• Skip to main content
  • Skip to footer

Audit My PC - Free Internet Security Audit

Firewall Test and web tools to check your security and privacy

  • Firewall Test
  • Anti Spam
  • Internet Speed Test
  • Sitemap Generator
  • Whats My IP

Prodder enc_url Crafted URL Arbitrary Command Execution

Network Security News – Wednesday, June 07, 2006 Events

Prodder enc_url Crafted URL Arbitrary Command Execution

Prodder contains a flaw that may allow a malicious user to remotely execute arbitrary commands. The issue is triggered because the program fails to properly sanitise input in the shape of a podcast URL before passing it to a shell command, resulting in a loss of integrity.. Read more at osvdb.org/25690

PostgreSQL Single Quote Escaping Filter Bypass

PostgreSQL contains a flaw that may allow a malicious user to bypass security restrictions and execute arbitrary SQL commands. The issue is triggered due to an error when escaping ASCII single quote "'" characters (by turning them into "\'") and operating in multibyte encodings (e.g. SJIS, BIG5, GBK, GB18030, or UHC) that allow using the "0x5c" ASCII code (backslash) as the trailing byte of a multibyte character. It is possible that the flaw may allow SQL injection attacks resulting in a loss of confidentiality and integrity.. Read more at osvdb.org/25731

ByteHoard server.php bhconfig[bhfilepath] Variable Remote File Inclusion

ByteHoard contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to server.php not properly sanitizing user input supplied to the 'bhconfig[bhfilepath]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/25948

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Footer

Miscellaneous

  • Free Address Finder
  • HTML Encoder Decoder
  • Website Monitoring
  • Whats My IP Address?
  • Yes or No

Copyright © 2001-2021 Audit My PC .com All Rights Reserved. Our Privacy Policy and TOS

  • About
  • Acronyms
  • DLL Files
  • Ports
  • Computer Security News
  • Email Scams & Spam
  • Internet Safety
  • Free Software