MySQL Eventum custom_fields_graph.php SQL Injection

Network Security News – Wednesday, August 03, 2005 Events

MySQL Eventum custom_fields_graph.php SQL Injection

MySQL Eventum contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'custom_fields_graph.php' script not properly sanitizing user-supplied input to the report class. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/18405

MySQL Eventum custom_fields.php SQL Injection

MySQL Eventum contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'custom_fields.php' script not properly sanitizing user-supplied input to the report class. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/18404

PHPFreeNews Logout.php Arbitrary Site Redirect

PHPFreeNews contains a flaw that may allow a remote attacker to trick a user into visiting an arbitrary site under the apparent trust of a legitimate site. The issue is due to the Logout.php script providing a site redirect to an arbitrary web site. This may give an attacker a way to trick a user into clicking what appears to be a legitimate URL of a valid site, but really leads them to an arbitrary site with malicious content.. Read more at osvdb.org/18453

PHPFreeNews Login password Field SQL Injection

PHPFreeNews contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the Login routine not properly sanitizing user-supplied input to the 'password' field. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/18457

PHPFreeNews Footer.php ScriptVersion Variable XSS

PHPFreeNews contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'ScriptVersion' variable upon submission to the Footer.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/18451

PHPFreeNews Default Admin Account Password

By default, PHPFreeNews installs with a default password. The 'Admin' account has a password of 'Admin' which is publicly known and documented. This allows attackers to trivially access the program or system.. Read more at osvdb.org/18456

PHPFreeNews admin.php Information Disclosure

PHPFreeNews contains a flaw that may lead to an unauthorized information disclosure. Өe issue is triggered when an attacker visits the admin.php script, which will disclose the PHP and MySQL versions resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.. Read more at osvdb.org/18455

PHPFreeNews /inc/ Multiple Script Direct Request Path Disclosure

PHPFreeNews contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker directly requests any number of scripts in the /inc/ directory, which will disclose the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.. Read more at osvdb.org/18454

PHPFreeNews ScriptFunctions.php Multiple Variable XSS

PHPFreeNews contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'NewsDir', 'PopupWidth', or 'PopupHeight' variables upon submission to the ScriptFunctions.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/18452

Dragonfly Commerce ratings.asp PID Variable SQL Injection

Dragonfly Commerce contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the ratings.asp script not properly sanitizing user-supplied input to the 'PID' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/18443

Vuln: Naxtor Shopping Cart Shop_Display_Products.PHP SQL Injection Vulnerability

Naxtor Shopping Cart Shop_Display_Products.PHP SQL Injection Vulnerability. Read more at securityfocus.com/bid/14456

Vuln: Pablo Software Solutions Quick ‘n Easy FTP Server User Command Denial of Service Vulnerability

Pablo Software Solutions Quick ‘n Easy FTP Server User Command Denial of Service Vulnerability. Read more at securityfocus.com/bid/14451

Vuln: Microsoft ActiveSync Network Synchronization Multiple Vulnerabilities

Microsoft ActiveSync Network Synchronization Multiple Vulnerabilities

. Read more at securityfocus.com/bid/14457

Vuln: ProRat Server Remote Buffer Overflow Vulnerability

ProRat Server Remote Buffer Overflow Vulnerability. Read more at securityfocus.com/bid/14458

CAID 33239 – Computer Associates BrightStor ARCserve/Enterprise Backup Agents buffer overflow vulnerability

CAID 33239 – Computer Associates BrightStor ARCserve/Enterprise Backup Agents buffer overflow vulnerability. Read more at securityfocus.com/archive/1/407098

[NOBYTES.COM: #8] Naxtor Shopping Cart 1.0 – Information Disclosure & Possible SQL Injection

[NOBYTES.COM: #8] Naxtor Shopping Cart 1.0 – Information Disclosure & Possible SQL Injection. Read more at securityfocus.com/archive/1/407104

Quick ‘n Easy FTP Server 3.0 pro / lite (buffer overflow vulnerabilities)

Quick ‘n Easy FTP Server 3.0 pro / lite (buffer overflow vulnerabilities)

. Read more at securityfocus.com/archive/1/407083

[ GLSA 200508-03 ] nbSMTP: Format string vulnerability

[ GLSA 200508-03 ] nbSMTP: Format string vulnerability. Read more at securityfocus.com/archive/1/407089