• Skip to main content
  • Skip to footer

Audit My PC - Free Internet Security Audit

Firewall Test and web tools to check your security and privacy

  • Firewall Test
  • Anti Spam
  • Internet Speed Test
  • Sitemap Generator
  • Whats My IP

PostNuke modules.php catid Variable SQL Injection

Network Security News – Wednesday, June 08, 2005 Events

PostNuke modules.php catid Variable SQL Injection

PostNuke contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the "catid" variable in the "module" script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.. Read more at osvdb.org/15923

PostNuke Message Module readpmsg.php Start Variable SQL Injection

PostNuke contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the "start" variable in the " /modules/Messages/readpmsg.php" script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.. Read more at osvdb.org/16781

PostNuke index.php catid Variable SQL Injection

PostNuke contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the "catid" variable in the "index.php" script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.. Read more at osvdb.org/15922

PostNuke funcs.php getArticles Function SQL Injection

PostNuke contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the "getArticles()" function in the "modules/News/funcs.php" script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.. Read more at osvdb.org/14284

PostNuke dl-search.php Multiple Parameter SQL Injection

PostNuke contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the "$show" and "$orderby" variable in the "/modules/Downloads/dl-search.php" script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.. Read more at osvdb.org/14282

PostNuke admin.php catid Variable SQL Injection

PostNuke contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the "catid" variable in the "admin.php" script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.. Read more at osvdb.org/15924

Microsoft IE Crafted BMP Size Setting DoS

Internet Explorer contains a flaw that may allow a remote denial of service. The issue is triggered when a crafted bitmap image file is loaded in Internet Explorer. This flaw exist because Internet Explorer checks the image size written in the bitmap and not the actual file size to allocate the necessary memory. It is possible to set a very large number (FFFFFFFF^2) for the bitmap file size that may consume all the available memory.. Read more at osvdb.org/17158

Microsoft IE Malformed FTP URL DoS

Internet Explorer contains a flaw that may allow a remote denial of service. The issue is triggered when a victim open a specially-crafted FTP URL containing '#' or '&' characters, and will result in loss of availability for the Web browser once the link is clicked.. Read more at osvdb.org/17159

Sun ONE Application Server Unspecified File Disclosure

Sun ONE Application Server contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered by an unspecified error and will disclose arbitrary files resulting in a loss of confidentiality.. Read more at osvdb.org/17146

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Footer

Miscellaneous

  • Free Address Finder
  • HTML Encoder Decoder
  • Website Monitoring
  • Whats My IP Address?
  • Yes or No

Copyright © 2001-2021 Audit My PC .com All Rights Reserved. Our Privacy Policy and TOS

  • About
  • Acronyms
  • DLL Files
  • Ports
  • Computer Security News
  • Email Scams & Spam
  • Internet Safety
  • Free Software