PHP Upload Center Multiple Extension Arbitrary File Upload

Network Security News – Monday, March 06, 2006 Events

PHP Upload Center Multiple Extension Arbitrary File Upload

PHP Upload Center contains a flaw that may allow a malicious user to upload PHP files within the upload directory which is inside the web root. The issue is triggered when the file is requested from a web request, causing the PHP to be executed. It is possible that the flaw may allow arbitrary code execution as the web server resulting in a loss of integrity.. Read more at osvdb.org/23626

LetterMerger Database Local Information Disclosure

LetterMerger contains a flaw that may lead to an unauthorized information disclosure. The issue is due to user supplied information being stored with insecure permissions in Microsoft Access database files.. Read more at osvdb.org/23599

Aztek Forum User Registration Overflow Information Disclosure

Aztek Forum contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a large username is used when registering a new user, which will disclose the installation path resulting in a loss of confidentiality.. Read more at osvdb.org/23612

NZ Ecommerce index.php Multiple Variable SQL Injection

NZ Ecommerce contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.php script not properly sanitizing user-supplied input to the 'informationID' and 'ParentCategory' variables. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/23601

NZ Ecommerce index.php action Variable XSS

NZ Ecommerce contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'action' variable upon submission to the index.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/23600

RaidenHTTPD Crafted Request Script Source Disclosure

RaidenHTTPD contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a specially crafted request containing dot, space, and slash characters in the filename extention is supplied, which will disclose the source code of script files (e.g. PHP) from the server resulting in a loss of confidentiality.. Read more at osvdb.org/23616