• Skip to main content
  • Skip to footer

Audit My PC - Free Internet Security Audit

Firewall Test and web tools to check your security and privacy

  • Firewall Test
  • Anti Spam
  • Internet Speed Test
  • Sitemap Generator
  • Whats My IP

Invision Power Board login.php SQL Injection

Network Security News – Tuesday, May 31, 2005 Events

Invision Power Board login.php SQL Injection

Invision Power Board contains a flaw that may allow a remote attacker to inject arbitrary SQL queries. This flaw exists because the 'login.php' script does not validate user-supplied input in certain login methods and may allow a remote attacker to inject or manipulate SQL queries.. Read more at osvdb.org/16297

BirdBlog admincore.php Multiple Parameter SQL Injection

BirdBlog contains a flaw that may allow a remote attacker to inject arbitrary SQL queries. The issue is due to the 'userid' and 'userpw' parameters in the 'admincore.php' script not being properly sanitized and may allow a remote attacker to inject or manipulate SQL queries.. Read more at osvdb.org/14934

ASPPortal login.asp password Field SQL Injection

ASPPortal contains a flaw that may allow a remote attacker to inject arbitrary SQL queries. The issue is due to the 'password' field in the 'login.asp' script not being properly sanitized and may allow a remote attacker to inject or manipulate SQL queries.. Read more at osvdb.org/16768

Advanced Guestbook index.php entry Variable SQL Injection

Advanced Guestbook contains a flaw that may allow a remote attacker to inject arbitrary SQL queries. The issue is due to the 'entry' variable in the 'index.php' script not being properly sanitized and may allow a remote attacker to inject or manipulate SQL queries.. Read more at osvdb.org/16572

MX Shop Category Module id_ctg Parameter SQL Injection

MX Shop contains a flaw that may allow a remote attacker to inject arbitrary SQL queries. The issue is due to the 'id_ctg' parameter in the 'Category' module not being properly sanitized and may allow a remote attacker to inject or manipulate SQL queries.. Read more at osvdb.org/15168

MX Kart Pages Module idp Parameter SQL Injection

MX Kart contains a flaw that may allow a remote attacker to inject arbitrary SQL queries. The issue is due to the 'idp' parameter in the 'Pages' module not being properly sanitized and may allow a remote attacker to inject or manipulate SQL queries.. Read more at osvdb.org/15167

ZPanel index.php uname Parameter SQL Injection

ZPanel contains a flaw that may allow a remote attacker to inject arbitrary SQL queries. The issue is due to the 'uname' parameter in the 'index.php' script not being properly sanitized and may allow a remote attacker to inject or manipulate SQL queries.. Read more at osvdb.org/14803

Zen Cart application_top.php products_id Variable SQL Injection

Zen Cart contains a flaw that may allow a remote attacker to inject arbitrary SQL queries. The issue is due to the 'products_id' variable in the 'application_top.php' script not being properly sanitized and may allow a remote attacker to inject or manipulate SQL queries.. Read more at osvdb.org/16892

WordPress template-functions-category.php cat_ID SQL Injection

WordPress contains a flaw that may allow a remote attacker to inject arbitrary SQL queries. The issue is due to the 'cat_ID' variable in the 'template-functions-category.php' script not being properly sanitized and may allow a remote attacker to inject or manipulate SQL queries.. Read more at osvdb.org/16905

ActivePerl for Win32 System Function Long Argument Local DoS

A local overflow exists in ActivePerl for Win32. The interpreter fails to do proper bounds checking on input to the system()function resulting in a buffer overflow. With a specially crafted request, an attacker can cause an interpreter crash resulting in a loss of availability. It may be possible to manipulate the input so as to cause execution of arbitrary code resulting in a loss of confidentiality.. Read more at osvdb.org/16903

MyBB Website Field HTML Injection Vulnerability

MyBB is Web forum software implemented in PHP utilizing a MySQL backend.MyBB is prone to an HTML injection vulnerability. This issue is due to a failure in the applica…. Read more at securityfocus.com/bid/13819?ref=rss

Qualiteam X-Cart SQL Injection and Cross-Site Scripting Vulnerabilities

X-Cart is a web based shopping card application implemented in PHP and integrated with a MySQL database backend. X-Cart is prone to SQL injection and cross-site scripti…. Read more at securityfocus.com/bid/13817?ref=rss

Microsoft Windows Remote Desktop Protocol Server Private Key Disclosure Vulnerability

Microsoft Windows uses the Remote Desktop Protocol (RDP) for communications between Terminal Services clients and servers. RDP is capable of using three different encrypt…. Read more at securityfocus.com/bid/13818?ref=rss

GDB Multiple Vulnerabilities

GDB is the GNU debugger.GDB is reportedly affected by multiple vulnerabilities. These issues can allow an attacker to execute arbitrary code and commands on an affecte…

. Read more at securityfocus.com/bid/13697?ref=rss

Hosting Controller User Profile Unauthorized Access Vulnerability

Hosting Controller is an application that consolidates all hosting tasks into one interface. Hosting Controller runs on Microsoft Windows operating systems.Hosting Cont…. Read more at securityfocus.com/bid/13816?ref=rss

NewLife Blogger Multiple Unspecified SQL Injection Vulnerabilities

NewLife Blogger is Web blog software implemented in PHP.NewLife Blogger is prone to multiple unspecified SQL injection vulnerabilities. These issues are due to a failu…. Read more at securityfocus.com/bid/13815?ref=rss

Multiple vulnerabilities in x-cart Gold

Sender: CENSORED [censored at mail dot ru]

. Read more at securityfocus.com/archive/1/399329?ref=rss

MDKSA-2005:095 – Updated gdb packages fix vulnerabilities

Sender: Mandriva Security Team [security at mandriva dot com]. Read more at securityfocus.com/archive/1/399330?ref=rss

MyBB 1.0 RC4 XSS Bug

Sender: August Christopher [syini666 at gmail dot com]. Read more at securityfocus.com/archive/1/399328?ref=rss

Crash in Stronghold 2 1.2

Sender: Luigi Auriemma [aluigi at autistici dot org]

. Read more at securityfocus.com/archive/1/399323?ref=rss

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Footer

Miscellaneous

  • Free Address Finder
  • HTML Encoder Decoder
  • Website Monitoring
  • Whats My IP Address?
  • Yes or No

Copyright © 2001-2024 Audit My PC .com All Rights Reserved. Our Privacy Policy and TOS

  • About
  • Acronyms
  • DLL Files
  • Ports
  • Computer Security News
  • Email Scams & Spam
  • Internet Safety
  • Free Software