Network Security News – Monday, July 24, 2006 Events
bitweaver index.php HTTP CRLF injection vulnerability
Bitweaver contains a flaw that may allow a malicious user to conduct HTTP response splitting attacks using CRLF sequences. The issue is triggered when CRLF sequences are injected into multiple parameters in the HTTP Header of index.php including the BWSESSION parameter.. Read more at osvdb.org/26590
DoubleSpeak Multiple Script SQL Injection (Myth/Fake)
igloo DoubleSpeak has been reported to contain a flaw that may allow an attacker to carry out an SQL injection attack. The issue is reportedly due to the index.php, faq.php, and hardware.php script not properly sanitizing user-supplied input to the 'config[private]' variable. However, subsequent examination and testing indicates that input is sanitized before being used in a query removing opportunity for injection.. Read more at osvdb.org/27436
Top XL /members/index.php id Variable XSS
Top XL contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'id' variable upon submission to the /members/index.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/27414
Top XL add.php Multiple Variable XSS
Top XL contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'pass' and 'pass2' variables upon submission to the add.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/27413
phpFaber TopSites index.php Multiple Variable SQL Injection
phpFaber TopSites contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.php script not properly sanitizing user-supplied input to the 'i_cat' and 'method' variables. This may allow an attacker to inject or manipulate SQL queries in the backend database. Additionally, some parts of user input is echoed during SQL error output which may allow an attacker to conduct a cross-site scripting attack. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/27415
FileCOPA FTP Server LIST Command Overflow
A remote or local overflow exists in FileCOPA FTP server. The server fails to handle a long (Approx 350 bytes) parameter to the LIST command resulting in a buffer overflow. With a specially crafted LIST command, an attacker can cause a denial of service or possibly execute arbitrary code.. Read more at osvdb.org/27389
Eskolar CMS upd_doc.php SQL Injection
Eskolar CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the upd_doc.php script not properly sanitizing user-supplied input to an unspecified variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/27399
Eskolar CMS set_12.php SQL Injection
Eskolar CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the set_12.php script not properly sanitizing user-supplied input to an unspecified variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/27397
Eskolar CMS set_14.php SQL Injection
Eskolar CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the set_14.php script not properly sanitizing user-supplied input to an unspecified variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/27398
Eskolar CMS php/esa.php Multiple Variable SQL Injection
Eskolar CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the php/esa.php script not properly sanitizing user-supplied input to the "uid" and "pwd" variables. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/27392
Leave a Reply