• Skip to main content
  • Skip to footer

Audit My PC - Free Internet Security Audit

Firewall Test and web tools to check your security and privacy

  • Firewall Test
  • Anti Spam
  • Internet Speed Test
  • Sitemap Generator
  • Whats My IP

phpPgAdmin index.php formLanguage Variable Local File Inclusion

Network Security News – Monday, July 11, 2005 Events

phpPgAdmin index.php formLanguage Variable Local File Inclusion

phpPgAdmin contains a flaw that allows a remote attacker to include files outside of the web path. The issue is due to the index.php script not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the formLanguage variable.. Read more at osvdb.org/17758

phpSlash Author.class::saveProfile author_id Manipulation Privilege Escalation

phpSlash contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a malicious user alters author_id and author_name variables in profile.php script. This flaw may lead to a loss of integrity.. Read more at osvdb.org/17782

PunBB profile.php $temp Variable SQL Injection

PunBB contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the profile.php script not properly sanitizing user-supplied input to the '$temp' variable when 'register_globals' is on. This may allow an attacker to inject or manipulate SQL queries in the backend database, including being able to add the attacker to the Administrators group.. Read more at osvdb.org/17785

PunBB pun_include Command redirect_url Parameter Local File Inclusion

PunBB contains a flaw that may allow a remote authenticated attacker to execute arbitrary commands. The issue is due to pun_include not properly sanitizing user input supplied to the redirect_url variable. This may allow an attacker to include a malicious uploaded file such as a forum picture that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/17786

phpSecurePages secure.php cfgProgDir Variable Remote File Inclusion

phpSecurePages contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to secure.php not properly sanitizing user input supplied to the cfgProgDir variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/17783

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Footer

Miscellaneous

  • Free Address Finder
  • HTML Encoder Decoder
  • Website Monitoring
  • Whats My IP Address?
  • Yes or No

Copyright © 2001-2021 Audit My PC .com All Rights Reserved. Our Privacy Policy and TOS

  • About
  • Acronyms
  • DLL Files
  • Ports
  • Computer Security News
  • Email Scams & Spam
  • Internet Safety
  • Free Software