Network Security News – Friday, April 07, 2006 Events
Phgstats phgstats.inc.php phgdir Variable Remote File Inclusion
Phgstats contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to phgstats.inc.php not properly sanitizing user input supplied to the 'phgdir' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/22302
OrjinWeb E-commerce index.php page Variable Remote File Inclusion
Orjinweb E-commerce contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to index.php not properly sanitizing user input supplied to the 'page' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/22387
NOD32 nod32.exe Scheduled Scan Local Privilege Escalation
NOD32 contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered due to the NOD32 GUI (nod32.exe) running with SYSTEM privileges when a scheduled on-demand scan is run by the scheduler. This can be exploited to invoke cmd.exe with SYSTEM privileges when a scheduled scan is running. This flaw may lead to a loss of integrity.. Read more at osvdb.org/24394
NOD32 Restore To Feature Arbitrary File Write
NOD32 Antivirus contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when the program does not drop its SYSTEM privileges before allowing a user to use the "Restore to…" feature to restore a quarantined file. This can be exploited to write a file to an arbitrary directory with SYSTEM privileges if a file with the given filename does not already exist. This flaw may lead to a loss of integrity.. Read more at osvdb.org/24393
N.T. ticker.db.php Arbitrary PHP Code Execution
N.T. contains a flaw that may allow a malicious user to run arbitrary code. The issue is triggered due to ticker.db.php not properly sanitizing unspecified or unknown values. Arbitrary PHP code may be injected, which will be executed when the file is included. It is possible that the flaw may allow the execution of arbitrary commands resulting in a loss of integrity.. Read more at osvdb.org/24398
N.T. index.php username Variable XSS
N.T. contains a flaw that allows a remote cross site scripting attack.
This flaw exists because the application does not validate 'username'
variables upon submission to the index.php script. This could allow a
user to create a specially crafted URL that would execute arbitrary code
in an administrator's browser when the "Login Log" page is viewed, leading
to a loss of integrity.. Read more at osvdb.org/24397
iUser Ecommerce common.php include_path Variable Remote File Inclusion
iUser Ecommerce contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to common.php not properly sanitizing user input supplied to the 'include_path' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/23429
FarsiNews loginout.php cutepath Variable Remote File Inclusion
FarsiNews contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to loginout.php not properly sanitizing user input supplied to the 'cutepath' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/22878
Indexu application.php base_path Variable Remote File Inclusion
Indexu contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'base_path' variable upon submission to the application.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/22989
Leave a Reply