Audit My PC - Free Internet Security Audit

Firewall Test and web tools to check your security and privacy

Tradesoft CMS Unspecified SQL Injection

Network Security News – Thursday, February 09, 2006 Events

Tradesoft CMS Unspecified SQL Injection

Tradesoft CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to unspecified script not properly sanitizing user-supplied input to unspecified variable(s). This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/22863

Symantec Sygate Management Server Authentication Applet SQL Injection

Sygate Management Server contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the authentication applet not properly sanitizing user-supplied input to unspecified variable(s). This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/22883

PHP GEN Multiple Unspecified XSS

PHP GEN contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate unspecified variable(s) upon submission to unspecified script(s). This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/22884

MX Shop Pages Module Multiple Variable SQL Injection

MX Shop contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script in the pages module not properly sanitizing user-supplied input to the 'idp', 'id_ctg' and 'id_prd' variables. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/19611

Joomla! User Activation SQL Injection

Joomla! contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the user activation script not properly sanitizing user-supplied input to unspecified variable(s). This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/20023

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *