PHPKIT include.php Session ID SQL Injection

Network Security News – Sunday, November 13, 2005 Events

PHPKIT include.php Session ID SQL Injection

PHPKIT contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the include.php script not properly sanitizing user-supplied input to the Session ID field. This may allow an attacker to inject or manipulate SQL queries, or delete arbitrary data rows from the backend database.. Read more at osvdb.org/20561

PHPKIT userinfo.php id Variable SQL Injection

PHPKIT contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the userinfo.php script not properly sanitizing user-supplied input to the "id" variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/20560

PHPKIT Multiple Subsystem path Parameter Local File Inclusion

PHPKIT contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to its subsystem not properly sanitizing user input supplied to the "path" variable. This may allow a remote attacker to send a specially-crafted URL to include a file from the local host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/20562

IBM Tivoli Directory Server Unspecified Data Modification

Tivoli Directory Server contains a flaw which allows an attacker to bypass security restrictions. No further details have been provided.. Read more at osvdb.org/20672

PHPKIT Help Function Arbitrary PHP Code Execution

PHPKIT contains a flaw that allows remote code execution. This flaw exists because the application does not validate variables upon submission to the scripts utilizing its template engine. This could allow a user to execute remote code, leading to a loss of integrity.. Read more at osvdb.org/20563

Solaris in.named Forced Query Remote DoS

Solaris contains a flaw that may allow a remote denial of service. The issue is triggered when exhaustive amounts of queries are processed through in.named, and will result in loss of availability for the service.. Read more at osvdb.org/20752

Asterisk vmail.cgi folder Variable Traversal Arbitrary .wav File Access

Asterisk contains a flaw that allows an authenticated user to access other users' voice mail wav files. The issue is due to the vmail.cgi not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the "folder" variable.. Read more at osvdb.org/20577

Moodle datalib.php get_record() Function Multiple Script SQL Injection

Moodle contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is in the "get_record()" function, which does not properly sanitize user input. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/20748

Moodle plot.php user Variable SQL Injection

Moodle contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the plot.php script not properly sanitizing user-supplied input to the "user" variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/20749

TuxBank index.php Multiple Variable XSS

TuxBank contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the "name" and "description" variables upon submission to the index.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/20696

Vuln: GpsDrive Friendsd Remote Format String Vulnerability

GpsDrive Friendsd Remote Format String Vulnerability. Read more at securityfocus.com/bid/15319

Vuln: Lynx URI Handlers Arbitrary Command Execution Vulnerability

Lynx URI Handlers Arbitrary Command Execution Vulnerability. Read more at securityfocus.com/bid/15395

Vuln: MidiCart ASP Search_List.ASP Searchstring Parameter SQL Injection Vulnerability

MidiCart ASP Search_List.ASP Searchstring Parameter SQL Injection Vulnerability. Read more at securityfocus.com/bid/14545

Vuln: Snort Back Orifice Preprocessor Remote Stack Buffer Overflow Vulnerability

Snort Back Orifice Preprocessor Remote Stack Buffer Overflow Vulnerability. Read more at securityfocus.com/bid/15131

High Risk Flaw in RealPlayer

High Risk Flaw in RealPlayer. Read more at securityfocus.com/archive/1/416475

[EEYEB-20050701] – RealPlayer Zipped Skin File Buffer Overflow II

[EEYEB-20050701] – RealPlayer Zipped Skin File Buffer Overflow II. Read more at securityfocus.com/archive/1/416313

[EEYEB-20050510] – RealPlayer Data Packet Stack Overflow

[EEYEB-20050510] – RealPlayer Data Packet Stack Overflow. Read more at securityfocus.com/archive/1/416312

Moodle <=1.6dev blind SQL Injection

Moodle <=1.6dev blind SQL Injection. Read more at securityfocus.com/archive/1/416306