Network Security News – Tuesday, February 07, 2006 Events
Loudblog backend_settings.php GLOBALS[path] Variable Remote File Inclusion
Loudblog contains a flaw that may allow an attacker to carry out a remote file inclusion attack. The issue is due to the "loudblog/inc/backend_settings.php" script not properly sanitizing user-supplied input to the "path" variable. This may allow a remote attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/22921
Blue Coat ProxySG SGOS HTTP Proxy Arbitrary Port Connection
ProxySG SGOS contains a flaw that may allow a remote malicious user to bypass proxy restrictions. The issue is triggered when processing a "CONNECT" method sent to an arbitrary port. It is possible that the flaw may result in a loss of integrity.. Read more at osvdb.org/22853
PHP Download Manager files.php cat Variable SQL Injection
PHP Download Manager contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the files.php script not properly sanitizing user-supplied input to the 'cat' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/22827
PHPCafe Tutorial Manager index.php id Variable SQL Injection
PHPCafe Tutorial Manager contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.php script not properly sanitizing user-supplied input to the 'id' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/22795
SPIP Session Handling Petition Posting Multiple Unspecified SQL Injection
SPIP contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the session handling not properly sanitizing user-supplied input to unspecified variable(s) during petition posting. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/22848
Digger Solutions Intranet Open Source project-edit.asp project_id Variable SQL Injection
Intranet Open Source contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the project-edit.asp script not properly sanitizing user-supplied input to the 'project_id' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/19574
MyBulletinBoard (MyBB) global.php templatelist Variable SQL Injection
MyBB contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the global.php script not properly sanitizing user-supplied input to the 'templatelist' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/22903
CA Message Queuing Port 4105 Crafted Message DoS
CA Message Queueing contains a flaw that may allow a remote denial of service. The issue is triggered when crafted messages are received on TCP port 4105, and will result in loss of availability for the service.. Read more at osvdb.org/21146
Papoo New User Registration username Field XSS
Papoo contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate "username" variable upon submission to the user_class.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/22913
Leave a Reply