• Skip to main content
  • Skip to footer

Audit My PC - Free Internet Security Audit

Firewall Test and web tools to check your security and privacy

  • Firewall Test
  • Anti Spam
  • Internet Speed Test
  • Sitemap Generator
  • Whats My IP

Softbiz Web Host Directory review.php sbres_id Variable SQL Injection

Network Security News – Thursday, December 08, 2005 Events

Softbiz Web Host Directory review.php sbres_id Variable SQL Injection

Web Host Directory contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'review.php' script not properly sanitizing user-supplied input to the 'sbres_id' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/21080

GhostScripter Amazon Shop search.php query Variable XSS

GhostScripter Amazon Shop contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the "query" variable upon submission to the search.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/21371

Softbiz Web Host Directory browsecats.php cid Variable SQL Injection

Web Host Directory contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'browsecats.php' script not properly sanitizing user-supplied input to the 'cid' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/21081

Softbiz Web Host Directory email.php h_id Variable SQL Injection

Web Host Directory contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'email.php' script not properly sanitizing user-supplied input to the 'h_id' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/21082

phpForumPro index.php Multiple Variable SQL Injection

phpForumPro contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.php script not properly sanitizing user-supplied input to the "day" and "parent" variables. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/21484

Softbiz Web Host Directory search_result.php cid Variable SQL Injection

Web Host Directory contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'search_result.php' script not properly sanitizing user-supplied input to the 'cid' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/21079

WASD Web Server PerlRTE_example1.pl name Variable Format String

WASD WebServer PerlRTE_example1.pl contains a format string flaw. The issue is triggered when a user sends malcious input via format string errors in the $name variable. It is possible that the flaw may allow arbitrary code execution and/or a denial of service.. Read more at osvdb.org/21288

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Footer

Miscellaneous

  • Free Address Finder
  • HTML Encoder Decoder
  • Website Monitoring
  • Whats My IP Address?
  • Yes or No

Copyright © 2001-2024 Audit My PC .com All Rights Reserved. Our Privacy Policy and TOS

  • About
  • Acronyms
  • DLL Files
  • Ports
  • Computer Security News
  • Email Scams & Spam
  • Internet Safety
  • Free Software