• Skip to main content
  • Skip to footer

Audit My PC - Free Internet Security Audit

Firewall Test and web tools to check your security and privacy

  • Firewall Test
  • Anti Spam
  • Internet Speed Test
  • Sitemap Generator
  • Whats My IP

ATutor body_header.inc.php section Variable Local File Inclusion

Network Security News – Saturday, October 29, 2005 Events

ATutor body_header.inc.php section Variable Local File Inclusion

ATutor contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to 'body_header.inc.php' not properly sanitizing user input supplied to the 'section' variable. This may allow a remote attacker to include arbitrary files from the local host and view any accessible file on the system resulting in a loss of confidentiality.. Read more at osvdb.org/20345

ATutor forum.inc.php Arbitrary Command Execution

ATutor contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to 'forum.inc.php' not properly sanitizing user input supplied to the 'addslashes', 'asc' and 'desc' variables. This may allow a remote attacker to execute arbitrary shell commands resulting in a loss of integrity.. Read more at osvdb.org/20344

ATutor add_note.php p Variable XSS

ATutor contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'p' variable upon submission to the 'add_note.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/20349

ATutor news.inc.php _base_path Variable XSS

ATutor contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the '_base_path' variable upon submission to the 'news_inc.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/20348

ATutor translate.php _base_href Variable XSS

ATutor contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the '_base_href' variable upon submission to the 'translate.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/20347

ATutor print.php section Variable Local File Inclusion

ATutor contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to 'print.php' not properly sanitizing user input supplied to the 'section' variable. This may allow a remote attacker to include arbitrary files from the local host and view any accessible file on the system resulting in a loss of confidentiality.. Read more at osvdb.org/20346

phpESP Multiple Unspecified SQL Injection

phpESP contains multiple flaws that may allow a remote attacker to carry out an SQL injection attack. No further details have been provided.. Read more at osvdb.org/20358

phpESP Multiple Unspecified XSS

phpESP contains multiple flaws that allows a remote cross site scripting attack. No further details have been provided.. Read more at osvdb.org/20357

Snort frag2 IP Defragmenter Unspecified DoS

Snort contains a flaw related to the 'frag2' IP defragmenter plugin that may allow a remote attacker to crash the application. No further details have been provided.. Read more at osvdb.org/20353

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Footer

Miscellaneous

  • Free Address Finder
  • HTML Encoder Decoder
  • Website Monitoring
  • Whats My IP Address?
  • Yes or No

Copyright © 2001-2021 Audit My PC .com All Rights Reserved. Our Privacy Policy and TOS

  • About
  • Acronyms
  • DLL Files
  • Ports
  • Computer Security News
  • Email Scams & Spam
  • Internet Safety
  • Free Software