Easy Forum join.php Image URL Field XSS

Network Security News – Sunday, February 26, 2006 Events

Easy Forum join.php Image URL Field XSS

Easy Forum contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the Image URL field upon submission to the 'join.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/23430

CuteNews show_news.php show Variable XSS

CuteNews contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'show' variable upon submission to the 'show_news.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/23400

RunCMS ratefile.php lid Variable XSS

RunCMS contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'lid' variable upon submission to the 'ratefile.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/23388

Lotus Domino Multiple Function Potential DoS

Lotus Domino contains several flaws which may allow an unprivileged attacker to create a denial of service condition. Due to a lack of published details, it is not clear if each method can be abused by an unprivileged user or not. If additional details are published, seperate entries may be created for some issues.. Read more at osvdb.org/23485

SpeedProject Products ZIP/JAR Archive Traversal Arbitrary File Overwrite

SpeedProject SpeedCommander, ZipStar, and Squeez contain a flaw that allows a remote attacker to overwrite files outside of the target path. The issue is due to the programs not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via a manipulated ZIP or JAR archive.. Read more at osvdb.org/23465

WinACE RAR/TAR Archive Traversal Arbitrary File Overwrite

WinACE contains a flaw that allows a remote attacker to overwrite files outside of the extraction target path. The issue is due to the programs not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via a manipulated RAR or TAR archive.. Read more at osvdb.org/23464

StuffIt / ZipMagic Archive Traversal Arbitrary File Overwrite

StuffIt Standard, StuddIt Deluxe, ZipMagic Deluxe, and StuffIt Expandercontain a flaw that allows a remote attacker to overwrite files outside of the target path. The issue is due to the programs not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via a manipulated ZIP or TAR archive. Read more at osvdb.org/23463

Simple Machines Forum Register.php X-Forwarded-For XSS

Simple Machines Forum contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'X-Forwarded-For' HTTP header variables upon submission to the 'Register.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/23480

NOCC functions.php Accept-Language HTTP Field Local PHP File Inclusion

NOCC contains a flaw that may allow a malicious user to execute arbitrary code on the target server. The issue is triggered because the application fails to properly sanitize input supplied to the 'functions.php' script via the 'Accept-Language' HTTP header filed. It is possible that the flaw may allow an attacker to include an arbitrary .php file from the server, which will be executed under the privilege of the web server.. Read more at osvdb.org/23418

ShoutLIVE savesettings.php Multiple Field Arbitrary PHP Code Execution

ShoutLIVE contains a flaw that may allow a malicious user to execute arbitrary code on the server. The issue is triggered because the application does not verify all input supplied to the 'settings.php' script. It is possible that the flaw may allow an attacker to inject PHP code in these fields which is then executed on the server, resulting in a loss of integrity.. Read more at osvdb.org/23482

Vuln: ArGoSoft FTP Server DELE Command Remote Buffer Overrun Vulnerability

ArGoSoft FTP Server DELE Command Remote Buffer Overrun Vulnerability. Read more at securityfocus.com/bid/12755