CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
12651 CVE-2008-3222 287 2008-07-18 2017-08-07
6.8
User Remote Medium Not required Partial Partial Partial
Session fixation vulnerability in Drupal 5.x before 5.9 and 6.x before 6.3, when contributed modules "terminate the current request during a login event," allows remote attackers to hijack web sessions via unknown vectors.
12652 CVE-2008-3220 352 CSRF 2008-07-18 2017-08-07
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in Drupal 5.x before 5.8 and 6.x before 6.3 allows remote attackers to perform administrative actions via vectors involving deletion of "translated strings."
12653 CVE-2008-3217 189 2008-07-18 2017-08-07
6.8
None Remote Medium Not required Partial Partial Partial
PowerDNS Recursor before 3.1.6 does not always use the strongest random number generator for source port selection, which makes it easier for remote attack vectors to conduct DNS cache poisoning. NOTE: this is related to incomplete integration of security improvements associated with addressing CVE-2008-1637.
12654 CVE-2008-3195 22 Dir. Trav. 2008-09-18 2017-09-28
6.8
User Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in bin/configure in TWiki before 4.2.3, when a certain step in the installation guide is skipped, allows remote attackers to read arbitrary files via a query string containing a .. (dot dot) in the image variable, and execute arbitrary files via unspecified vectors.
12655 CVE-2008-3194 22 Dir. Trav. 2008-07-16 2017-09-28
6.8
User Remote Medium Not required Partial Partial Partial
Multiple directory traversal vulnerabilities in data/inc/themes/predefined_variables.php in pluck 4.5.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) langpref, (2) file, (3) blogpost, or (4) cat parameter.
12656 CVE-2008-3192 22 Dir. Trav. 2008-07-16 2017-09-28
6.8
User Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in index.php in jSite 1.0 OE allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module parameter.
12657 CVE-2008-3191 89 Exec Code Sql 2008-07-16 2017-09-28
6.8
User Remote Medium Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in usercp.php in mForum 0.1a, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) City, (2) Interest, (3) Email, (4) Icq, (5) msn, or (6) Yahoo Messenger field in an edit_profile action.
12658 CVE-2008-3190 22 Exec Code Dir. Trav. 2008-07-16 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in list.php in 1Scripts CodeDB 1.1.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
12659 CVE-2008-3188 310 2008-07-22 2017-08-07
6.2
None Local High Not required Complete Complete Complete
libxcrypt in SUSE openSUSE 11.0 uses the DES algorithm when the configuration specifies the MD5 algorithm, which makes it easier for attackers to conduct brute-force attacks against hashed passwords.
12660 CVE-2008-3185 89 Exec Code Sql 2008-07-15 2018-10-11
6.8
User Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in index.php in Relative Real Estate Systems 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the listing_id parameter in a listings action.
12661 CVE-2008-3181 20 Exec Code 2008-07-15 2017-09-28
6.5
User Remote Low Single system Partial Partial Partial
Unrestricted file upload vulnerability in upload.php in ContentNow CMS 1.4.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in upload/.
12662 CVE-2008-3173 264 2008-07-14 2017-08-07
6.8
User Remote Medium Not required Partial Partial Partial
Microsoft Internet Explorer allows web sites to set cookies for domains that have a public suffix with more than one dot character, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session, aka "Cross-Site Cooking." NOTE: this issue may exist because of an insufficient fix for CVE-2004-0866.
12663 CVE-2008-3172 264 2008-07-14 2017-08-07
6.8
None Remote Medium Not required Partial Partial Partial
Opera allows web sites to set cookies for country-specific top-level domains that have DNS A records, such as co.tv, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session, aka "Cross-Site Cooking."
12664 CVE-2008-3170 264 2008-07-14 2017-08-07
6.8
None Remote Medium Not required Partial Partial Partial
Apple Safari allows web sites to set cookies for country-specific top-level domains, such as co.uk and com.au, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session, aka "Cross-Site Cooking," a related issue to CVE-2004-0746, CVE-2004-0866, and CVE-2004-0867.
