| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2008-4178 | 0.03 | — | 0.03 | Sep 23, 2008 | SQL injection vulnerability in tr.php in DownlineGoldmine Special Category Addon, Downline Builder Pro, New Addon, and Downline Goldmine Builder allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third… | |||
| CVE-2008-4177 | 0.03 | — | 0.01 | Sep 23, 2008 | SQL injection vulnerability in search.php in Pre Real Estate Listings allows remote attackers to execute arbitrary SQL commands via the c parameter. | |||
| CVE-2008-4176 | 0.03 | — | 0.01 | Sep 23, 2008 | SQL injection vulnerability in izle.asp in FoT Video scripti 1.1 beta allows remote attackers to execute arbitrary SQL commands via the oyun parameter. | |||
| CVE-2008-4175 | 0.03 | — | 0.01 | Sep 23, 2008 | Multiple SQL injection vulnerabilities in Link Bid Script 1.5 allow remote attackers to execute arbitrary SQL commands via the (1) ucat parameter to upgrade.php and the (2) id parameter to linkadmin/edit.php. | |||
| CVE-2008-4174 | 0.03 | — | 0.01 | Sep 23, 2008 | Multiple cross-site scripting (XSS) vulnerabilities in index.php in Dynamic MP3 Lister 2.0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) currentpath, (2) invert, (3) search, and (4) sort parameters. | |||
| CVE-2008-3661 | 0.00 | — | 0.03 | Sep 23, 2008 | Drupal, probably 5.10 and 6.4, does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie. | |||
| CVE-2008-3519 | 0.00 | — | 0.02 | Sep 23, 2008 | The default configuration of the JBossAs component in Red Hat JBoss Enterprise Application Platform (aka JBossEAP or EAP), possibly 4.2 before CP04 and 4.3 before CP02, when a production environment is enabled, sets the DownloadServerClasses property to true, which allows remote… | |||
| CVE-2008-4164 | 0.03 | — | 0.02 | Sep 22, 2008 | cron.php in MemHT Portal 3.9.0 and earlier allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message. | |||
| CVE-2008-4163 | 0.00 | — | 0.05 | Sep 22, 2008 | Unspecified vulnerability in ISC BIND 9.3.5-P2-W1, 9.4.2-P2-W1, and 9.5.0-P2-W1 on Windows allows remote attackers to cause a denial of service (UDP client handler termination) via unknown vectors. | |||
| CVE-2008-4162 | 0.00 | — | 0.01 | Sep 22, 2008 | Open redirect vulnerability in admin/auth.php in NooMS 1.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the g_site_url parameter. | |||
| CVE-2008-4161 | 0.03 | — | 0.02 | Sep 22, 2008 | SQL injection vulnerability in search_inv.php in Assetman 2.5b allows remote attackers to execute arbitrary SQL commands and conduct session fixation attacks via a combination of crafted order and order_by parameters in a search_all action. | |||
| CVE-2008-4160 | 0.00 | — | 0.00 | Sep 22, 2008 | Unspecified vulnerability in the UFS module in Sun Solaris 8 through 10 and OpenSolaris allows local users to cause a denial of service (NULL pointer dereference and kernel panic) via unknown vectors related to the Solaris Access Control List (ACL) implementation. | |||
| CVE-2008-3949 | 0.00 | — | 0.01 | Sep 22, 2008 | emacs/lisp/progmodes/python.el in Emacs 22.1 and 22.2 imports Python script from the current working directory during editing of a Python file, which allows local users to execute arbitrary code via a Trojan horse Python file. | |||
| CVE-2008-4173 | 0.03 | — | 0.01 | Sep 22, 2008 | SQL injection vulnerability in ProArcadeScript 1.3 allows remote attackers to execute arbitrary SQL commands via the random parameter to the default URI. | |||
| CVE-2008-4172 | 0.03 | — | 0.01 | Sep 22, 2008 | SQL injection vulnerability in page.php in Cars & Vehicle (aka Cars-Vehicle Script) allows remote attackers to execute arbitrary SQL commands via the lnkid parameter. | |||
