Network Security News – Friday, December 30, 2005 Events
LiveJournal cleanhtml.pl XML xsl namespace XSS
LiveJournal contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate XML xsl namespace variables upon submission to the '/cgi-bin/cleanhtml.pl' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/22008
LiveJournal cleanhtml.pl CSS Style Attribute XSS
LiveJournal contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate CSS style attributes in the '/cgi-bin/cleanhtml.pl' script before being saved. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/21896
phpBB Chatspot Module Unspecified SQL Injection
phpBB Chatspot Module contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to an unspecified script not properly sanitizing user-supplied input to an unspecified variable(s). This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/22015
DEV web management system add.php Multiple Variable XSS
DEV web management system contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'language[ENTER_ARTICLE_TITLE]', 'language[SPECIFY_ZONE]', 'language[ENTER_ARTICLE_HEADER]' and 'language[ENTER_ARTICLE_BODY]' variables upon submission to the add.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/22043
DEV web management system download_now.php target Variable SQL Injection
DEV web management system contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the download_now.php script not properly sanitizing user-supplied input to the 'target' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/22042
DEV web management system getfile.php cat Variable SQL Injection
DEV web management system contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the getfile.php script not properly sanitizing user-supplied input to the 'cat' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/22041
DMANews index.php Multiple Variable SQL Injection
DMANews contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.php script not properly sanitizing user-supplied input to the 'id', 'sortorder' and 'display_num' variables. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/21165
DEV web management system openforum.php cat Variable SQL Injection
DEV web management system contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the openforum.php script not properly sanitizing user-supplied input to the 'cat' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/22040
Cerberus Helpdesk Support Center attachment_send.php file_id Variable SQL Injection
Cereberus Helpdesk Support Center contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the attachment_send.php script not properly sanitizing user-supplied input to the 'id' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/21988
myEZshop Shopping Cart admin.php Multiple Variable SQL Injection
myEZshop Shopping Cart contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the admin.php script not properly sanitizing user-supplied input to the 'GroupsId' and 'ItemsId' variables. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/21997
Vuln: TinyMCE Compressor Multiple Vulnerabilities
TinyMCE Compressor Multiple Vulnerabilities. Read more at securityfocus.com/bid/16083
Vuln: Multiple Vendor TCP Sequence Number Approximation Vulnerability
Multiple Vendor TCP Sequence Number Approximation Vulnerability. Read more at securityfocus.com/bid/10183
Leave a Reply