Wikepage index.php lng Variable Local File Inclusion

Network Security News – Thursday, August 31, 2006 Events

Wikepage index.php lng Variable Local File Inclusion

Wikepage contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to index.php not properly sanitizing user input supplied to the 'lng' variable. This may allow an attacker to include a local file that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/28177

Community Builder for Joomla plugin.class.php mosConfig_absolute_path Variable Remote File Inclusion

Community Builder contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to plugin.class.php not properly sanitizing user input supplied to the 'mosConfig_absolute_path' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/28241

Microsoft IE Embedded CLSID COM Object Arbitrary Code Execution

Microsoft Internet Explorer contains a flaw that may allow a malicious user to corrupt memory. The issue is triggered when the user accesses a maliciously crafted web page that instantiates COM objects which were not intended for use with IE, as ActiveX controls. It is possible that the flaw may allow for arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/21763

Microsoft IE Download Window Filename Filetype Spoofing

Microsoft Internet Explorer contains a flaw related to the download dialog that may allow an attacker to spoof the content of such a download dialog using the Window.createPopup() function, tricking a user in downloading and executing a malicious file. No further details have been provided.. Read more at osvdb.org/7776

Microsoft IE Cross Site Window Location Information Disclosure

Microsoft Internet Explorer contains a flaw that may lead to an unauthorized information disclosure. Өe issue is triggered when a user accesses a web page that contains a malicious script that persists across navigation between pages, which will disclose window location of visited web pages in other domains resulting in a loss of confidentiality.. Read more at osvdb.org/27850

eFiction loggedin Variable Manipulation Authentication Bypass

eFiction contains a flaw that may allow a malicious user to bypass certain security restrictions. The issue is triggered due to an error in the authentication process, which can be exploited setting the 'loggedin' variable to '1'. It is possible that the flaw may allow administrative access resulting in a loss of integrity.. Read more at osvdb.org/28237

Cacti config_settings.php id Variable SQL Injection

Cacti contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'config_settings.php' script not properly sanitizing user-supplied input to the 'id' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/17424

Linux Kernel restore_all Function Local DoS

The Linux kernel contains a flaw that may allow a local denial of service. The issue is triggered when an application provides an incorrect %ds or %es register to the path in arch/i386/kernel/entry.S:restore_all, and will result in kernel panic.. Read more at osvdb.org/28120

Microsoft IE createTextRange Security Bypass (LinKiller)

Microsoft Internet Explorer contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a user accesses a malicious web site, which hijacks the 'document.body.createTextRange' method and may disclose arbitrary file information resulting in a loss of confidentiality.. Read more at osvdb.org/7889

PHPProBid viewfeedback.php Multiple Variable SQL Injection

PHPProBid contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'viewfeedback.php' script not properly sanitizing user-supplied input to the 'view' or 'start' variables. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/27545

Vuln: Sendmail Long Header Denial Of Service Vulnerability

Sendmail Long Header Denial Of Service Vulnerability. Read more at securityfocus.com/bid/19714

Vuln: Libmusicbrainz Multiple Buffer Overflow Vulnerabilities

Libmusicbrainz Multiple Buffer Overflow Vulnerabilities. Read more at securityfocus.com/bid/19508

Vuln: Mozilla Firefox FTP Denial of Service Vulnerability

Mozilla Firefox FTP Denial of Service Vulnerability

. Read more at securityfocus.com/bid/19678

Vuln: All Topics phpBB module SQL Injection Vulnerability

All Topics phpBB module SQL Injection Vulnerability. Read more at securityfocus.com/bid/19682

feedsplitter considered harmful

feedsplitter considered harmful. Read more at securityfocus.com/archive/1/444805

Re: JetBox cms (search_function.php) Remote File Include

Re: JetBox cms (search_function.php) Remote File Include

. Read more at securityfocus.com/archive/1/444777

ezContents Version 2.0.3 Remote/Local File Inclusion, SQL Injection, XSS

ezContents Version 2.0.3 Remote/Local File Inclusion, SQL Injection, XSS. Read more at securityfocus.com/archive/1/444779

osCommerce < 2.2 Milestone 2 060817 POC Exploit

osCommerce < 2.2 Milestone 2 060817 POC Exploit. Read more at securityfocus.com/archive/1/444780