• Skip to main content
  • Skip to footer

Audit My PC - Free Internet Security Audit

Firewall Test and web tools to check your security and privacy

  • Firewall Test
  • Anti Spam
  • Internet Speed Test
  • Sitemap Generator
  • Whats My IP

xv Multiple Nondescript Decoder Input Validation Issues

Network Security News – Monday, April 25, 2005 Events

xv Multiple Nondescript Decoder Input Validation Issues

XV contains multiple unspecified flaws that may allow a malicious user to execute arbitrary code. The issue is triggered by failure of the application to properly sanitize input prior to using it to carry out critical functions resulting in a loss of integrity.. Read more at osvdb.org/15677

eGroupWare index.php cats_app Variable SQL Injection

eGroupWare contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the 'cats_app' variable in the index.php script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.. Read more at osvdb.org/15753

eGroupWare tts/index.php filter Variable SQL Injection

eGroupWare contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the 'filter' variable in the tts/index.php script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.. Read more at osvdb.org/15752

eGroupWare sitemgr-site/index.php category_id Variable XSS

eGropuWare contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the category_id variable upon submission to the sitemgr-site/index.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/15751

eGroupWare wiki/index.php Multiple Variable XSS

eGroupWare contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'page' or 'lang' variables upon submission to the wiki/index.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/15750

bBlog index.php postid Variable SQL Injection

bBlog contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the 'postid' variable in the index.php script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.. Read more at osvdb.org/15756

bBlog Blog Entry Title XSS

bBlog contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the blog entry title upon submission to the index.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/15754

bBlog Blog/Comment Body XSS

bBlog contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the blog/comment body text upon submission to the index.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/15755

eGroupWare index.php Multiple Variable XSS

eGroupWare contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'ab_id', 'page', or 'type' variables upon submission to the index.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/15649

Neslo Desktop Rover Malformed TCP Packet DoS

Neslo Desktop Rover contains a flaw that may allow a remote denial of service. The issue is triggered when a remote attacker sends a specially-crafted malformed packet to TCP port 61427 resulting in a loss of availability of the application.. Read more at osvdb.org/15718

OpenSSL ASN.1 Parsing Vulnerabilities

Multiple vulnerabilities were reported in the ASN.1 parsing code in OpenSSL. OpenSSL does not directly implement ASN.1 but does use ASN.1 objects in X.509 certificates a…

. Read more at securityfocus.com/bid/8732?ref=rss

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Footer

Miscellaneous

  • Free Address Finder
  • HTML Encoder Decoder
  • Website Monitoring
  • Whats My IP Address?
  • Yes or No

Copyright © 2001-2021 Audit My PC .com All Rights Reserved. Our Privacy Policy and TOS

  • About
  • Acronyms
  • DLL Files
  • Ports
  • Computer Security News
  • Email Scams & Spam
  • Internet Safety
  • Free Software