• Skip to main content
  • Skip to footer

Audit My PC - Free Internet Security Audit

Firewall Test and web tools to check your security and privacy

  • Firewall Test
  • Anti Spam
  • Internet Speed Test
  • Sitemap Generator
  • Whats My IP

VBZooM sendmail.php UserID Variable SQL Injection

Network Security News – Wednesday, September 06, 2006 Events

VBZooM sendmail.php UserID Variable SQL Injection

VBZooM contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the sendmail.php script not properly sanitizing user-supplied input to the UserID variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/28254

Webmin/Usermin NULL Character Unspecified Source Disclosure

Webmin/Usermin contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered because input passed in a NULL character is not properly verified, this will disclose the source code of arbitrary CGI and Perl programs resulting in a loss of confidentiality.. Read more at osvdb.org/28337

Webmin/Usermin NULL Character Unspecified XSS

Webmin/Usermin contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not sanitize input passed in a NULL character. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/28338

phpChamber search_result.php needle Variable XSS

phpChamber contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'needle' variables upon submission to the 'search_result.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/22282

SimpleBoard for Mambo file_upload.php sbp Variable Remote File Inclusion

SimpleBoard for Mambo contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to 'file_upload.php' not properly sanitizing user input supplied to the 'sbp' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/28531

Pheap config.php lpref Variable Remote File Inclusion

Pheap contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to config.php not properly sanitizing user input supplied to the 'lpref' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/28302

SimpleBoard for Mambo image_upload.php sbp Variable Remote File Inclusion

SimpleBoard for Mambo contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to 'image_upload.php' script not properly sanitizing user input supplied to the 'sbp' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/27421

AnywhereUSB/5 Driver String Descriptor Parsing DoS

AnywhereUSB/5 contains a flaw that may allow a remote denial of service. The issue is triggered due to an error in the processing of malformed string descriptor that in its header specifies a size of 1 byte, and will result in loss of availability for the platform.. Read more at osvdb.org/28429

SnapGear Replay Window DoS

SnapGear contains a flaw that may allow a remote denial of service. The issue is triggered due to unspecified IPsec window replay errors, and will result in loss of availability for the service.. Read more at osvdb.org/28316

Novell eDirectory NCPENGINE Unspecified CPU Consumption DoS

Novell eDirectory contains an unspecified flaw that may allow a remote denial of service. The issue is triggered on target system when it is subjected to a Nessus scan, and will result in loss of availability for the service/platform.. Read more at osvdb.org/28369

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Footer

Miscellaneous

  • Free Address Finder
  • HTML Encoder Decoder
  • Website Monitoring
  • Whats My IP Address?
  • Yes or No

Copyright © 2001-2024 Audit My PC .com All Rights Reserved. Our Privacy Policy and TOS

  • About
  • Acronyms
  • DLL Files
  • Ports
  • Computer Security News
  • Email Scams & Spam
  • Internet Safety
  • Free Software