| CVE-2008-4171 | 0.00 | — | 0.01 | Sep 22, 2008 | SQL injection vulnerability in xmlout.php in Invision Power Board (IP.Board or IPB) 2.2.x and 2.3.x allows remote attackers to execute arbitrary SQL commands via the name parameter. | |||
| CVE-2008-4170 | 0.00 | — | 0.02 | Sep 22, 2008 | create_account.php in osCommerce 2.2 RC 2a allows remote attackers to obtain sensitive information via an invalid dob parameter, which reveals the installation path in an error message. | |||
| CVE-2008-4169 | 0.03 | — | 0.01 | Sep 22, 2008 | SQL injection vulnerability in detaillist.php in iScripts EasyIndex, possibly 1.0, allows remote attackers to execute arbitrary SQL commands via the produid parameter. | |||
| CVE-2008-4168 | — | 0.00 | — | 0.01 | Sep 22, 2008 | Cross-site scripting (XSS) vulnerability in verify_login.jsp in Pro2col Stingray FTS allows remote attackers to inject arbitrary web script or HTML via the form_username parameter (aka user name field). | ||
| CVE-2008-4167 | 0.03 | — | 0.03 | Sep 22, 2008 | useradmin.php in Easy Photo Gallery (aka Ezphotogallery) 2.1 does not require administrative authentication, which allows remote attackers to (1) add or (2) remove an Administrator account. | |||
| CVE-2008-4166 | 0.03 | — | 0.02 | Sep 22, 2008 | Integer overflow in the JavaScript engine in Avant Browser 11.7 Build 9 and earlier allows remote attackers to cause a denial of service (application crash) by attempting to URL encode a string containing many instances of an invalid character. | |||
| CVE-2008-4165 | 0.00 | — | 0.01 | Sep 22, 2008 | admin/user/create_user.php in Kolab Groupware Server 1.0.0 places a user password in an HTTP GET request, which allows local administrators, and possibly remote attackers, to obtain cleartext passwords by reading the ssl_access_log file or the referer string. | |||
| CVE-2008-4159 | 0.03 | — | 0.01 | Sep 22, 2008 | SQL injection vulnerability in index.php in Jaw Portal and Zanfi CMS lite and allows remote attackers to execute arbitrary SQL commands via the page (pageid) parameter. | |||
| CVE-2008-4158 | 0.03 | — | 0.02 | Sep 22, 2008 | Multiple directory traversal vulnerabilities in index.php in Zanfi CMS lite 1.2 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) flag and (2) inc parameters. | |||
| CVE-2008-4157 | 0.03 | — | 0.06 | Sep 22, 2008 | SQL injection vulnerability in groups.php in Vastal I-Tech phpVID 1.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter, a different vector than CVE-2007-3610. NOTE: it was later reported that 1.2.3 is also affected. | |||
| CVE-2008-4156 | 0.03 | — | 0.01 | Sep 19, 2008 | SQL injection vulnerability in print.php in CustomCms (CCMS) Gaming Portal 4.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||
| CVE-2008-4155 | 0.03 | — | 0.03 | Sep 19, 2008 | Multiple directory traversal vulnerabilities in EasySite 2.3 allow remote attackers to read arbitrary files or list directories via a .. (dot dot) in the (1) module or (2) action parameter in (a) www/index.php; the (3) module, (4) ss_module, or (5) ss_action parameter in (b)… | |||
| CVE-2008-4154 | 0.03 | — | 0.01 | Sep 19, 2008 | SQL injection vulnerability in living-e webEdition CMS allows remote attackers to execute arbitrary SQL commands via the we_objectID parameter. | |||
| CVE-2008-4135 | 0.03 | — | 0.04 | Sep 19, 2008 | Symbian OS S60 3rd edition on the Nokia E90 Communicator 07.40.1.2 Ra-6 and Nseries N82 allows remote attackers to cause a denial of service (device crash) via multiple deauthentication (DeAuth) frames. | |||
