Audit My PC - Free Internet Security Audit

Firewall Test and web tools to check your security and privacy

phpBB topic type SQL Injection

Network Security News – Wednesday, January 11, 2006 Events

phpBB topic type SQL Injection

phpBB contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the not properly sanitizing user-supplied input to the 'topic type'. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/22270

PHlyMail Multiple Unspecified SQL Injection

PHlyMail contains a flaw that may allow an attacker to carry out an SQL injection attack. This may allow an attacker to inject or manipulate SQL queries in the backend database. No further details have been provided.. Read more at osvdb.org/20976

BTGrup Admin WebController Script Login Multiple Field SQL Injection

BTGrup contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the WebController Login script not properly sanitizing user-supplied input to the 'Username' and 'Password' variables. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/21815

Exponent CMS Navigation Module parent Variable SQL Injection

Exponent CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the Navigation Module not properly sanitizing user-supplied input to the 'parent' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/21023

SimplePoll results.php pollid Variable SQL Injection

SimplePoll contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'results.php' script not properly sanitizing user-supplied input to the 'pollid' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/21035

Alisveristr E-Commerce Login Multiple Field SQL Injection

Alisveristr E-Commerce contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the login script not properly sanitizing user-supplied input to the 'username' and 'password' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/21622

Softbiz Web Host Directory Failed SQL Query Path Disclosure

Softbiz Web Host Directory contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered due to a directory SQL error message, which will disclose the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.. Read more at osvdb.org/21084

NKads Admin Login Multiple Field SQL Injection

NKads contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the Admin Login not properly sanitizing user-supplied input to the 'usuario_nkads_admin' and 'password_nkads_admin' variables. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/22206

AlstraSoft EPay Pro index.php pmodule Variable SQL Injection

AlstraSoft EPay Pro contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'pmodule' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/21291

APBoard thread.php start Variable SQL Injection

APBoard contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'thread.php' script not properly sanitizing user-supplied input to the 'start' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/21289

Vuln: Cray UNICOS Multiple Local Command Line Argument Buffer Overflow Vulnerabilities

Cray UNICOS Multiple Local Command Line Argument Buffer Overflow Vulnerabilities. Read more at securityfocus.com/bid/16205

Vuln: Blackberry Enterprise Server Attachment Service PNG Attachment Denial Of Service Vulnerability

Blackberry Enterprise Server Attachment Service PNG Attachment Denial Of Service Vulnerability. Read more at securityfocus.com/bid/16204

Vuln: XMame Multiple Local Command Line Argument Buffer Overflow Vulnerabilities

XMame Multiple Local Command Line Argument Buffer Overflow Vulnerabilities. Read more at securityfocus.com/bid/16203

Vuln: Dave Carrigan Auth_LDAP Remote Format String Vulnerability

Dave Carrigan Auth_LDAP Remote Format String Vulnerability. Read more at securityfocus.com/bid/16177

[security bulletin] SSRT051058 rev.1 – HP-UX Secure Shell Remote Denial of Service (DoS)

[security bulletin] SSRT051058 rev.1 – HP-UX Secure Shell Remote Denial of Service (DoS). Read more at securityfocus.com/archive/1/421411

Malware – future trends

Malware – future trends. Read more at securityfocus.com/archive/1/421410

Multiple Vulnerabilities in Hummingbird Collaboration

Multiple Vulnerabilities in Hummingbird Collaboration. Read more at securityfocus.com/archive/1/421392

iDefense Security Advisory 01.10.06: Sun Solaris uustat Buffer Overflow Vulnerability

iDefense Security Advisory 01.10.06: Sun Solaris uustat Buffer Overflow Vulnerability. Read more at securityfocus.com/archive/1/421393

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *