisoning for Website Baker Version 2.6.5 and before (24.01.2007) |
| | | me you, Uploader <= (userdata/user_1.txt) Password Disclosure Vulnerability (24.01.2007) |
| | | me you, UploadScript <=- v1.02 (password.txt) Remote Password Disclosure Vulnerability (24.01.2007) |
| | | CorryL, [x0n3-h4ck] bitweaver 1.3.1 XSS Exploit (24.01.2007) |
| | | xx_hack_xx_2004_(at)_hotmail.com, Full Path Disclosure in Open-Realty ( v2.3.4 ) (24.01.2007) |
| | | jussi.vuokko_(at)_smilehouse.com, PHP Link Directory XSS Vulnerability version <= 3.0.6 (24.01.2007) |
| | | mr alkomandoz, phpAdsNew 2.0.7 Remote File Include (24.01.2007) |
| | | mr alkomandoz, cmsimple 2.7 Remote File Include (24.01.2007) |
| | | xx_hack_xx_2004_(at)_hotmail.com, SQL Injection in Unique Ads ( UDS ) (24.01.2007) |
| | | xx_hack_xx_2004_(at)_hotmail.com, XSS in Guestbook ( v.4.00 beta ) (24.01.2007) |
| | | Advisory_(at)_Aria-Security.net, XMB "U2U Instant Messenger" Cross-Site Scripting (24.01.2007) |
| | | me you, FreeForum 0.9.0 <=- (index.php fpath) Remote File Include Vulnerability (24.01.2007) |
| | | laurent gaffié, FishCart [injection sql] (24.01.2007) |