| CVE-2008-4134 | 0.04 | — | 0.08 | Sep 19, 2008 | PHP remote file inclusion vulnerability in manager/static/view.php in phpRealty 0.03 and earlier, and possibly other versions before 0.05, allows remote attackers to execute arbitrary PHP code via a URL in the INC parameter. | |||
| CVE-2008-4133 | 0.03 | — | 0.04 | Sep 19, 2008 | The web proxy service on the D-Link DIR-100 with firmware 1.12 and earlier does not properly filter web requests with large URLs, which allows remote attackers to bypass web restriction filters. | |||
| CVE-2008-4132 | 0.00 | — | 0.04 | Sep 19, 2008 | Stack-based buffer overflow in the VSFlexGrid.VSFlexGridL ActiveX control in ComponentOne VSFlexGrid 7.0.1.151 and 8.0.20072.239 allows remote attackers to execute arbitrary code via a long first argument to the Archive method. NOTE: the provenance of this information is… | |||
| CVE-2008-4131 | 0.03 | — | 0.01 | Sep 19, 2008 | Multiple unspecified vulnerabilities in Sun Solaris 8 through 10 allow local users to gain privileges via vectors related to handling of tags with (1) the -t option and (2) the :tag command in the (a) vi, (b) ex, (c) vedit, (d) view, and (e) edit programs. | |||
| CVE-2008-4130 | 0.00 | — | 0.02 | Sep 18, 2008 | Cross-site scripting (XSS) vulnerability in Gallery 2.x before 2.2.6 allows remote attackers to inject arbitrary web script or HTML via a crafted Flash animation, related to the ability of the animation to "interact with the embedding page." | |||
| CVE-2008-4129 | 0.00 | — | 0.02 | Sep 18, 2008 | Gallery before 1.5.9, and 2.x before 2.2.6, does not properly handle ZIP archives containing symbolic links, which allows remote authenticated users to conduct directory traversal attacks and read arbitrary files via vectors related to the archive upload (aka zip upload)… | |||
| CVE-2008-4128 | 0.04 | — | 0.12 | Sep 18, 2008 | Multiple cross-site request forgery (CSRF) vulnerabilities in the HTTP Administration component in Cisco IOS 12.4 on the 871 Integrated Services Router allow remote attackers to execute arbitrary commands via (1) a certain "show privilege" command to the /level/15/exec/- URI,… | |||
| CVE-2008-3662 | 0.00 | — | 0.02 | Sep 18, 2008 | Gallery before 1.5.9, and 2.x before 2.2.6, does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie. | |||
| CVE-2008-2470 | 0.00 | — | 0.05 | Sep 18, 2008 | The InstallShield Update Service Agent ActiveX control in isusweb.dll allows remote attackers to cause a denial of service (memory corruption and browser crash) and possibly execute arbitrary code via a call to ExecuteRemote with a URL that results in a 404 error response. | |||
| CVE-2008-4127 | 0.01 | — | 0.16 | Sep 18, 2008 | Mshtml.dll in Microsoft Internet Explorer 7 Gold 7.0.5730 and 8 Beta 8.0.6001 on Windows XP SP2 allows remote attackers to cause a denial of service (failure of subsequent image rendering) via a crafted PNG file, related to an infinite loop in the CDwnTaskExec::ThreadExec… | |||
| CVE-2008-4126 | 0.00 | — | 0.02 | Sep 18, 2008 | PyDNS (aka python-dns) before 2.3.1-5 in Debian GNU/Linux does not use random source ports for DNS requests and does not use random transaction IDs for DNS retries, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447. … | |||
| CVE-2008-4125 | 0.00 | — | 0.02 | Sep 18, 2008 | The search function in phpBB 2.x provides a search_id value that leaks the state of PHP's PRNG, which allows remote attackers to obtain potentially sensitive information, as demonstrated by a cross-application attack against WordPress, a different vulnerability than… | |||
| CVE-2008-4108 | 0.00 | — | 0.00 | Sep 18, 2008 | Tools/faqwiz/move-faqwiz.sh (aka the generic FAQ wizard moving tool) in Python 2.4.5 might allow local users to overwrite arbitrary files via a symlink attack on a tmp$RANDOM.tmp temporary file. NOTE: there may not be common usage scenarios in which tmp$RANDOM.tmp is located in… | |||
