• Skip to main content
  • Skip to footer

Audit My PC - Free Internet Security Audit

Firewall Test and web tools to check your security and privacy

  • Firewall Test
  • Anti Spam
  • Internet Speed Test
  • Sitemap Generator
  • Whats My IP

Cerberus Helpdesk clients.php Multiple Variable XSS

Network Security News – Tuesday, October 25, 2005 Events

Cerberus Helpdesk clients.php Multiple Variable XSS

Cerberus Helpdesk contains a flaw that allows a remote cross site scripting attack. The flaw exists because the application does not validate the 'sid' and 'id' variables upon submission to the 'clients.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/20264

Chipmunk Forum quote.php forumID Variable XSS

Chipmunk Forum contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'forumID' variable upon submission to the 'quote.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/20165

Chipmunk Forum reply.php forumID Variable XSS

Chipmunk Forum contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'forumID' variable upon submission to the 'reply.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/20167

Chipmunk Topsites recommend.php ID Variable XSS

Chipmunk Topsites contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'ID' variable upon submission to the 'recommend.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/20168

Chipmunk Guestbook index.php start Variable Path Disclosure

Chipmunk Guestbook contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker sends a specially crafted URL to the 'start' variable in index.php, which will disclose the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.. Read more at osvdb.org/20170

Chipmunk Directory recommend.php entryID Variable XSS

Chipmunk Directory contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'entryID' variable upon submission to the 'recommend.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/20169

Chipmunk Forum index.php forumID Variable XSS

Chipmunk Forum contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'forumID' variable upon submission to the 'index.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/20166

Chipmunk Forum newtopic.php forumID Variable XSS

Chipmunk Forum contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'forumID' variable upon submission to the 'newtopic.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/20164

Snort Back Orifice Pre-Processor UDP Packet Remote Overflow

A remote overflow exists in Snort. The Back Orifice Pre-Processor fails to validate UDP packets resulting in a stack overflow. With a specially crafted UDP packet, an attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/20034

Echelog Unspecified Function Stack Overflows

A stack overflow exists in Echelog. Echelog fails to check argument length supplied to undisclosed functions potentially resulting in stack overflows.. Read more at osvdb.org/20244

Vuln: Multiple Vendor Anti-Virus Magic Byte Detection Evasion Vulnerability

Multiple Vendor Anti-Virus Magic Byte Detection Evasion Vulnerability. Read more at securityfocus.com/bid/15189

Vuln: Symantec Discovery Web Accounts Default Password Vulnerability

Symantec Discovery Web Accounts Default Password Vulnerability. Read more at securityfocus.com/bid/15188

Vuln: SCO UnixWare PPP Prompt Local Buffer Overflow Vulnerability

SCO UnixWare PPP Prompt Local Buffer Overflow Vulnerability. Read more at securityfocus.com/bid/15159

Vuln: SCO OpenServer Backupsh Local Buffer Overflow Vulnerability

SCO OpenServer Backupsh Local Buffer Overflow Vulnerability. Read more at securityfocus.com/bid/15160

[security bulletin] SSRT051055 rev.0 – HP Oracle for OpenView (OfO) Critical Patch Update October 2005

[security bulletin] SSRT051055 rev.0 – HP Oracle for OpenView (OfO) Critical Patch Update October 2005. Read more at securityfocus.com/archive/1/414392

Possible Bug in PHP-Fusion 6.0.204

Possible Bug in PHP-Fusion 6.0.204. Read more at securityfocus.com/archive/1/414395

SQL saphp Lesson

SQL saphp Lesson. Read more at securityfocus.com/archive/1/414398

Revised draft on ICMP attacks

Revised draft on ICMP attacks. Read more at securityfocus.com/archive/1/414394

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Footer

Miscellaneous

  • Free Address Finder
  • HTML Encoder Decoder
  • Website Monitoring
  • Whats My IP Address?
  • Yes or No

Copyright © 2001-2024 Audit My PC .com All Rights Reserved. Our Privacy Policy and TOS

  • About
  • Acronyms
  • DLL Files
  • Ports
  • Computer Security News
  • Email Scams & Spam
  • Internet Safety
  • Free Software