• Skip to main content
  • Skip to footer

Audit My PC - Free Internet Security Audit

Firewall Test and web tools to check your security and privacy

  • Firewall Test
  • Anti Spam
  • Internet Speed Test
  • Sitemap Generator
  • Whats My IP

Interspire TrackPoint NX index.php username Variable XSS

Network Security News – Monday, January 16, 2006 Events

Interspire TrackPoint NX index.php username Variable XSS

Interspire TrackPoint NX contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'username' variable upon submission to the 'index.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/22377

Chimera Web Portal System linkcategory.php id Variable SQL Injection

Chimera Web Portal System contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'linkcategory.php' script not properly sanitizing user-supplied input to the 'id' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/22420

H-Sphere psoft.hsphere.CP login Variable XSS

H-Sphere contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'login' variable upon submission to the 'psoft.hsphere.CP' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/22372

Light Weight Calendar index.php date Variable Arbitrary PHP Code Execution

Light Weight Calendar contains a flaw that allows arbitrary execution of PHP code. This flaw exists because the application does not validate the 'date' variable upon submission to the 'index.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary PHP code on the server, leading to a loss of integrity.. Read more at osvdb.org/22376

PDFdirectory util.php Multiple Variable SQL Injection

PDFdirectory contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the util.php script not properly sanitizing user-supplied input to the 'id' or 'owner' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/22403

PDFdirectory userpref.php Multiple Variable SQL Injection

PDFdirectory contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the userpref.php script not properly sanitizing user-supplied input to multiple unspecified variables. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/22404

PDFdirectory user.php Multiple Variable SQL Injection

PDFdirectory contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the user.php script not properly sanitizing user-supplied input to multiple unspecified variables. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/22405

PDFdirectory uploadfrm.php Multiple Variable SQL Injection

PDFdirectory contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the uploadfrm.php script not properly sanitizing user-supplied input to multiple unspecified variables. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/22406

PDFdirectory title.php Multiple Variable SQL Injection

PDFdirectory contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the title.php script not properly sanitizing user-supplied input to multiple unspecified variables. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/22407

PDFdirectory team.php Multiple Variable SQL Injection

PDFdirectory contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the team.php script not properly sanitizing user-supplied input to multiple unspecified variables. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/22408

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Footer

Miscellaneous

  • Free Address Finder
  • HTML Encoder Decoder
  • Website Monitoring
  • Whats My IP Address?
  • Yes or No

Copyright © 2001-2021 Audit My PC .com All Rights Reserved. Our Privacy Policy and TOS

  • About
  • Acronyms
  • DLL Files
  • Ports
  • Computer Security News
  • Email Scams & Spam
  • Internet Safety
  • Free Software