Vulnerability Summary for the Week of March 15, 2010
Released
Mar 22, 2010
Document ID
SB10-081
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded in the past week. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores.
Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
- High: vulnerabilities with a CVSS base score of 7.0–10.0
- Medium: vulnerabilities with a CVSS base score of 4.0–6.9
- Low: vulnerabilities with a CVSS base score of 0.0–3.9
Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.
Vulnerability Severity:
High Vulnerabilities
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| acidcat -- acidcat_cms | Acidcat CMS 3.5.x does not prevent access to install.asp after installation finishes, which might allow remote attackers to restart the installation process and have unspecified other impact via requests to install.asp and other install_*.asp scripts. NOTE: the final installation screen states "Important: you must now delete all files beginning with 'install' from the root directory." | 2010-03-16 | 7.5 | CVE-2010-0976 XF MISC MISC |
| alexandre_amaral -- xoops_celepar | Multiple SQL injection vulnerabilities in the Qas (aka Quas) module for XOOPS Celepar allow remote attackers to execute arbitrary SQL commands via the codigo parameter to (1) aviso.php and (2) imprimir.php, and the (3) cod_categoria parameter to categoria.php. | 2010-03-15 | 7.5 | CVE-2009-4698 XF BID OSVDB MILW0RM MILW0RM SECUNIA OSVDB OSVDB |
| allomani -- movie_library | SQL injection vulnerability in login.php in Allomani Movies Library (Movies & Clips) 2.7.0 allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action. | 2010-03-18 | 7.5 | CVE-2009-4734 XF VUPEN MILW0RM |
| allomani -- audio_&_video_library | SQL injection vulnerability in login.php in Allomani Audio & Video Library (Songs & Clips version) 2.7.0 allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action. | 2010-03-18 | 7.5 | CVE-2009-4735 XF VUPEN MILW0RM |
| andrews-web -- aw-bannerad | Multiple SQL injection vulnerabilities in Admin/index.asp in Andrews-Web (A-W) BannerAd 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) User and (2) Password parameters. NOTE: some of these details are obtained from third party information. | 2010-03-18 | 7.5 | CVE-2009-4721 VUPEN MILW0RM SECUNIA |
| apple -- safari | Apple Safari before 4.0.5 on Windows does not properly validate external URL schemes, which allows remote attackers to open local files and execute arbitrary code via a crafted HTML document. | 2010-03-15 | 9.3 | CVE-2010-0045 BID CONFIRM APPLE |
| apple -- safari | Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted XML document. | 2010-03-15 | 9.3 | CVE-2010-0048 BID CONFIRM APPLE |
| apple -- safari | Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via HTML elements with right-to-left (RTL) text directionality. | 2010-03-15 | 9.3 | CVE-2010-0049 BID CONFIRM APPLE |
| apple -- safari | Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the run-in Cascading Style Sheets (CSS) display property. | 2010-03-15 | 9.3 | CVE-2010-0053 BID CONFIRM APPLE |
| barnowl -- barnowl | Buffer overflow in BarnOwl before 1.5.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted CC: header. | 2010-03-16 | 7.5 | CVE-2010-0793 CONFIRM |
| bob_jewell -- discloser | SQL injection vulnerability in index.php in Discloser 0.0.4 rc2 allows remote attackers to execute arbitrary SQL commands via the more parameter. | 2010-03-18 | 7.5 | CVE-2009-4719 BID BUGTRAQ MILW0RM |
| boldfx -- model_agency_manager_pro | SQL injection vulnerability in photos.php in Model Agency Manager PRO (formerly Modeling Agency Content Management Script) allows remote attackers to execute arbitrary SQL commands via the album parameter. | 2010-03-18 | 7.5 | CVE-2009-4731 XF BID SECUNIA MISC |
| broadcom -- broadcom | Unspecified vulnerability in the Broadcom Integrated NIC Management Firmware 1.x before 1.40.0.0 and 8.x before 8.08 on the HP Small Form Factor and Microtower platforms allows remote attackers to execute arbitrary code via unknown vectors. | 2010-03-18 | 10.0 | CVE-2010-0104 CERT-VN HP VUPEN BID SECTRACK SECUNIA HP |
| chris_simon -- com_abbrev | Directory traversal vulnerability in the Abbreviations Manager (com_abbrev) component 1.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information. | 2010-03-16 | 7.5 | CVE-2010-0985 XF BID MISC SECUNIA OSVDB |
| dirk_maiwert -- datamints_newsticker | SQL injection vulnerability in the datamints Newsticker (datamints_newsticker) extension before 0.7.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 2010-03-15 | 7.5 | CVE-2009-4709 CONFIRM BID |
| g4j.laoneo -- com_gcalendar | Directory traversal vulnerability in the GCalendar (com_gcalendar) component 2.1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. | 2010-03-16 | 7.5 | CVE-2010-0972 XF MISC SECUNIA |
| geekhelps -- admp | SQL injection vulnerability in bannershow.php in Geekhelps ADMP 1.01 allows remote attackers to execute arbitrary SQL commands via the click parameter. | 2010-03-16 | 7.5 | CVE-2010-0968 VUPEN MISC |
| gnudip -- gnudip | SQL injection vulnerability in cgi-bin/gnudip.cgi in GnuDIP 2.1.1 allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information. | 2010-03-18 | 7.5 | CVE-2009-4720 SECUNIA OSVDB MISC |
| gonafish -- webstatcaffe | SQL injection vulnerability in visitorduration.php in Gonafish WebStatCaffe allows remote attackers to execute arbitrary SQL commands via the nodayshow parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | 2010-03-15 | 7.5 | CVE-2009-4718 SECUNIA |
| jan_bednarik -- cooluri | SQL injection vulnerability in the CoolURI (cooluri) extension before 1.0.16 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2008-6686. | 2010-03-15 | 7.5 | CVE-2009-4711 CONFIRM BID SECUNIA |
| jorik_berkepas -- phpmylogon | SQL injection vulnerability in phpmylogon.php in PhpMyLogon 2 allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information. | 2010-03-16 | 7.5 | CVE-2010-0970 XF VUPEN MISC |
| junglescripts -- ajax_short_url_script | SQL injection vulnerability in x/login in JungleScripts Ajax Short Url Script allows remote attackers to execute arbitrary SQL commands via the username parameter. | 2010-03-18 | 7.5 | CVE-2009-4727 VUPEN MILW0RM SECUNIA |
| limny -- limny | SQL injection vulnerability in the CheckLogin function in includes/functions.php in Limny 1.01, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. | 2010-03-18 | 7.5 | CVE-2009-4722 XF OSVDB MILW0RM SECUNIA |
| liviu_mitrofan -- myth_download | SQL injection vulnerability in the Myth download (myth_download) extension 0.1.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 2010-03-15 | 7.5 | CVE-2009-4701 CONFIRM |
| markus_barchfeld -- pm_tour | SQL injection vulnerability in the Tour Extension (pm_tour) extension before 0.0.13 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 2010-03-15 | 7.5 | CVE-2009-4702 CONFIRM |
| maximo_cuadros -- gb_fenewssubmit | SQL injection vulnerability in the [Gobernalia] Front End News Submitter (gb_fenewssubmit) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 2010-03-15 | 7.5 | CVE-2009-4708 CONFIRM |
| media-products -- eros_webkatalog | SQL injection vulnerability in start.php in Eros Webkatalog allows remote attackers to execute arbitrary SQL commands via the id parameter in a rubrik action. | 2010-03-16 | 7.5 | CVE-2010-0964 XF MISC SECUNIA MISC OSVDB MISC |
| mitchell_sleeper -- l4d_stats | SQL injection vulnerability in player.php in Left 4 Dead (L4D) Stats 1.1 allows remote attackers to execute arbitrary SQL commands via the steamid parameter. | 2010-03-16 | 7.5 | CVE-2010-0980 XF MISC SECUNIA MISC OSVDB MISC |
| netpet -- netpet_cms | Directory traversal vulnerability in confirm.php in Netpet CMS 1.9 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter. | 2010-03-18 | 7.5 | CVE-2009-4723 VUPEN MILW0RM |
| paymentprocessorscript.net -- ppscript | SQL injection vulnerability in shop.htm in PaymentProcessorScript.net PPScript allows remote attackers to execute arbitrary SQL commands via the cid parameter. | 2010-03-18 | 7.5 | CVE-2009-4724 MILW0RM SECUNIA |
| phpcityportal -- phpcityportal | Multiple SQL injection vulnerabilities in PHPCityPortal allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) video_show.php, (2) spotlight_detail.php, (3) real_estate_details.php, and (4) auto_details.php. | 2010-03-16 | 7.5 | CVE-2010-0974 XF BID MISC MISC |
| phpcityportal -- phpcityportal | PHP remote file inclusion vulnerability in external.php in PHPCityPortal allows remote attackers to execute arbitrary PHP code via a URL in the url parameter. | 2010-03-16 | 7.5 | CVE-2010-0975 XF MISC MISC |
| questions_answered -- questions_answered | SQL injection vulnerability in the administrative interface in Questions Answered 1.3 allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information. | 2010-03-18 | 7.5 | CVE-2009-4728 VUPEN MILW0RM |
| robert_heel -- cwt_resetbepassword | SQL injection vulnerability in the Reset backend password (cwt_resetbepassword) extension 1.20 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 2010-03-15 | 7.5 | CVE-2009-4710 BID CONFIRM SECUNIA |
| scripteverkauf -- domain_verkaus_and_auktions_portal | SQL injection vulnerability in index.php in phppool media Domain Verkaus and Auktions Portal allows remote attackers to execute arbitrary SQL commands via the id parameter. | 2010-03-16 | 7.5 | CVE-2010-0973 XF VUPEN MISC SECUNIA MISC |
| templateplazza -- com_tpjobs | SQL injection vulnerability in the TPJobs (com_tpjobs) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id_c[] parameter in a resadvsearch action to index.php. | 2010-03-16 | 7.5 | CVE-2010-0981 XF VUPEN BID MISC SECUNIA MISC OSVDB |
| tukanas -- easyclassifieds_script | SQL injection vulnerability in index.php in Tukanas Classifieds (aka EasyClassifieds) Script 1.0 allows remote attackers to execute arbitrary SQL commands via the b parameter. | 2010-03-15 | 7.5 | CVE-2009-4712 SECUNIA MISC OSVDB |
| typo3 -- ws_gallery | SQL injection vulnerability in the Webesse Image Gallery (ws_gallery) extension 1.0.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 2010-03-15 | 7.5 | CVE-2009-4703 CONFIRM |
| x10media -- adult_script | SQL injection vulnerability in report.php in x10 Adult Media Script 1.7 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 2010-03-18 | 7.5 | CVE-2009-4730 XF MILW0RM SECUNIA |
Medium Vulnerabilities
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| acidcat -- acidcat_cms | Acidcat CMS 3.5.3 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing credentials via a direct request for databases/acidcat_3.mdb. | 2010-03-16 | 5.0 | CVE-2010-0984 XF MISC SECUNIA MISC OSVDB |
| alexandre_amaral -- xoops_celepar | Multiple cross-site scripting (XSS) vulnerabilities in the Qas (aka Quas) module for XOOPS Celepar allow remote attackers to inject arbitrary web script or HTML via (1) the cod_categoria parameter to categoria.php, (2) the opcao parameter to index.php, and the PATH_INFO to (3) categoria.php and (4) index.php. | 2010-03-15 | 4.3 | CVE-2009-4713 BID MILW0RM SECUNIA OSVDB OSVDB |
| alexandre_amaral -- xoops_celepar | Cross-site scripting (XSS) vulnerability in the quiz module for XOOPS Celepar allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to cadastro_usuario.php. | 2010-03-15 | 4.3 | CVE-2009-4714 OSVDB SECUNIA MISC |
| arabportal -- arab_portal | Directory traversal vulnerability in modules/aljazeera/admin/setup.php in Arab Portal 2.2 and earlier, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module parameter. | 2010-03-18 | 5.1 | CVE-2009-4725 VUPEN BID MILW0RM |
| dzcp -- dev!l'z_clanportal | PHP remote file inclusion vulnerability in inc/config.php in deV!L`z Clanportal (DZCP) 1.5.2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the basePath parameter. | 2010-03-16 | 6.8 | CVE-2010-0966 VUPEN MISC SECUNIA |
| edgephp -- ezwebsearch | Cross-site scripting (XSS) vulnerability in results.php in EDGEPHP EZWebSearch allows remote attackers to inject arbitrary web script or HTML via the language parameter. | 2010-03-15 | 4.3 | CVE-2009-4716 XF OSVDB SECUNIA MISC |
| geekhelps -- admp | Multiple directory traversal vulnerabilities in Geekhelps ADMP 1.01, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the style parameter to (1) colorvoid/footer.php, (2) default-green/footer.php, (3) default-orange/footer.php, and (4) default/footer.php in themes/. NOTE: some of these details are obtained from third party information. | 2010-03-16 | 5.1 | CVE-2010-0967 XF VUPEN MISC SECUNIA OSVDB OSVDB OSVDB OSVDB |
| gnu -- cpio | Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service (memory corruption) or possibly execute arbitrary code by sending more data than was requested, related to archive filenames that contain a : (colon) character. | 2010-03-15 | 6.8 | CVE-2010-0624 CONFIRM MISC |
