dotProject SQL Injection and Cross-Site Scripting

dotProject SQL Injection and Cross-Site Scripting
BugsAlert Home > dotProject SQL Injection and Cross-Site Scripting




C1c4Tr1Z has discovered some vulnerabilities in dotProject, which can be exploited by malicious users to conduct SQL injection attacks, and by malicious people to conduct cross-site scripting attacks. Be sure to check if your system is missing security updates or have insecure applications installed: http://secunia.com/software_inspector/ Feature Overview - The Secunia Software Inspector: * Detects insecure versions of applications installed * Verifies that all Microsoft patches are applied * Assists you in updating your system and applications * Runs through your browser. No installation or download is required. Original Source: http://secunia.com/advisories/31681/ Learn more about dotProject SQL Injection and Cross-Site Scripting


Tags: dotproject sql injection cross-site scripting

Related Items
Akamai Technologies Security Advisory 2008-0001 (Download Manager)
FrSIRT - rPath Security Update Fixes GD Arbitrary Code Execution Vulnerability
Bugtraq: [ GLSA 200809-09 ] Postfix: Denial of Service
H-Sphere webshell4 "login.php" Cross-Site Scripting
Mandriva: Subject: [Security Announce] [ MDVSA-2008:245 ] firefox
Slackware update for libxml2
Trojan-Downloader.VBS.Agent.fd