oss-sec mailing list archives
Re: webapp vulns with no cve
From: "Steven M. Christey" <coley () linus mitre org>
Date: Mon, 24 Mar 2008 18:52:08 -0400 (EDT)
Sorry about the big delay, Hanno. - Steve ====================================================== Name: CVE-2007-6711 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6711 Reference: CONFIRM:http://www.freewebshop.org/?Downloads:Fixes Reference: CONFIRM:http://www.freewebshop.org/?News Unspecified vulnerability in customer.php in FreeWebshop.org 2.2.5, 2.2.6 and 2.2.7WIP1/2 allows remote attackers to gain administrator privileges via unknown vectors. ====================================================== Name: CVE-2008-1484 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1484 Reference: MISC:http://sektioneins.de/advisories/SE-2008-01.txt Reference: MILW0RM:5165 Reference: URL:http://www.milw0rm.com/exploits/5165 Reference: CONFIRM:http://punbb.org/download/changelogs/1.2.16_to_1.2.17.txt Reference: CONFIRM:http://punbb.org/forums/viewtopic.php?id=18460 Reference: BID:27908 Reference: URL:http://www.securityfocus.com/bid/27908 Reference: SECUNIA:29043 Reference: URL:http://secunia.com/advisories/29043 The password reset feature in PunBB 1.2.16 and earlier uses predictable random numbers based on the system time, which allows remote authenticated users to determine the new password via a brute force attack on a seed that is based on the approximate creation time of the targeted account. NOTE: this issue might be related to CVE-2006-5737. ====================================================== Name: CVE-2008-1485 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1485 Reference: CONFIRM:http://punbb.org/download/changelogs/1.2.16_to_1.2.17.txt Reference: SECUNIA:29043 Reference: URL:http://secunia.com/advisories/29043 Cross-site scripting (XSS) vulnerability in PunBB 1.2.16 and earlier allows remote attackers to inject arbitrary web script or HTML via the get_host parameter to moderate.php. ====================================================== Name: CVE-2008-1486 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1486 Reference: CONFIRM:http://www.phorum.org/phorum5/read.php?64,126815,126815 SQL injection vulnerability in Phorum before 5.2.6 , when mysql_use_ft is disabled, allows remote attackers to execute arbitrary SQL commands via the non-fulltext search. ====================================================== Name: CVE-2008-1487 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1487 Reference: CONFIRM:http://linpha.cvs.sourceforge.net/linpha/linpha/ChangeLog?view=markup Reference: CONFIRM:http://linpha.sourceforge.net/wiki/index.php/Release_Notes#Version_1.3.3 Multiple cross-site scripting (XSS) vulnerabilities in LinPHA before 1.3.3 allow remote attackers to inject arbitrary web script or HTML via (1) ftp/index.php, (2) viewer.php, (3) functions/other.php, (4) include/left_menu.class.php, and (5) plugins/stats/stats_view.php.
Current thread:
- webapp vulns with no cve Hanno Böck (Mar 20)
- Re: webapp vulns with no cve Steven M. Christey (Mar 24)