Office Web Components Flaw Used in SQL Injection Attacks

Attackers have begun using the unpatched vulnerability in Microsoft’s Office Web Components in SQL injection attacks. The vulnerability, which only became public this week, affects millions of users running a number of different versions of Windows, Office and Internet Explorer. The SANS Internet...

Mozilla Foundation Security Advisory 2009-18

Mozilla Foundation Security Advisory 2009-18 Title: XSS hazard using third-party stylesheets and XBL bindings Impact: Low Announced: April 21, 2009 Reporter: Cefn Hoile Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.0.9 Description Web developer Cefn Hoile reported that sites which...

Pixie CMS XSS / SQL Injection

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Pixie CMS Multiple Vulnerabilities Pixie is a "free, open source web application that will help you quickly create your own website. Many people refer to this type of software as a 'content management system cms'" http://www.getpixie.co.uk. Pixie is...

phpMyAdmin: SQL injection vulnerability

Background phpMyAdmin is a free web-based database administration tool. Description Richard Cunningham reported that phpMyAdmin uses the $REQUEST variable of $GET and $POST as a source for its parameters. Impact An attacker could entice a user to visit a malicious web application that sets an...

CVE-2007-6550

form.php in PMOS Help Desk 2.4 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to conduct eval injection attacks and execute arbitrary PHP code via the options array parameter...

SA-2007-031 - Drupal core - SQL Injection possible when certain contributed modules are enabled

The function taxonomyselectnodes directly injects variables into SQL queries instead of using placeholders. While taxonomy module itself validates the input passed to taxonomyselectnodes, this is a weakness in Drupal core. Several contributed modules, such as taxonomymenu, ajaxLoader, and ubrowse...

openSUSE 10 Security Update : phpMyAdmin (phpMyAdmin-3990)

Multiple bugs in phpMyAdmin could lead to cross-site-scripting XSS attacks, injection of JavaScript code or to crashing the php interpreter. CVE-2007-1325,PMASA-2007-1,PMASA-2007-2,PMASA-2007-3,PMASA- 2007-4 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...

greensql-xss.txt

Site: http://greensql.net/ live-demo: http://demo.greensql.net/ Platform: alls Bug: permanent xss Special condition: none Impact : semi-critical ------------------------------------------------------- 1 Introduction 2 Bug 3 Proof of concept 4 Credits =========== 1 Introduction =========== GreenSQ...

MSMAX BLOG vulnerability generally experience-vulnerability warning-the black bar safety net

Say I have a domain name, http://www.yylover.com（'s the AD: I had previously done a website but feel bad, so I want to use the BLOG program. I don't like large BLOG program, like a small BLOG. So go to chinaz. com one search the Find a suitable own ASP—BLOG program, had wanted to use PHP, but my...

EPortfolio 1.0 - Client-Side Input Validation

source: https://www.securityfocus.com/bid/22829/info ePortfolio is prone to a client-side input-validation vulnerability because the application fails to sufficiently sanitize user-supplied data. An attacker can exploit this issue to perform various attacks that are caused by input-validation...

PHPWIND2.02 & PHPWIND3.31ce权限提升漏洞

主要的原因是在于Job.php中产生的,但是操作的行为却在很大程度上迷惑了许多人,包括我在测试漏洞的时候都认为是Profile.php中的$Proicon变量引起的. 其实这个变量确实存在问题,而且可以直接导致一些恶意事件的发生.但是利用的两方面,一个是在Php中组合字符串,形成我们要说的漏洞,另外一个则是形成了删除任意文件的漏洞... 首先我们需要看看漏洞形成,在profile.php中的$proicon中,变量没有经过任何处理直接提交,系统中的变量经过了PHP的GPC转义.到了MySQL中一个XSS隐患.这是最重要的...

lintah_|adv|_01@2006>=========<[Aura-CMS v1.62]<===>[XSS vulnerable]&[bug]

by : iFX a.k.a inversFX [email protected] [email protected] ------------------------------- locate : Indonesia, Jakarta -------------------------------- date : 29/06/2006 -------------------------------- title : XSS on CMS Aura v1.62 -------------------------------- Developer CMS : Arif...

Pre Shopping Mall 1.0 - Multiple Input Validation Vulnerabilities

Pre Shopping Mall 1.0 Multiple Input Validation Vulnerabilities. Webapps exploit for php platform source: http://www.securityfocus.com/bid/18706/info Pre Shopping Mall is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize...

[Full-disclosure] rPSA-2006-0080-1 postgresql postgresql-server

rPath Security Advisory: 2006-0080-1 Published: 2006-05-24 Products: rPath Linux 1 Rating: Severe Exposure Level Classification: Local System User Deterministic Vulnerability Updated Versions: postgresql=/conary.rpath.com@rpl:devel//1/8.1.4-1-0.1...

CVE-2004-2017

CVE-2004-2017 covers multiple XSS vulnerabilities in Turbo Traffic Trader C (TTT-C) 1.0. Remote attackers can inject HTML/script via (1) the link parameter to ttt-out, (2) the X-Forwarded-For header to ttt-in, (3) the Referer header to ttt-in, or (4) the site name and (5) site URL fields in the m...

eGroupWare 1.0 - sitemgr-siteindex.php?category_id Cross-Site Scripting

eGroupWare 1.0 - sitemgr-siteindex.php?categoryid Cross-Site Scripting source: https://www.securityfocus.com/bid/13212/info eGroupWare is prone to multiple input validation vulnerabilities. A fixed version is available. The issues arise due to a failure of the application to properly validate...

CubeCart 2.0.x - 'view_cart.php?add' Full Path Disclosure

source: https://www.securityfocus.com/bid/13050/info CubeCart is reported prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. These issues affect the 'index.php',...

phpCOIN <= 1.2.1b Multiple Vulnerabilities

The remote host is running phpCOIN version 1.2.1b or older. These versions suffer from several vulnerabilities, among them : - A Local File Include Vulnerability An attacker can execute arbitrary code in the context of the web server user by passing the name of a script or file through the 'page'...

[SA14321] Ulog-php SQL Injection Vulnerabilities

TITLE: Ulog-php SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA14321 VERIFY ADVISORY: http://secunia.com/advisories/14321/ CRITICAL: Less critical IMPACT: Manipulation of data WHERE: From local network SOFTWARE: Ulog-php 0.x http://secunia.com/product/4684/ DESCRIPTION: Some vulnerabilities...

Ikonboard ikonboard.cgi Multiple Parameter SQL Injection

The remote server is running IkonBoard, a Web Bulletin Board System written in Perl. The remote version of this software fails to sanitize user-supplied input to multiple variables in the 'ikonboard.cgi' script. An attacker can exploit this flaw to launch SQL injection attacks. %NASLMINLEVEL 7030...