PluggedOut Blog exec.php entryid Variable SQL Injection

Network Security News – Wednesday, February 08, 2006 Events

PluggedOut Blog exec.php entryid Variable SQL Injection

PluggedOut Blog contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the exec.php script not properly sanitizing user-supplied input to the 'entryid' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/22926

PluggedOut Blog problem.php data Variable XSS

PluggedOut Blog contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'data' variable upon submission to the problem.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/22927

Gallery Crafted File Path Manipulation Arbitrary Code Execution

Gallery contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a user with write access to a server creates a crafted link and tricks an administrator to follow the link. This flaw may lead to a loss of integrity.. Read more at osvdb.org/22944

Gallery zipdownload Malformed Zip Agressive File Deletion DoS

Gallery contains a flaw that may allow a remote denial of service. The issue is triggered when a the server attempts to create a zip archive and fails, and will result in deleting the parent folder of the directory where the zip archive was supposed to be.. Read more at osvdb.org/22943

CommuniGate Pro Server LDAP DN Overflow

A remote overflow exists in CommuniGate Pro Core Server. The product fails to handle numerous DNs correctly resulting in an integer overflow. With a specially crafted request, an attacker can execute arbitrary code resulting in a loss of integrity.. Read more at osvdb.org/22932

Microsoft HTML Help Workshop .hhp Parsing Overflow

A local overflow exists in HTML Help Workshop. HTML Help Workshop fails to check an unspecified buffer when reading .hhp files resulting in a buffer overflow. With a specially crafted file, an attacker can cause code execution by the individual opening the .hhp file resulting in a loss of integrity.. Read more at osvdb.org/22941