Audit My PC - Free Internet Security Audit

Firewall Test and web tools to check your security and privacy

Pearlinger Multiple Product password.php Multiple Variable Remote File Inclusion

Network Security News – Friday, July 21, 2006 Events

Pearlinger Multiple Product password.php Multiple Variable Remote File Inclusion

Pearlinger Multiple Products contain a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the includes/password.php script not properly sanitizing user input supplied to the 'GlobalSettings[templatesDirectory]' and 'Document[languagePreference]' variables. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/27180

Pearlinger Multiple Product notify.php GlobalSettings[templatesDirectory] Variable Remote File Inclusion

Pearlinger Multiple Products contain a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the includes/notify.php script not properly sanitizing user input supplied to the 'GlobalSettings[templatesDirectory]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/27194

Pearlinger Multiple Product merge.php GlobalSettings[templatesDirectory] Variable Remote File Inclusion

Pearlinger Multiple Products contain a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the includes/merge.php script not properly sanitizing user input supplied to the 'GlobalSettings[templatesDirectory]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/27193

Pearlinger Multiple Product topics.php GlobalSettings[templatesDirectory] Variable Remote File Inclusion

Pearlinger Multiple Products contain a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the includes/topics.php script not properly sanitizing user input supplied to the 'GlobalSettings[templatesDirectory]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/27201

Pearlinger Multiple Product members.php GlobalSettings[templatesDirectory] Variable Remote File Inclusion

Pearlinger Multiple Products contain a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the includes/members.php script not properly sanitizing user input supplied to the 'GlobalSettings[templatesDirectory]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/27192

Pearlinger Multiple Product terms.php Document[languagePreference] Variable Remote File Inclusion

Pearlinger Multiple Products contain a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the includes/terms.php script not properly sanitizing user input supplied to the 'Document[languagePreference]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/27200

Pearlinger Multiple Product split.php GlobalSettings[templatesDirectory] Variable Remote File Inclusion

Pearlinger Multiple Products contain a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the includes/split.php script not properly sanitizing user input supplied to the 'GlobalSettings[templatesDirectory]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/27199

Pearlinger Multiple Product search.php GlobalSettings[templatesDirectory] Variable Remote File Inclusion

Pearlinger Multiple Products contain a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the includes/search.php script not properly sanitizing user input supplied to the GlobalSettings[templatesDirectory]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/27198

Pearlinger Multiple Product register.php GlobalSettings[templatesDirectory] Variable Remote File Inclusion

Pearlinger Multiple Products contain a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the includes/register.php script not properly sanitizing user input supplied to the 'GlobalSettings[templatesDirectory]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/27197

Pearlinger Multiple Product profile.php GlobalSettings[templatesDirectory] Variable Remote File Inclusion

Pearlinger Multiple Products contain a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the includes/profile.php script not properly sanitizing user input supplied to the 'GlobalSettings[templatesDirectory]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/27196

Vuln: PHP Multiple Unspecified Vulnerabilities

PHP Multiple Unspecified Vulnerabilities. Read more at securityfocus.com/bid/17843

Vuln: Sendmail Malformed MIME Message Denial Of Service Vulnerability

Sendmail Malformed MIME Message Denial Of Service Vulnerability. Read more at securityfocus.com/bid/18433

Vuln: PHP Multiple Safe_Mode and Open_Basedir Restriction Bypass Vulnerabilities

PHP Multiple Safe_Mode and Open_Basedir Restriction Bypass Vulnerabilities

. Read more at securityfocus.com/bid/17439

Vuln: FreeType TTF File Remote Denial of Service Vulnerability

FreeType TTF File Remote Denial of Service Vulnerability. Read more at securityfocus.com/bid/18329

[security bulletin] HPSBUX02108 SSRT061133 rev.12 – HP-UX Running Sendmail, Remote Execution of Arbitrary Code

[security bulletin] HPSBUX02108 SSRT061133 rev.12 – HP-UX Running Sendmail, Remote Execution of Arbitrary Code. Read more at securityfocus.com/archive/1/440658

[ MDKSA-2006:129 ] – Updated freetype2 packages fixes overflow vulnerability.

[ MDKSA-2006:129 ] – Updated freetype2 packages fixes overflow vulnerability.

. Read more at securityfocus.com/archive/1/440653

[MajorSecurity #22] Top XL <=1.1 – XSS and cookie disclosure

[MajorSecurity #22] Top XL <=1.1 – XSS and cookie disclosure. Read more at securityfocus.com/archive/1/440652

[MajorSecurity #21] phpFaber TopSites <=2.0.9 – SQL Injection Vulnerability

[MajorSecurity #21] phpFaber TopSites <=2.0.9 – SQL Injection Vulnerability. Read more at securityfocus.com/archive/1/440648

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *