Network Security News – Friday, June 16, 2006 Events
Content*Builder user_managment/usrPortrait.inc.php lang_path Variable Remote File Inclusion
Content*Builder contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the /cms/plugins/user_managment/usrPortrait.inc.php script not properly sanitizing user input supplied to the 'lang_path' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/26346
Content*Builder user_managment/user.inc.php lang_path Variable Remote File Inclusion
Content*Builder contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the /cms/plugins/user_managment/user.inc.php script not properly sanitizing user input supplied to the 'lang_path' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/26347
Content*Builder sitemap/sitemap.inc.php path[cb] Variable Remote File Inclusion
Content*Builder contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the /modules/sitemap/sitemap.inc.php script not properly sanitizing user input supplied to the 'path[cb]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/26354
Content*Builder shoutbox/shoutBox.php path[cb] Variable Remote File Inclusion
Content*Builder contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the /modules/shoutbox/shoutBox.php script not properly sanitizing user input supplied to the 'path[cb]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/26353
Content*Builder poll/poll.inc.php lang_path Variable Remote File Inclusion
Content*Builder contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the /cms/plugins/poll/poll.inc.php script not properly sanitizing user input supplied to the 'lang_path' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/26345
Content*Builder newsletter2/newsletter.inc.php lang_path Variable Remote File Inclusion
Content*Builder contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the /cms/plugins/newsletter2/newsletter.inc.php script not properly sanitizing user input supplied to the 'lang_path' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/26351
Content*Builder headline/showHeadline.inc.php rel Variable Remote File Inclusion
Content*Builder contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the /modules/headline/showHeadline.inc.php script not properly sanitizing user input supplied to the 'rel' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/26363
Content*Builder media_manager/media.inc.php lang_path Variable Remote File Inclusion
Content*Builder contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the /cms/plugins/media_manager/media.inc.php script not properly sanitizing user input supplied to the 'lang_path' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/26349
Content*Builder headline/headlineBox.php rel Variable Remote File Inclusion
Content*Builder contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the /modules/headline/headlineBox.php script not properly sanitizing user input supplied to the 'rel' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/26362
Content*Builder guestbook/guestbook.inc.php path[cb] Variable Remote File Inclusion
Content*Builder contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the /modules/guestbook/guestbook.inc.php script not properly sanitizing user input supplied to the 'path[cb]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/26352
Vuln: KDE KDM Session Type Symbolic Link Vulnerability
KDE KDM Session Type Symbolic Link Vulnerability. Read more at securityfocus.com/bid/18431
Vuln: DeluxeBB Multiple Remote File Include Vulnerabilities
DeluxeBB Multiple Remote File Include Vulnerabilities. Read more at securityfocus.com/bid/18455
Leave a Reply