| CVE-2008-4107 | 0.00 | — | 0.03 | Sep 18, 2008 | The (1) rand and (2) mt_rand functions in PHP 5.2.6 do not produce cryptographically strong random numbers, which allows attackers to leverage exposures in products that rely on these functions for security-relevant functionality, as demonstrated by the password-reset… | |||
| CVE-2008-4106 | 0.00 | — | 0.05 | Sep 18, 2008 | WordPress before 2.6.2 does not properly handle MySQL warnings about insertion of username strings that exceed the maximum column width of the user_login column, and does not properly handle space characters when comparing usernames, which allows remote attackers to change an… | |||
| CVE-2008-4105 | 0.00 | — | 0.02 | Sep 18, 2008 | JRequest in Joomla! 1.5 before 1.5.7 does not sanitize variables that were set with JRequest::setVar, which allows remote attackers to conduct "variable injection" attacks and have unspecified other impact. | |||
| CVE-2008-4104 | 0.00 | — | 0.01 | Sep 18, 2008 | Multiple open redirect vulnerabilities in Joomla! 1.5 before 1.5.7 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a "passed in" URL. | |||
| CVE-2008-4103 | 0.00 | — | 0.01 | Sep 18, 2008 | The mailto (aka com_mailto) component in Joomla! 1.5 before 1.5.7 sends e-mail messages without validating the URL, which allows remote attackers to transmit spam. | |||
| CVE-2008-4102 | 0.00 | — | 0.02 | Sep 18, 2008 | Joomla! 1.5 before 1.5.7 initializes PHP's PRNG with a weak seed, which makes it easier for attackers to guess the pseudo-random values produced by PHP's mt_rand function, as demonstrated by guessing password reset tokens, a different vulnerability than CVE-2008-3681. | |||
| CVE-2008-4101 | 0.04 | — | 0.09 | Sep 18, 2008 | Vim 3.0 through 7.x before 7.2.010 does not properly escape characters, which allows user-assisted attackers to (1) execute arbitrary shell commands by entering a K keystroke on a line that contains a ";" (semicolon) followed by a command, or execute arbitrary Ex commands by… | |||
| CVE-2008-4100 | 0.00 | — | 0.01 | Sep 18, 2008 | GNU adns 1.4 and earlier uses a fixed source port and sequential transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447. NOTE: the vendor reports that this is intended behavior and is… |
- CVE-2008-4178Sep 23, 2008risk 0.03cvss —epss 0.03
SQL injection vulnerability in tr.php in DownlineGoldmine Special Category Addon, Downline Builder Pro, New Addon, and Downline Goldmine Builder allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third…
- CVE-2008-4177Sep 23, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in search.php in Pre Real Estate Listings allows remote attackers to execute arbitrary SQL commands via the c parameter.
- CVE-2008-4176Sep 23, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in izle.asp in FoT Video scripti 1.1 beta allows remote attackers to execute arbitrary SQL commands via the oyun parameter.
- CVE-2008-4175Sep 23, 2008risk 0.03cvss —epss 0.01
Multiple SQL injection vulnerabilities in Link Bid Script 1.5 allow remote attackers to execute arbitrary SQL commands via the (1) ucat parameter to upgrade.php and the (2) id parameter to linkadmin/edit.php.
- CVE-2008-4174Sep 23, 2008risk 0.03cvss —epss 0.01
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Dynamic MP3 Lister 2.0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) currentpath, (2) invert, (3) search, and (4) sort parameters.
- CVE-2008-3661Sep 23, 2008risk 0.00cvss —epss 0.03
Drupal, probably 5.10 and 6.4, does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.
