• Skip to main content
  • Skip to footer

Audit My PC - Free Internet Security Audit

Firewall Test and web tools to check your security and privacy

  • Firewall Test
  • Anti Spam
  • Internet Speed Test
  • Sitemap Generator
  • Whats My IP

tmsPUBLISHER pagename.cfm Malformed id Variable Path Disclosure

Network Security News – Sunday, February 19, 2006 Events

tmsPUBLISHER pagename.cfm Malformed id Variable Path Disclosure

tmsPUBLISHER contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker supplies a non-integer to the 'id' variable of the pagename.cfm script, which will disclose the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.. Read more at osvdb.org/23298

XMB Forums today.php Cookie Data SQL Injection

XMB Forums contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'today.php' script not properly sanitizing user-supplied input to the cookies. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/23117

XMB Forums u2u.inc.php Multiple Function SQL Injection

XMB Forums contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the u2u.inc.php script not properly sanitizing user-supplied input to the 'u2u_mod_delete()', 'u2u_mod_move()', and 'u2u_mod_markUnread()' functions. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/23118

Zen Cart Unspecified SQL Injection

Zen Cart contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to unspecified script(s) not properly sanitizing user-supplied input to unspecified variable(s). This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/23110

Oreka Crafted RTP Packet Sequence Remote DoS

Oreka contains a flaw that may allow a remote denial of service. The issue is triggered when a malicious sequence of RTP packets is received, and will result in loss of availability for the service.. Read more at osvdb.org/23300

phphd POST Method check.php username Variable SQL Injection

phphd contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the checkphp script not properly sanitizing user-supplied input to the 'username' variable via the POST method. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/23025

Hitachi Business Logic Container (BLC) Unspecified SQL Injection

BLC contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to unspecified script(s) not properly sanitizing user-supplied input to unspecified variable(s). This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/23099

2200net Calendar System calendar.php id Variable SQL Injection

2200net Calendar System contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the calendar.php script not properly sanitizing user-supplied input to the 'id' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/23037

2200net Calendar System adminlogin.php acc Variable SQL Injection

2200net Calendar System contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the adminlogin.php script not properly sanitizing user-supplied input to the 'acc' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/23038

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Footer

Miscellaneous

  • Free Address Finder
  • HTML Encoder Decoder
  • Website Monitoring
  • Whats My IP Address?
  • Yes or No

Copyright © 2001-2021 Audit My PC .com All Rights Reserved. Our Privacy Policy and TOS

  • About
  • Acronyms
  • DLL Files
  • Ports
  • Computer Security News
  • Email Scams & Spam
  • Internet Safety
  • Free Software