• Skip to main content
  • Skip to footer

Audit My PC - Free Internet Security Audit

Firewall Test and web tools to check your security and privacy

  • Firewall Test
  • Anti Spam
  • Internet Speed Test
  • Sitemap Generator
  • Whats My IP

PMTool inc/project.inc.php order Variable SQL Injection

Network Security News – Monday, April 24, 2006 Events

PMTool inc/project.inc.php order Variable SQL Injection

PMTool contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'inc/project.inc.php' script not properly sanitizing user-supplied input to the 'order' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/24782

PMTool inc/user.inc.php order Variable SQL Injection

PMTool contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'inc/user.inc.php' script not properly sanitizing user-supplied input to the 'order' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/24780

Linux Kernel ip_route_input() Multi-cast IP Request Local DoS

The Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when a route for a multicast IP address is requested, and will result in a kernel panic cause by a NULL pointer dereference, and therefore lead to loss of availability for the platform.. Read more at osvdb.org/24715

PMTool inc/customer.inc.php order Variable SQL Injection

PMTool contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'inc/customer.inc.php' script not properly sanitizing user-supplied input to the 'order' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/24781

Cisco Catalyst Enable Access Authentication Bypass

Cisco Catalyst 4000, 6000, and 6500 switches contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered due an an error in the local authentication mechanism. This flaw may lead to a loss of Integrity.. Read more at osvdb.org/8903

Cisco Multiple Product Unspecified Compressed DNS Message DoS (1)

Cisco's DNS implementation in certain products contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends a specially crafted DNS packet(s), and will result in loss of availability for the devices. No further details have been provided.. Read more at osvdb.org/19003

Cisco Multiple Product Misconfigured TACACS+ Server Authentication Bypass

Cisco TACACS+ contains a flaw that may allow a malicious user to bypass authentication. The issue is triggered when the TACACS+ configuration lacks the 'tacacs-server host' command. It is possible that the flaw may allow a malicious user to bypass authentication, resulting in a loss of confidentiality.. Read more at osvdb.org/23237

Linux Kernel x87 Register Information Disclosure

The Linux kernel contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered because the Floating Point Units (FPUs) of the affected processor types do not save and restore the FOP, FID and FPD registers when certain instructions are executed. As a result, Linux does not clear these registers either. When a context switch occurs, a user can potentially read these uncleared registers which could disclose floating point information, resulting in a loss of confidentiality.. Read more at osvdb.org/24807

Monster Top List sources/functions.php root_path Variable Remote File Inclusion

Monster Top List contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to sources/functions.php not properly sanitizing user input supplied to the 'root_path' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/24650

Cisco Security Agent Packet Handling DoS

Cisco Security Agent contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends malformed packets to a CSA protected host, and will result in loss of availability for the host.. Read more at osvdb.org/17862

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Footer

Miscellaneous

  • Free Address Finder
  • HTML Encoder Decoder
  • Website Monitoring
  • Whats My IP Address?
  • Yes or No

Copyright © 2001-2021 Audit My PC .com All Rights Reserved. Our Privacy Policy and TOS

  • About
  • Acronyms
  • DLL Files
  • Ports
  • Computer Security News
  • Email Scams & Spam
  • Internet Safety
  • Free Software