- CVE-2008-3519Sep 23, 2008risk 0.00cvss —epss 0.02
The default configuration of the JBossAs component in Red Hat JBoss Enterprise Application Platform (aka JBossEAP or EAP), possibly 4.2 before CP04 and 4.3 before CP02, when a production environment is enabled, sets the DownloadServerClasses property to true, which allows remote…
- CVE-2008-4164Sep 22, 2008risk 0.03cvss —epss 0.02
cron.php in MemHT Portal 3.9.0 and earlier allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message.
- CVE-2008-4163Sep 22, 2008risk 0.00cvss —epss 0.05
Unspecified vulnerability in ISC BIND 9.3.5-P2-W1, 9.4.2-P2-W1, and 9.5.0-P2-W1 on Windows allows remote attackers to cause a denial of service (UDP client handler termination) via unknown vectors.
- CVE-2008-4162Sep 22, 2008risk 0.00cvss —epss 0.01
Open redirect vulnerability in admin/auth.php in NooMS 1.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the g_site_url parameter.
- CVE-2008-4161Sep 22, 2008risk 0.03cvss —epss 0.02
SQL injection vulnerability in search_inv.php in Assetman 2.5b allows remote attackers to execute arbitrary SQL commands and conduct session fixation attacks via a combination of crafted order and order_by parameters in a search_all action.
- CVE-2008-4160Sep 22, 2008risk 0.00cvss —epss 0.00
Unspecified vulnerability in the UFS module in Sun Solaris 8 through 10 and OpenSolaris allows local users to cause a denial of service (NULL pointer dereference and kernel panic) via unknown vectors related to the Solaris Access Control List (ACL) implementation.
- CVE-2008-3949Sep 22, 2008risk 0.00cvss —epss 0.01
emacs/lisp/progmodes/python.el in Emacs 22.1 and 22.2 imports Python script from the current working directory during editing of a Python file, which allows local users to execute arbitrary code via a Trojan horse Python file.
- CVE-2008-4173Sep 22, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in ProArcadeScript 1.3 allows remote attackers to execute arbitrary SQL commands via the random parameter to the default URI.
- CVE-2008-4172Sep 22, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in page.php in Cars & Vehicle (aka Cars-Vehicle Script) allows remote attackers to execute arbitrary SQL commands via the lnkid parameter.
- CVE-2008-4171Sep 22, 2008risk 0.00cvss —epss 0.01
SQL injection vulnerability in xmlout.php in Invision Power Board (IP.Board or IPB) 2.2.x and 2.3.x allows remote attackers to execute arbitrary SQL commands via the name parameter.
- CVE-2008-4170Sep 22, 2008risk 0.00cvss —epss 0.02
create_account.php in osCommerce 2.2 RC 2a allows remote attackers to obtain sensitive information via an invalid dob parameter, which reveals the installation path in an error message.
- CVE-2008-4169Sep 22, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in detaillist.php in iScripts EasyIndex, possibly 1.0, allows remote attackers to execute arbitrary SQL commands via the produid parameter.
- CVE-2008-4168Sep 22, 2008risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in verify_login.jsp in Pro2col Stingray FTS allows remote attackers to inject arbitrary web script or HTML via the form_username parameter (aka user name field).
- CVE-2008-4167Sep 22, 2008risk 0.03cvss —epss 0.03
useradmin.php in Easy Photo Gallery (aka Ezphotogallery) 2.1 does not require administrative authentication, which allows remote attackers to (1) add or (2) remove an Administrator account.
- CVE-2008-4166Sep 22, 2008risk 0.03cvss —epss 0.02
Integer overflow in the JavaScript engine in Avant Browser 11.7 Build 9 and earlier allows remote attackers to cause a denial of service (application crash) by attempting to URL encode a string containing many instances of an invalid character.
- CVE-2008-4165Sep 22, 2008risk 0.00cvss —epss 0.01
admin/user/create_user.php in Kolab Groupware Server 1.0.0 places a user password in an HTTP GET request, which allows local administrators, and possibly remote attackers, to obtain cleartext passwords by reading the ssl_access_log file or the referer string.
