Audit My PC - Free Internet Security Audit

Firewall Test and web tools to check your security and privacy

Forum Russian Board (FRB) reply_in.php Multiple Variable SQL Injection

Network Security News – Friday, August 05, 2005 Events

Forum Russian Board (FRB) reply_in.php Multiple Variable SQL Injection

Forum Russian Board (FRB) contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'reply_in.php' script not properly sanitizing user-supplied input to the 'name_reply' and 'email_reply' variables. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/17500

Forum Russian Board (FRB) search_msg_us.php id Variable SQL Injection

Forum Russian Board (FRB) contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'search_msg_us.php' script not properly sanitizing user-supplied input to the 'id' variable. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/17495

Forum Russian Board (FRB) send_mail_user.php id_mail Variable SQL Injection

Forum Russian Board (FRB) contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'send_mail_user.php' script not properly sanitizing user-supplied input to the 'id_mail' variable. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/17494

Forum Russian Board (FRB) set.php name_ig_array[1] Variable SQL Injection

Forum Russian Board (FRB) contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'set.php' script not properly sanitizing user-supplied input to the 'name_ig_array[1]' variable. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/17499

Forum Russian Board (FRB) view_profile.php id Variable SQL Injection

Forum Russian Board (FRB) contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'view_profile.php' script not properly sanitizing user-supplied input to the 'id' variable. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/17484

Forum Russian Board (FRB) menu_footer.php Multiple Variable XSS

Forum Russian Board (FRB) contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'rows_all', 'color_fon_info', 'target', 'patch_images' and 'text_poisk_form' variables upon submission to the 'menu_footer.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/17485

Forum Russian Board (FRB) menu_header.php table_sql Variable SQL Injection

Forum Russian Board (FRB) contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'menu_header.php' script not properly sanitizing user-supplied input to the 'table_sql' variable. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/17498

Forum Russian Board (FRB) new.php name_ig_array1[1] Variable SQL Injection

Forum Russian Board (FRB) contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'new.php' script not properly sanitizing user-supplied input to the 'name_ig_array1[1]' variable. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/17502

Forum Russian Board (FRB) registr_1.php telephone Variable SQL Injection

Forum Russian Board (FRB) contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'registr_1.php' script not properly sanitizing user-supplied input to the 'telephone' variable. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/17497

Forum Russian Board (FRB) reply.php name_ig_array1[1] Variable SQL Injection

Forum Russian Board (FRB) contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'reply.php' script not properly sanitizing user-supplied input to the 'name_ig_array1[1]' variable. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/17501

Vuln: EKG LIbGadu Multiple Remote Integer Overflow Vulnerabilities

EKG LIbGadu Multiple Remote Integer Overflow Vulnerabilities. Read more at securityfocus.com/bid/14345

Vuln: Linux-HA Heartbeat Insecure Temporary File Creation Vulnerability

Linux-HA Heartbeat Insecure Temporary File Creation Vulnerability. Read more at securityfocus.com/bid/14233

Vuln: PortailPHP Index.PHP SQL Injection Vulnerability

PortailPHP Index.PHP SQL Injection Vulnerability

. Read more at securityfocus.com/bid/14474

Vuln: McDATA E/OS Remote Denial Of Service Vulnerability

McDATA E/OS Remote Denial Of Service Vulnerability. Read more at securityfocus.com/bid/14475

[USN-161-1] bzip2 utility vulnerability

[USN-161-1] bzip2 utility vulnerability. Read more at securityfocus.com/archive/1/407350

[USN-160-1] Apache 2 vulnerabilities

[USN-160-1] Apache 2 vulnerabilities. Read more at securityfocus.com/archive/1/407339

Re: Zip 2,31 bad default file-permissions vulnerability

Re: Zip 2,31 bad default file-permissions vulnerability

. Read more at securityfocus.com/archive/1/407351

SQL IN PortailPHP

SQL IN PortailPHP. Read more at securityfocus.com/archive/1/407342

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *