• Skip to main content
  • Skip to footer

Audit My PC - Free Internet Security Audit

Firewall Test and web tools to check your security and privacy

  • Firewall Test
  • Anti Spam
  • Internet Speed Test
  • Sitemap Generator
  • Whats My IP

nProtect Multiple Product Npos ActiveX Input Validation Failure

Network Security News – Sunday, September 18, 2005 Events

nProtect Multiple Product Npos ActiveX Input Validation Failure

nProtect Netizen and nProtect Personal contains a flaw that may allow a remote attacker to execute arbitrary code. The problem is that the 'Npos' ActiveX control does not verify the URL of the update site and the origin of the update configuration file. By creating a malicious web site containing a specially crafted update configuration file and tricking a victim to visit that site, it is possible for a remote attacker to download and execute arbitrary files resulting in a loss of integrity.. Read more at osvdb.org/18391

common-lisp-controller Cache Directory Owership Weakness Privilege Escalation

Common-lisp-controller allows a local attacker to insert malicious code into the cache directory. Due to a failure to check ownership of the cache directory, this code may be automatically executed by other users when they use common lisp for the first time.. Read more at osvdb.org/19385

aMember Pro authorize_aim.inc.php Remote File Inclusion

aMember Pro contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to authorize_aim.inc.php not properly sanitizing user input supplied to the 'config[root_dir]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/19444

aMember Pro payflow_pro.inc.php Remote File Inclusion

aMember Pro contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to payflow_pro.inc.php not properly sanitizing user input supplied to the 'config[root_dir]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/19452

aMember Pro beanstream.inc.php Remote File Inclusion

aMember Pro contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to beanstream.inc.php not properly sanitizing user input supplied to the 'config[root_dir]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/19445

aMember Pro logiccommerce.inc.php Remote File Inclusion

aMember Pro contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to logiccommerce.inc.php not properly sanitizing user input supplied to the 'config[root_dir]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/19450

aMember Pro eway.inc.php Remote File Inclusion

aMember Pro contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to eway.inc.php not properly sanitizing user input supplied to the 'config[root_dir]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/19447

aMember Pro plugnplay.inc.php Remote File Inclusion

aMember Pro contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to plugnplay.inc.php not properly sanitizing user input supplied to the 'config[root_dir]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/19456

aMember Pro paymentsgateway.inc.php Remote File Inclusion

aMember Pro contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to paymentsgateway.inc.php not properly sanitizing user input supplied to the 'config[root_dir]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/19453

aMember Pro cdg.inc.php Remote File Inclusion

aMember Pro contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to cdg.inc.php not properly sanitizing user input supplied to the 'config[root_dir]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/19441

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Footer

Miscellaneous

  • Free Address Finder
  • HTML Encoder Decoder
  • Website Monitoring
  • Whats My IP Address?
  • Yes or No

Copyright © 2001-2024 Audit My PC .com All Rights Reserved. Our Privacy Policy and TOS

  • About
  • Acronyms
  • DLL Files
  • Ports
  • Computer Security News
  • Email Scams & Spam
  • Internet Safety
  • Free Software