- CVE-2008-4159Sep 22, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in index.php in Jaw Portal and Zanfi CMS lite and allows remote attackers to execute arbitrary SQL commands via the page (pageid) parameter.
- CVE-2008-4158Sep 22, 2008risk 0.03cvss —epss 0.02
Multiple directory traversal vulnerabilities in index.php in Zanfi CMS lite 1.2 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) flag and (2) inc parameters.
- CVE-2008-4157Sep 22, 2008risk 0.03cvss —epss 0.06
SQL injection vulnerability in groups.php in Vastal I-Tech phpVID 1.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter, a different vector than CVE-2007-3610. NOTE: it was later reported that 1.2.3 is also affected.
- CVE-2008-4156Sep 19, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in print.php in CustomCms (CCMS) Gaming Portal 4.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter.
- CVE-2008-4155Sep 19, 2008risk 0.03cvss —epss 0.03
Multiple directory traversal vulnerabilities in EasySite 2.3 allow remote attackers to read arbitrary files or list directories via a .. (dot dot) in the (1) module or (2) action parameter in (a) www/index.php; the (3) module, (4) ss_module, or (5) ss_action parameter in (b)…
- CVE-2008-4154Sep 19, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in living-e webEdition CMS allows remote attackers to execute arbitrary SQL commands via the we_objectID parameter.
- CVE-2008-4135Sep 19, 2008risk 0.03cvss —epss 0.04
Symbian OS S60 3rd edition on the Nokia E90 Communicator 07.40.1.2 Ra-6 and Nseries N82 allows remote attackers to cause a denial of service (device crash) via multiple deauthentication (DeAuth) frames.
- CVE-2008-4134Sep 19, 2008risk 0.04cvss —epss 0.08
PHP remote file inclusion vulnerability in manager/static/view.php in phpRealty 0.03 and earlier, and possibly other versions before 0.05, allows remote attackers to execute arbitrary PHP code via a URL in the INC parameter.
- CVE-2008-4133Sep 19, 2008risk 0.03cvss —epss 0.04
The web proxy service on the D-Link DIR-100 with firmware 1.12 and earlier does not properly filter web requests with large URLs, which allows remote attackers to bypass web restriction filters.
- CVE-2008-4132Sep 19, 2008risk 0.00cvss —epss 0.04
Stack-based buffer overflow in the VSFlexGrid.VSFlexGridL ActiveX control in ComponentOne VSFlexGrid 7.0.1.151 and 8.0.20072.239 allows remote attackers to execute arbitrary code via a long first argument to the Archive method. NOTE: the provenance of this information is…
- CVE-2008-4131Sep 19, 2008risk 0.03cvss —epss 0.01
Multiple unspecified vulnerabilities in Sun Solaris 8 through 10 allow local users to gain privileges via vectors related to handling of tags with (1) the -t option and (2) the :tag command in the (a) vi, (b) ex, (c) vedit, (d) view, and (e) edit programs.
- CVE-2008-4130Sep 18, 2008risk 0.00cvss —epss 0.02
Cross-site scripting (XSS) vulnerability in Gallery 2.x before 2.2.6 allows remote attackers to inject arbitrary web script or HTML via a crafted Flash animation, related to the ability of the animation to "interact with the embedding page."
- CVE-2008-4129Sep 18, 2008risk 0.00cvss —epss 0.02
Gallery before 1.5.9, and 2.x before 2.2.6, does not properly handle ZIP archives containing symbolic links, which allows remote authenticated users to conduct directory traversal attacks and read arbitrary files via vectors related to the archive upload (aka zip upload)…
- CVE-2008-4128Sep 18, 2008risk 0.04cvss —epss 0.12
Multiple cross-site request forgery (CSRF) vulnerabilities in the HTTP Administration component in Cisco IOS 12.4 on the 871 Integrated Services Router allow remote attackers to execute arbitrary commands via (1) a certain "show privilege" command to the /level/15/exec/- URI,…
- CVE-2008-3662Sep 18, 2008risk 0.00cvss —epss 0.02
Gallery before 1.5.9, and 2.x before 2.2.6, does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.
