CiscoWorks unauthorized access Published: 14.08.2003 Source: BUGTRAQ SecurityVulns ID: 3055 Type: remote Level: 5/10 Description: It's possible to obtain administrative access with guest account. Affected: CISCO : Ciscoworks 2000 Original document CISCO , Cisco Security Advisory: CiscoWorks Application Vulnerabilities (14.08.2003 ) Omicron_(at)_portcullis-security.com , Portcullis Security Advisory: CiscoWorks 2000 Privilege Escalation Vulnerabilities (14.08.2003 )
CGI bugs Published: 14.08.2003 Source: SecurityVulns ID: 3052 Level: 5/10 Affected: POSTNUKE : PostNuke 0.7 PHPWEBSITE : phpWebSite 0.8 XOOPS : xoops 1.3 SANDSPRITE : Chatserver IMEDIASOFTWARE : News Wizard 2.0 IMEDIASOFTWARE : BBPro Store Builder IMEDIASOFTWARE : Stellar Docs 1.2 DCSCRIPTS : DCForum 1.2 ZORUM : Zorum 3.4 PHPWEBSITE : phpWebSite 0.7 PHPWEBSITE : phpWebSite 0.9 WEBDESKPRO : WebDeskPro TEKTIPS : Tek-Tips Forum DREAMCOST : HostAdmin CHITCHAT : ChitChat.NET 2.0 HOLACMS : hola-cms 1.2 Original document frog frog , BBCode XSS in XOOPS CMS (14.08.2003 ) Virginity Security , Virginity Security Advisory 2003-001 : Hola CMS - Admin Password Disclosure by Include vulnerability (14.08.2003 ) G00db0y , ZH2003-24SA (security advisory): ChitChat.NET XSS Vulnerability (14.08.2003 ) G00db0y , ZH2003-23SA (security advisory): HostAdmin Path Disclosure (14.08.2003 ) G00db0y , ZH2003-20SA (security advisory): Stellar Docs Path Disclosure and Security Leak (14.08.2003 ) nimber , XSS in Tek-Tips Forum (14.08.2003 ) CK , Webdeskpro role modify vulnerability (12.08.2003 ) Lorenzo Hernandez Garcia-Hierro , phpWebSite SQL Injection & DoS & XSS Vulnerabilities (12.08.2003 ) Lorenzo Hernandez Garcia-Hierro , ZH2003-22SA (security advisory): Zorum XSS Vulnerability and Path Disclosure (12.08.2003 ) G00db0y , ZH2003-22SA (security advisory): Zorum XSS Vulnerability and Path Disclosure (12.08.2003 ) G00db0y , ZH2003-21SA (security advisory): DcForum+ XSS Vulnerability (12.08.2003 ) G00db0y , ZH2003-20SA (security advisory): Stellar Docs Path Disclosure and Security Leak (12.08.2003 ) G00db0y , ZH2003-19SA (security advisory): BBPro Store Builder Path Disclosure (12.08.2003 ) G00db0y , ZH2003-18SA (security advisory): News Wizard Path Disclosure (12.08.2003 ) morning_wood , Chatserver - XSS ( push ) (12.08.2003 ) Lorenzo Hernandez Garcia-Hierro , PostNuke Downloads & Web_Links ttitle variable XSS (12.08.2003 )
Netris buffer overflow Published: 14.08.2003 Source: BUGTRAQ SecurityVulns ID: 3056 Type: remote Level: 5/10 Description: Multiple buffer overflows Affected: NETRIS : netris 0.5 Original document Shaun Moore , Netris client Buffer Overflow Vulnerability. (14.08.2003 )
Multiple bugs in ActiveX components Published: 14.08.2003 Source: BUGTRAQ SecurityVulns ID: 2234 Type: client Level: 7/10 Description: Local files access in applet com.ms.xml.dso.XMLDSO.class and XMLHTTPConnection ActiveX, buffer overflow in xweb.ocx ActiveX (Microsoft DirectX Files Viewer), TSAC and File Transfer Manager (FTM) ActiveX. Affected: MICROSOFT : Internet Explorer 6.0 MICROSOFT : Visual Studio 6.0 Original document trihuynh_(at)_zeeup.com , Microsoft MCWNDX.OCX ActiveX buffer overflow (14.08.2003 ) Lorenzo Hernandez Garcia-Hierro , NBActiveX Sure ActiveX Big Vulnerability (18.11.2002 ) jelmer , LEVERAGING CROSS-PROTOCOL SCRIPTING IN MSIE (12.09.2002 ) L0PHT , Microsoft Terminal Server Client Buffer Overrun (A082802-1) (31.08.2002 ) MICROSOFT , Security Bulletin MS02-048: Flaw in Certificate Enrollment Control Could Allow Deletion of Digital Certificates (Q323172) (29.08.2002 ) MICROSOFT , Security Bulletin MS02-046: Buffer Overrun in TSAC ActiveX Control Could Allow Code Execution (Q327521) (23.08.2002 ) Andrew G. Tereschenko , Repost: Buffer overflow in Microsoft DirectX Files Viewer xweb.ocx (<2,0,16,15) ActiveX sample (20.08.2002 )
Multiple ecartis bugs Published: 24.03.2004 Source: BUGTRAQ SecurityVulns ID: 3057 Type: remote Level: 6/10 Description: Buffer overflows, maillist password disclosure.
