Network Security News – Saturday, July 22, 2006 Events
BandSite CMS disphtmltbl.php root_path Variable Remote File Inclusion
BandSite CMS contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the adminpanel/includes/mailinglist/disphtmltbl.php script not properly sanitizing user input supplied to the 'root_path' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/27251
BandSite CMS dispxls.php root_path Variable Remote File Inclusion
BandSite CMS contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the adminpanel/includes/mailinglist/dispxls.php script not properly sanitizing user input supplied to the 'root_path' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/27252
BandSite CMS contact_content.php root_path Variable Remote File Inclusion
BandSite CMS contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the includes/content/contact_content.php script not properly sanitizing user input supplied to the 'root_path' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/27233
BandSite CMS addwearmerchform.php root_path Variable Remote File Inclusion
BandSite CMS contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the adminpanel/includes/add_forms/addwearmerchform.php script not properly sanitizing user input supplied to the 'root_path' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/27250
BandSite CMS addshowsform.php root_path Variable Remote File Inclusion
BandSite CMS contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the adminpanel/includes/add_forms/addshowsform.php script not properly sanitizing user input supplied to the 'root_path' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/27249
BandSite CMS addreviewsform.php root_path Variable Remote File Inclusion
BandSite CMS contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the adminpanel/includes/add_forms/addreviewsform.php script not properly sanitizing user input supplied to the 'root_path' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/27248
BandSite CMS addrelmerchform.php root_path Variable Remote File Inclusion
BandSite CMS contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the adminpanel/includes/add_forms/addrelmerchform.php script not properly sanitizing user input supplied to the 'root_path' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/27247
BandSite CMS addfliersform.php root_path Variable Remote File Inclusion
BandSite CMS contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the adminpanel/includes/add_forms/addfliersform.php script not properly sanitizing user input supplied to the 'root_path' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/27235
BandSite CMS addbioform.php root_path Variable Remote File Inclusion
BandSite CMS contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the adminpanel/includes/add_forms/addbioform.php script not properly sanitizing user input supplied to the 'root_path' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/27234
Cisco Unified CallManager CLI Unspecified Arbitrary Command Execution
Cisco Unified CallManager contains a flaw that may allow a malicious administrator to gain access to unauthorized privileges in the OS. The issue is triggered when an unspecified CLI vulnerability is exploited by a logged-on administrator to execute arbitrary commands. This flaw may lead to a loss of integrity.. Read more at osvdb.org/27160
Vuln: Microsoft Windows DHCP Client Service Remote Code Execution Vulnerability
Microsoft Windows DHCP Client Service Remote Code Execution Vulnerability. Read more at securityfocus.com/bid/18923
Vuln: Microsoft MDAC RDS.Dataspace ActiveX Control Remote Code Execution Vulnerability
Microsoft MDAC RDS.Dataspace ActiveX Control Remote Code Execution Vulnerability. Read more at securityfocus.com/bid/17462
Vuln: Cyrus IMAPD POP3D Remote Buffer Overflow Vulnerability
Cyrus IMAPD POP3D Remote Buffer Overflow Vulnerability
. Read more at securityfocus.com/bid/18056
Leave a Reply