12665 CVE-2008-3165 22 Dir. Trav. 2008-07-14 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in rss.php in fuzzylime (cms) 3.01a and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the p parameter, as demonstrated using content.php, a different vector than CVE-2007-4805.
12666 CVE-2008-3163 22 Dir. Trav. 2008-07-14 2017-08-07
6.8
None Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in dodosmail.php in DodosMail 2.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the dodosmail_header_file parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
12667 CVE-2008-3158 264 2008-07-11 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
Unspecified vulnerability in NWFS.SYS in Novell Client for Windows 4.91 SP4 has unknown impact and attack vectors, possibly related to IOCTL requests that overwrite arbitrary memory.
12668 CVE-2008-3148 119 Exec Code Overflow 2008-07-11 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
Stack-based buffer overflow in (1) OllyDBG 1.10 and (2) ImpREC 1.7f allows user-assisted attackers to execute arbitrary code via a crafted DLL file that contains a long string.
12669 CVE-2008-3133 89 Exec Code Sql 2008-07-10 2017-09-28
6.8
User Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in admin/index.php in BareNuked CMS 1.1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the password parameter.
12670 CVE-2008-3131 89 Exec Code Sql 2008-07-10 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in chatbox.php in pSys 0.7.0 Alpha, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the showid parameter.
12671 CVE-2008-3127 20 Exec Code File Inclusion 2008-07-10 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in hioxBannerRotate.php in HIOX Banner Rotator (HBR) 1.3, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the hm parameter.
12672 CVE-2008-3126 119 Exec Code Overflow 2008-07-10 2017-08-07
6.5
None Remote Low Single system Partial Partial Partial
Multiple stack-based buffer overflows in the ServerView web interface (SnmpGetMibValues.exe) in Fujitsu Siemens Computers ServerView 04.60.07 and earlier allow remote authenticated users to execute arbitrary code via a crafted URL.
12673 CVE-2008-3122 89 Exec Code Sql 2008-07-10 2017-08-07
6.5
None Remote Low Single system Partial Partial Partial
Multiple SQL injection vulnerabilities in Xerox CentreWare Web (CWW) before 4.6.46 allow remote authenticated users to execute arbitrary SQL commands via the unspecified vectors.
12674 CVE-2008-3117 20 Exec Code 2008-07-10 2017-09-28
6.5
User Remote Low Single system Partial Partial Partial
Unrestricted file upload vulnerability in update_profile.php in PHPmotion 2.0 and earlier allows remote authenticated users to execute arbitrary code by uploading a .php file with a content type of (1) image/gif, (2) image/jpeg, or (3) image/pjpeg, then accessing it via a direct request to the file under pictures/.
12675 CVE-2008-3104 264 2008-07-09 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
Multiple unspecified vulnerabilities in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allow remote attackers to violate the security model for an applet's outbound connections by connecting to localhost services running on the machine that loaded the applet.
12676 CVE-2008-3096 264 +Priv 2008-07-09 2017-08-07
6.5
None Remote Low Single system Partial Partial Partial
The Outline Designer module 5.x before 5.x-1.4 for Drupal changes each content reader's authentication level to match that of the content author, which might allow remote attackers to gain privileges.
12677 CVE-2008-3093 94 Exec Code 2008-07-09 2017-09-28
6.5
User Remote Low Single system Partial Partial Partial
Unrestricted file upload vulnerability in ImperialBB 2.3.5 and earlier allows remote authenticated users to upload and execute arbitrary PHP code by placing a .php filename in the Upload_Avatar parameter and sending the image/gif content type.
12678 CVE-2008-3092 89 Exec Code Sql 2008-07-09 2017-08-07
6.5
None Remote Low Single system Partial Partial Partial
SQL injection vulnerability in the Taxonomy Autotagger module 5.x before 5.x-1.8 for Drupal allows remote authenticated users, with create or edit post permissions, to execute arbitrary SQL commands via unspecified vectors.
