VUPEN Security Advisories

VUPEN Security Advisories http://www.vupen.com/english VUPEN - Vulnerabilities and Security Advisories 24/7 en Copyright (c) VUPEN.COM VUPEN - Bugzilla Unauthorized Bug Status Modification Security Weakness http://www.vupen.com/english/advisories/2009/1840 A security weakness has been identified in Bugzilla, which could be exploited by attackers to bypass security restrictions and manipulate certain data... 2009-07-09 VUPEN - Acajoom GPL for Joomla Backdoor Remote Command Execution Issue http://www.vupen.com/english/advisories/2009/1839 A security issue has been identified in Acajoom GPL for Joomla, which could be exploited by attackers to compromise a vulnerable web server... 2009-07-09 VUPEN - Alibaba Clone "SellerID" and "IndustryID" SQL Injection Vulnerabilities http://www.vupen.com/english/advisories/2009/1838 Multiple vulnerabilities have been identified in Alibaba Clone, which could be exploited by remote attackers to inject arbitrary SQL queries... 2009-07-09 VUPEN - Linea 21 "search" Parameter Handling Cross Site Scripting Vulnerability http://www.vupen.com/english/advisories/2009/1837 A vulnerability has been identified in Linea 21, which could be exploited by attackers to execute arbitrary scripting code... 2009-07-09 VUPEN - ClanSphere "text" Parameter Handling Cross Site Scripting Vulnerability http://www.vupen.com/english/advisories/2009/1836 A vulnerability has been identified in ClanSphere, which could be exploited by attackers to execute arbitrary scripting code... 2009-07-09 VUPEN - Rentventory "username" Parameter Cross Site Scripting Vulnerability http://www.vupen.com/english/advisories/2009/1835 A vulnerability has been identified in Rentventory, which could be exploited by attackers to execute arbitrary scripting code... 2009-07-09 VUPEN - Awingsoft Awakening Winds3D Viewer Code Execution Vulnerability http://www.vupen.com/english/advisories/2009/1834 A vulnerability has been identified in Awingsoft Awakening Winds3D, which could be exploited by remote attackers to compromise a vulnerable system... 2009-07-09 VUPEN - WordPress Multiple Security Bypass and Information Disclosure Issues http://www.vupen.com/english/advisories/2009/1833 Multiple vulnerabilities have been identified in WordPress, which could be exploited by attackers or malicious users to bypass security restrictions, gain knowledge of sensitive information or manipulate certain data... 2009-07-09 VUPEN - DB Top Sites "u" Parameter Handling Cross Site Scripting Vulnerability http://www.vupen.com/english/advisories/2009/1832 A vulnerability has been identified in DB Top Sites, which could be exploited by attackers to execute arbitrary scripting code... 2009-07-09 VUPEN - JNM Guestbook "page" Parameter Cross Site Scripting Vulnerability http://www.vupen.com/english/advisories/2009/1831 A vulnerability has been identified in JNM Guestbook, which could be exploited by attackers to execute arbitrary scripting code... 2009-07-09 VUPEN - Online Guestbook Pro "entry" Parameter Cross Site Scripting Vulnerability http://www.vupen.com/english/advisories/2009/1830 A vulnerability has been identified in Online Guestbook Pro, which could be exploited by attackers to execute arbitrary scripting code... 2009-07-09 VUPEN - Astaro Security Gateway IPsec Remote Denial of Service Vulnerability http://www.vupen.com/english/advisories/2009/1829 A vulnerability has been identified in Astaro Security Gateway, which could be exploited by remote attackers to cause a denial of service... 2009-07-09 VUPEN - eBay Enhanced Picture Uploader ActiveX Code Execution Vulnerability http://www.vupen.com/english/advisories/2009/1828 A vulnerability has been identified in eBay Enhanced Picture Uploader ActiveX control, which could be exploited by remote attackers to compromise an affected system... 2009-07-08 VUPEN - Apple Safari WebKit Memory Corruption and Cross Site Scripting Issues http://www.vupen.com/english/advisories/2009/1827 Two vulnerabilities have been identified in Apple Safari, which could be exploited by attackers to gain knowledge of sensitive information or compromise a vulnerable system... 2009-07-08 VUPEN - Adobe ColdFusion FCKeditor File Upload and Security Bypass Issues http://www.vupen.com/english/advisories/2009/1826 Multiple vulnerabilities have been identified in Adobe ColdFusion, which could be exploited by attackers to gain knowledge of sensitive information or compromise a vulnerable web server... 2009-07-08 VUPEN - Zope.html FCKeditor File Upload and Information Disclosure Issues http://www.vupen.com/english/advisories/2009/1825 Multiple vulnerabilities have been identified in Zope... 2009-07-08 VUPEN - IBM WebSphere Application Server JAX-RPC WS-Security Vulnerability http://www.vupen.com/english/advisories/2009/1824 A vulnerability has been identified in IBM WebSphere Application Server, which could be exploited by attackers to bypass security restrictions... 2009-07-08 VUPEN - Tausch Ticket Script Multiple Parameter SQL Injection Vulnerabilities http://www.vupen.com/english/advisories/2009/1823 Multiple vulnerabilities have been identified in Tausch Ticket Script, which could be exploited by remote attackers to inject arbitrary SQL queries... 2009-07-08 VUPEN - Siteframe Remote SQL Injection and Information Disclosure Vulnerabilities http://www.vupen.com/english/advisories/2009/1822 Two vulnerabilities have been identified in Siteframe, which could be exploited by attackers to manipulate or disclose certain data... 2009-07-08 VUPEN - Rapidsendit Clone Cookie Handling Authentication Bypass Vulnerability http://www.vupen.com/english/advisories/2009/1821 A vulnerability has been identified in Rapidsendit Clone, which could be exploited by remote attackers to bypass security restrictions... 2009-07-08