Audit My PC - Free Internet Security Audit

Firewall Test and web tools to check your security and privacy

DUclassmate default.asp iState Variable SQL Injection

Network Security News – Thursday, August 04, 2005 Events

DUclassmate default.asp iState Variable SQL Injection

DUclassmate contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'default.asp' script not properly sanitizing user-supplied input to the 'iState' variable. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/17588

DUamazon type.asp iType Variable SQL Injection

DUamazon contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'type.asp' script not properly sanitizing user-supplied input to the 'iType' variable. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/17590

DUclassmate edit.asp iPro Variable SQL Injection

DUclassmate contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'edit.asp' script not properly sanitizing user-supplied input to the 'iPro' variable. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/17589

DUamazon Pro catDelete.asp iCat Variable SQL Injection

DUamazon Pro contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'catDelete.asp' script not properly sanitizing user-supplied input to the 'iCat' variable. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/17593

DUamazon Pro detail.asp iSub Variable SQL Injection

DUamazon Pro contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'detail.asp' script not properly sanitizing user-supplied input to the 'iSub' variable. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/17595

DUamazon Pro productDelete.asp iCat Variable SQL Injection

DUamazon Pro contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'productDelete.asp' script not properly sanitizing user-supplied input to the 'iCat' variable. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/17591

DUamazon Pro review.asp iPro Variable SQL Injection

DUamazon Pro contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'review.asp' script not properly sanitizing user-supplied input to the 'iPro' variable. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/17594

DUamazon Pro productEdit.asp iCat Variable SQL Injection

DUamazon Pro contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'productEdit.asp' script not properly sanitizing user-supplied input to the 'iCat' variable. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/17592

DUforum post.asp iFor Variable SQL Injection

DUforum contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'post.asp' script not properly sanitizing user-supplied input to the 'iFor' variable. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/17585

DUforum userEdit.asp id Variable SQL Injection

DUforum contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'userEdit.asp' script not properly sanitizing user-supplied input to the 'id' variable. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/17587

Vuln: Naxtor E-directory Message.ASP Cross Site Scripting Vulnerability

Naxtor E-directory Message.ASP Cross Site Scripting Vulnerability. Read more at securityfocus.com/bid/14468

Vuln: Naxtor E-directory Default.ASP SQL Injection Vulnerability

Naxtor E-directory Default.ASP SQL Injection Vulnerability. Read more at securityfocus.com/bid/14469

Vuln: Apache mod_ssl CRL Handling Off-By-One Buffer Overflow Vulnerability

Apache mod_ssl CRL Handling Off-By-One Buffer Overflow Vulnerability

. Read more at securityfocus.com/bid/14366

Vuln: Apache HTTP Request Smuggling Vulnerability

Apache HTTP Request Smuggling Vulnerability. Read more at securityfocus.com/bid/14106

Re: ClamAV Multiple Rem0te Buffer Overflows

Re: ClamAV Multiple Rem0te Buffer Overflows. Read more at securityfocus.com/archive/1/407184

[security bulletin] SSRT5998 Rev.0 HP System Management Homepage (v2.0.x) Denial of Service (DoS) & XSS

[security bulletin] SSRT5998 Rev.0 HP System Management Homepage (v2.0.x) Denial of Service (DoS) & XSS. Read more at securityfocus.com/archive/1/407141

[security bulletin] SSRT4682 rev.0 – Oracle for Openview (OfO) Critical Patch Update July 2005

[security bulletin] SSRT4682 rev.0 – Oracle for Openview (OfO) Critical Patch Update July 2005

. Read more at securityfocus.com/archive/1/407164

Silvernews 2.0.3 (possibly previous versions ) SQL Injection / Login Bypass / Remote commands execution / cross site scripting

Silvernews 2.0.3 (possibly previous versions ) SQL Injection / Login Bypass / Remote commands execution / cross site scripting. Read more at securityfocus.com/archive/1/407163

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *