• Skip to main content
  • Skip to footer

Audit My PC - Free Internet Security Audit

Firewall Test and web tools to check your security and privacy

  • Firewall Test
  • Anti Spam
  • Internet Speed Test
  • Sitemap Generator
  • Whats My IP

CheesyBlog archive.php Multiple Field XSS

Network Security News – Saturday, January 28, 2006 Events

CheesyBlog archive.php Multiple Field XSS

CheesyBlog contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'Your name', 'Website URL' and 'Comment' fields upon submission to the 'archive.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/22716

The Gallery User Name XSS

The Gallery contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the fullname set by users. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/22660

Phpclanwebsite pollresults.php poll_id Variable XSS

Phpclanwebsite contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'par' and 'poll_id' variables upon submission to the 'index.php' script, and will call the 'pollresults.php' script without validating these variables. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/22722

Multiple BSD pf Crafted IP Fragment Ruleset DoS

Packet Filter (PF) contains a flaw that may allow a remote denial of service. The issue is triggered when a logic bug in the IP fragment cache may result in a packet fragment being inserted twice, violating a kernel invariant. This will result in loss of availability for the platform.. Read more at osvdb.org/22732

FreeBSD Buffer Length Logic Error Arbitrary Kernel Memory Disclosure

FreeBSD contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a logic error in computing a buffer length may allow too much data to be copied into userland, which may disclose portions of kernel memory resulting in a loss of confidentiality.. Read more at osvdb.org/22731

FreeBSD Uninitialized Buffer Arbitrary Kernel Memory Disclosure

FreeBSD contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a buffer allocated from the kernel stack is not completely initialized before being copied to userland, which may disclose portions of kernel memory resulting in a loss of confidentiality.. Read more at osvdb.org/22730

MyBulletinBoard (MyBB) search.php Multiple Variable XSS

MyBB contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the "sortby" and "sortordr" variables upon submission to the search.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/22750

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Footer

Miscellaneous

  • Free Address Finder
  • HTML Encoder Decoder
  • Website Monitoring
  • Whats My IP Address?
  • Yes or No

Copyright © 2001-2021 Audit My PC .com All Rights Reserved. Our Privacy Policy and TOS

  • About
  • Acronyms
  • DLL Files
  • Ports
  • Computer Security News
  • Email Scams & Spam
  • Internet Safety
  • Free Software