PHP Toolkit for PayPal ipn_success.txt Log Local Information Disclosure

Network Security News – Tuesday, January 17, 2006 Events

PHP Toolkit for PayPal ipn_success.txt Log Local Information Disclosure

PHP Toolkit for PayPal contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when the installation documentation is followed, which sets access rights to the log file directory '../ipn/logs/' to world-readable. This will disclose the 'logs/ipn_success.txt' log file's content which contains payment transaction data, resulting in a loss of confidentiality.. Read more at osvdb.org/22379

Ultimate Auction item.pl item Variable XSS

Ultimate Auction contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'item' variable upon submission to the item.pl script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/22443

Ultimate Auction itemlist.pl category Variable XSS

Ultimate Auction contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'category' variable upon submission to the itemlist.pl script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/22444

AspTopSites includeloginuser.asp password Field SQL Injection

AspTopSites contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the includeloginuser.asp script not properly sanitizing user-supplied input to the 'password' field. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/22330

Cisco CS-MARS Passwordless Persistant Root Account

By default, CS-MARS installs with a default root password. The root account has an undocumented default password which is publicly known. This allows attackers to trivially access the prog or system.. Read more at osvdb.org/22346

MyPHPim Login Page pass Field SQL Injection

MyPHPim contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the login page not properly sanitizing user-supplied input to the 'pass' field. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/22325

Toshiba Bluetooth Stack Traversal Arbitrary File Upload

Toshiba's Bluetooth Stack contains a flaw that allows a remote attacker to upload arbitrary files to the target computers's file system, using 'OBEX Push' calls. The issue is due to the stack not properly sanitizing user input, specifically traversal style attacks (../../) supplied via a client software.. Read more at osvdb.org/22380

MyPHPim Create New todo Description Field XSS

MyPHPim contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the description field upon submission to the creation of a new "todo" list. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/22326

MyPHPim calendar.php3 cal_id Variable SQL Injection

MyPHPim contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the calendar.php3 script not properly sanitizing user-supplied input to the 'cal_id' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/22324

Apple QuickTime GIF Image Netscape Navigator Application Extension Block Overflow

A remote overflow exists in Apple Quicktime. A remote attacker can create a specially crafted GIF image that when viewed results in a heap overflow. With such an image, an attacker can cause the execution of arbitrary code on a user's system.. Read more at osvdb.org/22338

Vuln: WehnTrust Path Specification Local Privilege Escalation Vulnerability

WehnTrust Path Specification Local Privilege Escalation Vulnerability. Read more at securityfocus.com/bid/16268

Vuln: RedKernel Referrer Tracker Rkrt_stats.PHP Cross-Site Scripting Vulnerability

RedKernel Referrer Tracker Rkrt_stats.PHP Cross-Site Scripting Vulnerability. Read more at securityfocus.com/bid/16266

Vuln: Widexl Download Tracker Down.PL Cross-Site Scripting Vulnerability

Widexl Download Tracker Down.PL Cross-Site Scripting Vulnerability. Read more at securityfocus.com/bid/16265

Vuln: Netbula Anyboard Anyboard.CGI Cross-Site Scripting Vulnerability

Netbula Anyboard Anyboard.CGI Cross-Site Scripting Vulnerability. Read more at securityfocus.com/bid/16264

Re: [Full-disclosure] WehnTrust – When you have to trust Wehntrust

Re: [Full-disclosure] WehnTrust – When you have to trust Wehntrust. Read more at securityfocus.com/archive/1/422046

WehnTrust – When you have to trust Wehntrust

WehnTrust – When you have to trust Wehntrust. Read more at securityfocus.com/archive/1/422020

[SECURITY] [DSA 943-1] New Perl packages fix arbitrary code execution

[SECURITY] [DSA 943-1] New Perl packages fix arbitrary code execution. Read more at securityfocus.com/archive/1/421995

Microsoft knew about the WMF flaw for years

Microsoft knew about the WMF flaw for years. Read more at securityfocus.com/archive/1/422067