12679 CVE-2008-3081 20 Exec Code 2008-07-08 2017-08-07
6.5
User Remote Low Single system Partial Partial Partial
Multiple unspecified "input validation" vulnerabilities in the Web management interface (aka Messaging Administration interface) in Avaya Message Storage Server (MSS) 3.x and 4.0, and possibly Communication Manager 3.1.x, allow remote authenticated administrators to execute arbitrary commands as user vexvm via vectors related to (1) SFTP Remote Store configuration; (2) remote FTP storage settings; (3) name server lookup; (4) pinging another host; (5) TCP/IP Networking parameter configuration; (6) the external hosts configuration main page; (7) adding and changing external hosts; (8) Windows domain parameter configuration; (9) date, time, and NTP server configuration; (10) alarm settings; (11) the command line history form; (12) the maintenance form; and (13) the server events form.
12680 CVE-2008-3035 89 Exec Code Sql 2008-07-07 2017-09-28
6.5
User Remote Low Single system Partial Partial Partial
SQL injection vulnerability in newThread.php in XchangeBoard 1.70 Final and earlier allows remote authenticated users to execute arbitrary SQL commands via the boardID parameter.
12681 CVE-2008-3024 119 Overflow +Priv 2008-07-07 2018-10-11
6.9
Admin Local Medium Not required Complete Complete Complete
Stack-based buffer overflow in phgrafx in QNX Momentics (aka RTOS) 6.3.2 and earlier allows local users to gain privileges via a long .pal filename in palette/.
12682 CVE-2008-3003 20 +Info 2008-08-12 2018-10-12
6.6
None Local Low Not required Complete Complete None
Microsoft Office Excel 2007 Gold and SP1 does not properly delete the PWD (password) string from connections.xml when a .xlsx file is configured not to save the remote data session password, which allows local users to obtain sensitive information and obtain access to a remote data source, aka the "Excel Credential Caching Vulnerability."
12683 CVE-2008-3000 264 Bypass 2008-07-03 2017-08-07
6.8
None Remote Medium Not required Partial Partial Partial
The Aggregation module 5.x before 5.x-4.4 for Drupal, when node access modules are used, does not properly implement access control, which allows remote attackers to bypass intended restrictions.
12684 CVE-2008-2996 89 Exec Code Sql 2008-07-03 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in index.php in Gravity Board X (GBX) 2.0 Beta, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) searchquery parameter in a getsearch action, and the (2) board_id parameter in a viewboard action.
12685 CVE-2008-2985 22 Dir. Trav. 2008-07-02 2017-09-28
6.8
User Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in load_language.php in CMReams CMS 1.3.1.1 Beta 2, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the page_language parameter.
12686 CVE-2008-2982 22 Dir. Trav. 2008-07-02 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
Multiple directory traversal vulnerabilities in HomePH Design 2.10 RC2, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) thumb_template parameter to (a) admin/templates/template_thumbnail.php, and the (2) language parameter to (b) account/account.php, (c) downloads/downloads.php, (d) forum/forum.php, (e) fotogalerie/delete.php, and (f) fotogalerie/fotogalerie.php in admin/features/.
12687 CVE-2008-2981 94 Exec Code File Inclusion 2008-07-02 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in admin/templates/template_thumbnail.php in HomePH Design 2.10 RC2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the thumb_template parameter.
12688 CVE-2008-2978 22 Dir. Trav. 2008-07-02 2017-09-28
6.8
User Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in phpi/rss.php in Ourvideo CMS 9.5, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the prefix parameter.
12689 CVE-2008-2976 22 Dir. Trav. 2008-07-02 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
Multiple directory traversal vulnerabilities in TinX/cms 1.1, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) language parameter to (a) include_me.php, (b) admin/ajax.php, and (c) admin/objects/catalog.ajaxhandler.php; and the (2) prefix parameter to (d) admin/inc/config.php.
12690 CVE-2008-2974 22 Dir. Trav. 2008-07-02 2017-09-28
6.8
User Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in chatconfig.php in MM Chat 1.5, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the currentlang parameter.