- CVE-2008-2470Sep 18, 2008risk 0.00cvss —epss 0.05
The InstallShield Update Service Agent ActiveX control in isusweb.dll allows remote attackers to cause a denial of service (memory corruption and browser crash) and possibly execute arbitrary code via a call to ExecuteRemote with a URL that results in a 404 error response.
- CVE-2008-4127Sep 18, 2008risk 0.01cvss —epss 0.16
Mshtml.dll in Microsoft Internet Explorer 7 Gold 7.0.5730 and 8 Beta 8.0.6001 on Windows XP SP2 allows remote attackers to cause a denial of service (failure of subsequent image rendering) via a crafted PNG file, related to an infinite loop in the CDwnTaskExec::ThreadExec…
- CVE-2008-4126Sep 18, 2008risk 0.00cvss —epss 0.02
PyDNS (aka python-dns) before 2.3.1-5 in Debian GNU/Linux does not use random source ports for DNS requests and does not use random transaction IDs for DNS retries, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447. …
- CVE-2008-4125Sep 18, 2008risk 0.00cvss —epss 0.02
The search function in phpBB 2.x provides a search_id value that leaks the state of PHP's PRNG, which allows remote attackers to obtain potentially sensitive information, as demonstrated by a cross-application attack against WordPress, a different vulnerability than…
- CVE-2008-4108Sep 18, 2008risk 0.00cvss —epss 0.00
Tools/faqwiz/move-faqwiz.sh (aka the generic FAQ wizard moving tool) in Python 2.4.5 might allow local users to overwrite arbitrary files via a symlink attack on a tmp$RANDOM.tmp temporary file. NOTE: there may not be common usage scenarios in which tmp$RANDOM.tmp is located in…
- CVE-2008-4107Sep 18, 2008risk 0.00cvss —epss 0.03
The (1) rand and (2) mt_rand functions in PHP 5.2.6 do not produce cryptographically strong random numbers, which allows attackers to leverage exposures in products that rely on these functions for security-relevant functionality, as demonstrated by the password-reset…
- CVE-2008-4106Sep 18, 2008risk 0.00cvss —epss 0.05
WordPress before 2.6.2 does not properly handle MySQL warnings about insertion of username strings that exceed the maximum column width of the user_login column, and does not properly handle space characters when comparing usernames, which allows remote attackers to change an…
- CVE-2008-4105Sep 18, 2008risk 0.00cvss —epss 0.02
JRequest in Joomla! 1.5 before 1.5.7 does not sanitize variables that were set with JRequest::setVar, which allows remote attackers to conduct "variable injection" attacks and have unspecified other impact.
- CVE-2008-4104Sep 18, 2008risk 0.00cvss —epss 0.01
Multiple open redirect vulnerabilities in Joomla! 1.5 before 1.5.7 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a "passed in" URL.
- CVE-2008-4103Sep 18, 2008risk 0.00cvss —epss 0.01
The mailto (aka com_mailto) component in Joomla! 1.5 before 1.5.7 sends e-mail messages without validating the URL, which allows remote attackers to transmit spam.
- CVE-2008-4102Sep 18, 2008risk 0.00cvss —epss 0.02
Joomla! 1.5 before 1.5.7 initializes PHP's PRNG with a weak seed, which makes it easier for attackers to guess the pseudo-random values produced by PHP's mt_rand function, as demonstrated by guessing password reset tokens, a different vulnerability than CVE-2008-3681.
- CVE-2008-4101Sep 18, 2008risk 0.04cvss —epss 0.09
Vim 3.0 through 7.x before 7.2.010 does not properly escape characters, which allows user-assisted attackers to (1) execute arbitrary shell commands by entering a K keystroke on a line that contains a ";" (semicolon) followed by a command, or execute arbitrary Ex commands by…
- CVE-2008-4100Sep 18, 2008risk 0.00cvss —epss 0.01
GNU adns 1.4 and earlier uses a fixed source port and sequential transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447. NOTE: the vendor reports that this is intended behavior and is…