| gonafish -- webstatcaffe | Multiple cross-site scripting (XSS) vulnerabilities in Gonafish WebStatCaffe allow remote attackers to inject arbitrary web script or HTML via the (1) host parameter to stat/host.php, nodayshow parameter to (2) mostvisitpage.php and (3) visitorduration.php in stat/, (4) nopagesmost parameter to stat/mostvisitpagechart.php, and date parameter to (5) pageviewers.php, (6) pageviewerschart.php, and (7) referer.php in stat/. | 2010-03-15 | 4.3 | CVE-2009-4717 SECUNIA MISC |
| jevci.net -- jevci_siparis_formu_scripti | Jevci Siparis Formu Scripti stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for siparis.mdb. | 2010-03-16 | 5.0 | CVE-2010-0965 XF SECUNIA MISC OSVDB |
| joomlamo -- com_cartweberp | Directory traversal vulnerability in the CARTwebERP (com_cartweberp) component 1.56.75 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | 2010-03-16 | 4.3 | CVE-2010-0982 BID SECUNIA MISC OSVDB |
| kmsoft -- guestbook | KMSoft Guestbook (aka GBook) 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/db.mdb. | 2010-03-16 | 5.0 | CVE-2010-0978 XF MISC SECUNIA MISC OSVDB |
| linux -- kernel | The nfs_lock function in fs/nfs/file.c in the Linux kernel 2.6.9 does not properly remove POSIX locks on files that are setgid without group-execute permission, which allows local users to cause a denial of service (BUG and system crash) by locking a file on an NFS filesystem and then changing this file's permissions, a related issue to CVE-2010-0727. | 2010-03-16 | 4.7 | CVE-2007-6733 CONFIRM CONFIRM REDHAT |
| linux -- kernel | The gfs2_lock function in the Linux kernel before 2.6.34-rc1-next-20100312, and the gfs_lock function in the Linux kernel on Red Hat Enterprise Linux (RHEL) 5 and 6, does not properly remove POSIX locks on files that are setgid without group-execute permission, which allows local users to cause a denial of service (BUG and system crash) by locking a file on a (1) GFS or (2) GFS2 filesystem, and then changing this file's permissions. | 2010-03-16 | 4.7 | CVE-2010-0727 CONFIRM MLIST MLIST |
| maximo_cuadros -- gb_fenewssubmit | Cross-site scripting (XSS) vulnerability in the [Gobernalia] Front End News Submitter (gb_fenewssubmit) extension 0.1.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2010-03-15 | 4.3 | CVE-2009-4707 CONFIRM |
| nlnet_labs -- unbound | Unbound before 1.4.3 does not properly align structures on 64-bit platforms, which allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors. | 2010-03-16 | 5.0 | CVE-2010-0969 MLIST BID SECUNIA OSVDB |
| obsession-design -- image-gallery | Cross-site scripting (XSS) vulnerability in display.php in Obsession-Design Image-Gallery (ODIG) 1.1 allows remote attackers to inject arbitrary web script or HTML via the folder parameter. | 2010-03-16 | 4.3 | CVE-2010-0979 VUPEN SECUNIA MISC |
| olivier_michaud_pierre-yves -- quickdev4php | Directory traversal vulnerability in download.php in Quickdev 4 PHP allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | 2010-03-18 | 5.0 | CVE-2009-4726 VUPEN MILW0RM SECUNIA |
| pango -- pango | Array index error in the hb_ot_layout_build_glyph_classes function in pango/opentype/hb-ot-layout.cc in Pango before 1.27.1 allows context-dependent attackers to cause a denial of service (application crash) via a crafted font file, related to building a synthetic Glyph Definition (aka GDEF) table by using this font's charmap and the Unicode property database. | 2010-03-18 | 4.3 | CVE-2010-0421 CONFIRM CONFIRM VUPEN BID REDHAT SECTRACK |
| php -- php | The xmlrpc extension in PHP 5.3.1 does not properly handle a missing methodName element in the first argument to the xmlrpc_decode_request function, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) and possibly have unspecified other impact via a crafted argument. | 2010-03-16 | 5.0 | CVE-2010-0397 BID MLIST CONFIRM |
| phpscriptsnow -- real_time_currency_exchange | Cross-site scripting (XSS) vulnerability in rates.php in Real Time Currency Exchange allows remote attackers to inject arbitrary web script or HTML via the Amount parameter. | 2010-03-15 | 4.3 | CVE-2009-4715 XF OSVDB SECUNIA MISC |
| pordus -- pd_portal | PD PORTAL 4.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/db.mdb. | 2010-03-16 | 5.0 | CVE-2010-0977 MISC SECUNIA MISC OSVDB |
| pulseaudio -- pulseaudio | The pa_make_secure_dir function in core-util.c in PulseAudio 0.9.10 and 0.9.19 allows local users to change the ownership and permissions of arbitrary files via a symlink attack on a /tmp/.esd-##### temporary file. | 2010-03-18 | 6.9 | CVE-2009-1299 CONFIRM DEBIAN CONFIRM MISC |
| redhat -- enterprise_linux | A certain Red Hat patch for the Linux kernel in Red Hat Enterprise Linux (RHEL) 4 on the ia64 platform allows local users to use ptrace on an arbitrary process, and consequently gain privileges, via vectors related to a missing ptrace_check_attach call. | 2010-03-16 | 6.9 | CVE-2010-0729 CONFIRM BID MLIST |
| sebastian_winterhalder -- mailform | Cross-site scripting (XSS) vulnerability in the Mailform (mailform) extension before 0.9.24 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2010-03-15 | 4.3 | CVE-2009-4706 CONFIRM |
| skadate -- skadate_online_dating_software | Multiple cross-site scripting (XSS) vulnerabilities in SkaDate Dating allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) admin/auth.php and (2) file_uploader.php. | 2010-03-15 | 4.3 | CVE-2009-4699 XF BID MILW0RM SECUNIA OSVDB OSVDB |
| skadate -- skadate_online_dating_software | Directory traversal vulnerability in index.php in SkaDate Dating allows remote attackers to read arbitrary files via a .. (dot dot) in the layout parameter. | 2010-03-15 | 5.0 | CVE-2009-4700 XF BID MILW0RM SECUNIA OSVDB |
| supercrackmunkey -- simpleloginsys | SQL injection vulnerability in checkuser.php in SimpleLoginSys 0.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information. | 2010-03-18 | 5.1 | CVE-2009-4733 VUPEN MILW0RM |
| technotoad -- tt_web_site_manager | SQL injection vulnerability in tt/index.php in TT Web Site Manager 0.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the tt_name parameter. NOTE: some of these details are obtained from third party information. | 2010-03-18 | 6.8 | CVE-2009-4732 VUPEN MILW0RM SECUNIA |
| thomas_loeffler -- twittersearch | Cross-site scripting (XSS) vulnerability in the Twitter Search (twittersearch) extension before 0.1.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2010-03-15 | 4.3 | CVE-2009-4705 CONFIRM |
| typo3 -- ws_ecard | Unspecified vulnerability in the Webesse E-Card (ws_ecard) extension 1.0.2 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown vectors. | 2010-03-15 | 5.0 | CVE-2009-4704 CONFIRM |
| utilo -- rezervi | PHP remote file inclusion vulnerability in include/mail.inc.php in Rezervi 3.0.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the root parameter, a different vector than CVE-2007-2156. | 2010-03-16 | 6.8 | CVE-2010-0983 XF VUPEN BID MISC SECUNIA MISC OSVDB |
| x10media -- adult_script | Multiple cross-site scripting (XSS) vulnerabilities in x10 Adult Media Script 1.7 allow remote attackers to inject arbitrary web script or HTML via the (1) pic_id parameter to includes/video_ad.php, (2) category parameter to linkvideos_listing.php, (3) id parameter to templates/header1.php, and (4) key parameter to video_listing.php. | 2010-03-18 | 4.3 | CVE-2009-4729 XF OSVDB OSVDB OSVDB OSVDB MILW0RM SECUNIA |
| yuri_d'elia -- dl | Cross-site scripting (XSS) vulnerability in index.php in dl Download Ticket Service before 0.7 allows remote attackers to inject arbitrary web script or HTML via the t parameter, related to an invalid ticket ID. NOTE: some of these details are obtained from third party information. | 2010-03-16 | 4.3 | CVE-2010-0963 BID CONFIRM MLIST SECUNIA OSVDB |
Low Vulnerabilities
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| atutor -- atutor | Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.6.4 allow remote authenticated users, with Instructor privileges, to inject arbitrary web script or HTML via the (1) Question and (2) Choice fields in tools/polls/add.php, the (3) Type and (4) Title fields in tools/groups/create_manual.php, and the (5) Title field in assignments/add_assignment.php. NOTE: some of these details are obtained from third party information. | 2010-03-16 | 2.1 | CVE-2010-0971 XF BID MISC SECUNIA MISC OSVDB OSVDB OSVDB |
Please share your thoughts
We recently updated our anonymous product survey; we’d welcome your feedback.