Network Security News – Tuesday, April 18, 2006 Events
Web+Shop store.wml storeid Variable Path Disclosure
Web+Shop contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker submits a request to the store.wml script with an invalid value in the 'storeid' variable, which will disclose the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.. Read more at osvdb.org/24621
RateIt rateit.php rateit_id Variable SQL Injection
RateIt contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the rateit.php script not properly sanitizing user-supplied input to the 'rateit_id' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/24622
Amaya textarea rows Attribute Value Overflow
A remote overflow exists in Amaya. The product fails to filter hostile input associated with the 'textarea rows' html attribute resulting in a stack overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/24623
Amaya legend color Attribute Value Overflow
A remote overflow exists in Amaya. The product fails to filter hostile input associated with the 'color legend' html attribute resulting in a stack overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/24624
Leave a Reply