12691 CVE-2008-2963 89 Exec Code Sql 2008-07-02 2017-09-28
6.8
User Remote Medium Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in MyBlog allow remote attackers to execute arbitrary SQL commands via the (1) view parameter to (a) index.php, and the (2) id parameter to (b) member.php and (c) post.php.
12692 CVE-2008-2957 20 DoS 2008-07-01 2017-09-28
6.4
None Remote Low Not required None Partial Partial
The UPnP functionality in Pidgin 2.0.0, and possibly other versions, allows remote attackers to trigger the download of arbitrary files and cause a denial of service (memory or disk consumption) via a UDP packet that specifies an arbitrary URL.
12693 CVE-2008-2949 2008-06-30 2008-10-15
6.8
User Remote Medium Not required Partial Partial Partial
Cross-domain vulnerability in Microsoft Internet Explorer 6 and 7 allows remote attackers to change the location property of a frame via the String data type, and use a frame from a different domain to observe domain-independent events, as demonstrated by observing onkeydown events with caballero-listener. NOTE: according to Microsoft, this is a duplicate of CVE-2008-2947, possibly a different attack vector.
12694 CVE-2008-2948 2008-06-30 2008-10-15
6.8
User Remote Medium Not required Partial Partial Partial
Cross-domain vulnerability in Microsoft Internet Explorer 7 and 8 allows remote attackers to change the location property of a frame via the Object data type, and use a frame from a different domain to observe domain-independent events, as demonstrated by observing onkeydown events with caballero-listener. NOTE: according to Microsoft, this is a duplicate of CVE-2008-2947, possibly a different attack vector.
12695 CVE-2008-2947 284 2008-06-30 2018-10-12
6.8
User Remote Medium Not required Partial Partial Partial
Cross-domain vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, and 7 allows remote attackers to access restricted information from other domains via JavaScript that uses the Object data type for the value of a (1) location or (2) location.href property, related to incorrect determination of the origin of web script, aka "Window Location Property Cross-Domain Vulnerability." NOTE: according to Microsoft, CVE-2008-2948 and CVE-2008-2949 are duplicates of this issue, probably different attack vectors.
12696 CVE-2008-2943 399 DoS Exec Code 2008-06-30 2017-08-07
6.0
User Remote Medium Single system Partial Partial Partial
Double free vulnerability in IBM Tivoli Directory Server (TDS) 6.1.0.0 through 6.1.0.15 allows remote authenticated administrators to cause a denial of service (ABEND) and possibly execute arbitrary code by using ldapadd to attempt to create a duplicate ibm-globalAdminGroup LDAP database entry. NOTE: the vendor states "There is no real risk of a vulnerability," although there are likely scenarios in which a user is allowed to make administrative LDAP requests but does not have the privileges to stop the server.
12697 CVE-2008-2942 22 Dir. Trav. 2008-06-30 2018-10-11
6.8
User Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in patch.py in Mercurial 1.0.1 allows user-assisted attackers to modify arbitrary files via ".." (dot dot) sequences in a patch file.
12698 CVE-2008-2936 264 +Priv 2008-08-18 2018-10-11
6.2
Admin Local High Not required Complete Complete Complete
Postfix before 2.3.15, 2.4 before 2.4.8, 2.5 before 2.5.4, and 2.6 before 2.6-20080814, when the operating system supports hard links to symlinks, allows local users to append e-mail messages to a file to which a root-owned symlink points, by creating a hard link to this symlink and then sending a message. NOTE: this can be leveraged to gain privileges if there is a symlink to an init script.
12699 CVE-2008-2934 94 DoS Exec Code 2008-07-18 2017-08-07
6.8
None Remote Medium Not required Partial Partial Partial
Mozilla Firefox 3 before 3.0.1 on Mac OS X allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file that triggers a free of an uninitialized pointer.
12700 CVE-2008-2931 264 DoS +Priv 2008-07-09 2018-10-30
6.9
Admin Local Medium Not required Complete Complete Complete
The do_change_type function in fs/namespace.c in the Linux kernel before 2.6.22 does not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of a mountpoint.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.