Magnolia Search Feature search.html query Variable XSS

Network Security News – Tuesday, December 20, 2005 Events

Magnolia Search Feature search.html query Variable XSS

Search Feature contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'query' variables upon submission to the search.html script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/21795

ezDatabase index.php cat_id Variable Path Disclosure

ezDatabase contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker accesses index.php directly with a malformed 'cat_id' parameter, which will disclose the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.. Read more at osvdb.org/21798

ezDatabase index.php db_id Variable SQL Injection

ezDatabase contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.php script not properly sanitizing user-supplied input to the 'db_id' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/21797

ezDatabase index.php p Variable Local File Inclusion

ezDatabase contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to index.php not properly sanitizing user input supplied to the 'p' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/21796

AlmondSoft Products index.php id Variable SQL Injection

Almond Personals, Almond Classifieds E-Commerce Edition, Almond Classifieds Pro Edition and Almond Classifieds Standard Edition contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.php script not properly sanitizing user-supplied input to the 'id' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/21783

Komodo CMS page.php page Variable SQL Injection

Komodo CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the page.php script not properly sanitizing user-supplied input to the 'page' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/21792

ScareCrow profile.cgi user Variable XSS

ScareCrow contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the "user" variable upon submission to the profile.cgi script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/21778

WowBB search.php q Variable SQL Injection

WowBB contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'search.php' script not properly sanitizing user-supplied input to the 'q' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/21441

WowBB view_user.php sort_by Variable SQL Injection

WowBB contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'view_user.php' script not properly sanitizing user-supplied input to the 'sort_by' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/21442

Post Affiliate Pro index.php sortorder Variable SQL Injection

Post Affiliate Pro contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'sortorder' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/21172