Network Security News – Wednesday, April 27, 2005 Events
DUportal type.asp iCat Variable SQL Injection
DUportal contains a flaw that may allow a remote attacker to inject arbitrary SQL queries. The issue is due to the 'iCat' variable in the 'type.asp' script not being properly sanitized and may allow a remote attacker to inject or manipulate SQL queries.. Read more at osvdb.org/15855
DUportal inc_rating.asp Multiple Variable SQL Injection
DUportal contains a flaw that may allow a remote attacker to inject arbitrary SQL queries. The issue is due to the 'iData' and 'iRate' variables in the 'inc_rating.asp' script not being properly sanitized and may allow a remote attacker to inject or manipulate SQL queries.. Read more at osvdb.org/15854
DUportal inc_poll_voting.asp DAT_PARENT Variable SQL Injection
DUportal contains a flaw that may allow a remote attacker to inject arbitrary SQL queries. The issue is due to the 'DAT_PARENT' variable in the 'inc_poll_voting.asp' script not being properly sanitized and may allow a remote attacker to inject or manipulate SQL queries.. Read more at osvdb.org/15853
DUportal channel.asp iChannel Variable SQL Injection
DUportal contains a flaw that may allow a remote attacker to inject arbitrary SQL queries. The issue is due to the 'iChannel' variable in the 'channel.asp' script not being properly sanitized and may allow a remote attacker to inject or manipulate SQL queries.. Read more at osvdb.org/15852
DUportal Pro search.asp iChannel Variable SQL Injection
DUportal Pro contains a flaw that may allow a remote attacker to inject arbitrary SQL queries. The issue is due to the 'iChannel' variable in the 'search.asp' script not being properly sanitized and may allow a remote attacker to inject or manipulate SQL queries.. Read more at osvdb.org/15833
DUportal Pro result.asp Multiple Variable SQL Injection
DUportal Pro contains a flaw that may allow a remote attacker to inject arbitrary SQL queries. The issue is due to the 'iChannel' and 'iData' variables in the 'result.asp' script not being properly sanitized and may allow a remote attacker to inject or manipulate SQL queries.. Read more at osvdb.org/15835
DUportal Pro inc_vote.asp Multiple Variable SQL Injection
DUportal Pro contains a flaw that may allow a remote attacker to inject arbitrary SQL queries. The issue is due to the 'CHA_ID', 'POL_ID', 'POL_CTEGORY', and 'POL_PARENT' variables in the 'inc_vote.asp' script not being properly sanitized and may allow a remote attacker to inject or manipulate SQL queries.. Read more at osvdb.org/15834
DUportal Pro detail.asp Multiple Variable SQL Injection
DUportal Pro contains a flaw that may allow a remote attacker to inject arbitrary SQL queries. The issue is due to the 'nChannel', 'iChannel', 'iData', and 'iCat' variables in the 'detail.asp' script not being properly sanitized and may allow a remote attacker to inject or manipulate SQL queries.. Read more at osvdb.org/15837
DUportal Pro default.asp Multiple Variable SQL Injection
DUportal Pro contains a flaw that may allow a remote attacker to inject arbitrary SQL queries. The issue is due to the 'iChannel' and 'nChannel' variables in the 'default.asp' script not being properly sanitized and may allow a remote attacker to inject or manipulate SQL queries.. Read more at osvdb.org/15832
DUportal Pro cat.asp Multiple Variable SQL Injection
DUportal Pro contains a flaw that may allow a remote attacker to inject arbitrary SQL queries. The issue is due to the 'iCat', 'iChannel', and 'nChannel' variable in the 'cat.asp' script not being properly sanitized and may allow a remote attacker to inject or manipulate SQL queries.. Read more at osvdb.org/15836
Convert-UUlib Perl Module Buffer Overflow Vulnerability
Convert-UUlib is a Perl module that provides an interface to the uulib library.Convert-UUlib is prone to a remotely exploitable buffer overflow vulnerability. This vul…
. Read more at securityfocus.com/bid/13401?ref=rss
BEA WebLogic Server And WebLogic Express Administration Console Cross-Site Scripting Vulnerability
WebLogic Server and WebLogic Express are enterprise application server products distributed by BEA Systems.A remote cross-site scripting vulnerability affects BEA WebLo…
. Read more at securityfocus.com/bid/13400?ref=rss
BBlog PostID Parameter SQL Injection Vulnerability
bBlog is a Web based blogging application that is implemented in PHP.bBlog is prone to an SQL injection vulnerability. This issue is due to a failure in the applicatio…
. Read more at securityfocus.com/bid/13398?ref=rss
Leave a Reply