An SQL injection vulnerability has been reported to affect the 'login.asp' page of bttlxe Forum. The condition is reportedly due to insufficient sanitization of externally supplied data that is used to construct SQL queries. This data may be supplied via the 'password' field during the authentication process. The consequences may vary depending on the particular database implementation and the nature of the specific queries. One scenario reported was bypassing the bttlxe forum authentication system, however other attacks may also be possible. Log into a vulnerable forum using the following password: 'or''='. A username is not required.
Xeneo web server has been reported prone to an undisclosed buffer overflow vulnerability. It has been reported that a specifically crafted HTTP request containing malicious HTTP header information will trigger this condition. Although unconfirmed, this issue may be exploited to execute arbitrary code.
XMB Forum Member.PHP has been reported prone to an SQL injection vulnerability, under certain conditions. The SQL injection vulnerability has been reported to affect the registration page of XMB Forum. This is reportedly due to insufficient sanitization of externally supplied data that is used to construct SQL queries. A remote attacker may take advantage of this issue to inject malicious data into SQL queries, possibly resulting in modification of query logic.
It has been reported that OpenBB does not properly check input passed via the 'member.php' script. Because of this, an attacker may be able to inject arbitrary commands to the database in the context of the bulletin board software. The consequences will vary depending on the underlying database implementation.
The 'shlwapi.dll' dynamic link library causes a calling application to fail when it attempts to render certain malformed HTML tags. This appears to be due to an attempt to perform a string comparison where one of the strings is a null pointer. It has been reported that this vulnerability could not be exploited to cause code execution.
It has been reported that OpenBB does not properly check input passed via the 'board.php' script. Because of this, an attacker may be able to inject arbitrary commands to the database in the context of the bulletin board software. The consequences will vary depending on the underlying database implementation.
It has been reported that a specifically crafted HTTP GET request containing over 4096 bytes of data will trigger this vulnerability. Although absolutely unconfirmed, due to the nature of this vulnerability, memory corruption or arbitrary code execution may also be possible.
AN HTTPd contains a sample script named count.pl that may be used as a web counter. This script does not perform adequate access validation on paths containing directory traversal (../) character seqences. The vulnerable script may be used to overwrite any file to which it has write permissions by supplying that file name as input.
A format string vulnerability has been reported for the mod_ntlm Apache module. The problem occurs when logging authentication strings passed in HTTP requests. By passing malicious format specifiers in a request, it may be possibile for an attacker to corrupt sensitive locations in memory. This may result in a denial of service or under certain circumstances could allow an attacker to execute arbitrary code.
MPCSoftWeb is vulnerable to an unsecured database file vulnerability. Attackers can request the database file located at http://www.example.com/mpcsoftweb_guestbook/database/mpcsoftweb_guestdata.mdb and gain access to sensitive information such as administrative credentials for the guestbook.
Services By CQR