HNS MAIN FEED
Saturday, 01:37 EST
- Zero-day vulnerabilities in Firefox extensions discovered
- Three charged with Comcast.net hijacking
- Cloud computing security benefits, risks and recommendations
- Poisoned Google search results
- World’s first wireless USB external hard drive
- A look at Securitybyte & OWASP AppSec Asia Conference 2009
- Biggest threats to federal systems and critical infrastructure
- Are 64-bit Windows inherently safer?
- NSA on cyber attacks and Microsoft collaboration
- New books: ModSecurity, Snow Leopard, social Web applications
- Vulnerability in IBM SolidDB memory caching software
- Two arrested for Zbot Trojan
OpenDocMan Cross-Site Scripting and SQL Injection
06 November 2009
OpenDocMan is a PHP-based open-source document manager. The application is exposed to multiple cross-site scripting issues and an SQL injection issue that affects the "Username" parameter when logging in to the application because of insufficient input validation. OpenDocMan versions 1.2.5 is affected by these issues.
Ref: http://securityreason.com/wlb_show/WLB-2009100041
09.44.80 - CVE: Not Available
Platform: Web Application - SQL Injection
Ref: http://securityreason.com/wlb_show/WLB-2009100041
09.44.80 - CVE: Not Available
Platform: Web Application - SQL Injection