Dark Reading - The Business of IT Security

Dark Reading Registration Ad - Top Left


DATE: May 13, 2008 LIVE EVENT: The Future of Broadband 2008 LOCATION: The Westin Times Square, New York More Information

Home > Events

Events

No events found

Srizbi Botnet Sending Over 60 Billion Spams a Day
New Trojan Masquerades as Free MP3 Player
Crime Server Discovered Containing 1.4 Gigabytes of Stolen Data
MORE KEYHOLE

ENTERPRISE VULNERABILITIES

Vulnerability: Project Alumni Project Alumni
Published: 2008-05-08
Severity: HIGH
Description: sql injection
vulnerability in info.php in
project alumni 1.0.9 allows
remote attackers to execute
arbitrary sql commands via
the id parameter.

Vulnerability: Project Alumni Project Alumni
Published: 2008-05-08
Severity: MEDIUM
Description: cross-site
scripting (xss)
vulnerability in
pages/news.page.inc in
project alumni 1.0.9 allows
remote attackers to inject
arbitrary web script or html
via the year parameter in a
news action to index.php, a
different vector than cve-
2007-6126.

Vulnerability: ScriptsEZ Power Editor
Published: 2008-05-08
Severity: MEDIUM
Description: multiple
directory traversal
vulnerabilities in
editor.php in scriptsez.net
power editor 2.0 allow
remote attackers to read
arbitrary local files via a
.. (dot dot) in the (1) te
and (2) dir parameters in a
tempedit action.

Vulnerability: ScriptsEZ Power Editor
Published: 2008-05-08
Severity: MEDIUM
Description: multiple
cross-site scripting (xss)
vulnerabilities in
editor.php in scriptsez.net
power editor 2.0 allow
remote attackers to inject
arbitrary web script or html
via the (1) te and (2) dir
parameters in a tempedit
action.

Vulnerability: PreProjects.com Pre Shopping Mall
Published: 2008-05-08
Severity: HIGH
Description: sql injection
vulnerability in
emall/search.php in pre
shopping mall 1.1 allows
remote attackers to execute
arbitrary sql commands via
the search parameter.

POWERFUL INFORMATION
AT YOUR FINGERTIPS
(SPONSORED LINKS)

Application Security | Attacks / Exploits / Threats | Authentication | Botnets | Browser security | Computer crime | Consultants | Content filtering | DOS | Encryption | End-user monitoring | Hashing algorithms | Host Protection | IBM | Identity management | Industry Trends | Key management | Law enforcement | Legal & Regulatory Topics | Legislation | Malware | Managed services | Market Research | Messaging Security | Microsoft | Penetration testing | Penetration testing | Perimeter Security | Phishing | Policy management | RSA | Security Administration / Management | Security Industry | Security Services | Social engineering | Spam | Storage Security | Stored data losses | Symantec | Trojans | User privacy | Viruses | Vulnerabilities | Vulnerability assessment | Vulnerability management | Vulnerability Management | Web services security | Wireless security | WLANs | Worms

Dark Reader Weekly Newsletter
Dark Reading Daily Newsletter
MORE INFO

Copyright © 2008 United Business Media LLC - All rights reserved.

Privacy Policy | Terms of Use | Help | Back to Top

RSS FEED | ARCHIVE | FREE NEWSLETTER | ORDER REPRINTS | ADVERTISE WITH US | TECHWEB | CONTACT US | USER PREFERENCES | HELP

Companies

3Com (15), Aventail (7), CA (16), Check Point (29), Cisco (140), Enterasys (5), F-Secure (7), F5 (5), HP (16), IBM (121), Intel (6), ISS (34), Juniper (36), Alcatel-Lucent (2), McAfee (161), Microsoft (1124), NetIQ (2), Nokia (3), Nortel (6), Oracle (41), Qualys (2), RSA (62), Secure Computing (18), Sun (8), Symantec (276), Trend Micro (26), VeriSign (33)

Application and Perimeter Security

802.11x (46), Anomaly detection (74), Anti-spam (135), Application quality assurance (27), Application scanning (138), Auditing (27), AVDL (1), Buffer overflows (101), CERT (7), Consultants (203), Cross-site scripting (158), CVE (7), Database encryption (53), Digital vaults (8), DOS (185), EAP/LEAP (1), Email gateways (187), Encryption (125), Filtering (50), Firewalls (293), FIRST (1), HIPAA (101), Host-based IDS (44), Host/server configuration (15), Host/server encryption (8), IDS (163), IDS (14), IM (69), IPS (263), ISO 17799 (8), Key management (63), Least-privilege user (46), License management (30), Malware (1230), NAC (274), Network IDS (33), NIST (16), OWASP (14), OWASP (10), Patch management (283), PCI (184), Penetration testing (189), Phishing (612), PKI (44), Rootkits (102), SAML (2), Software metering (3), Source-code auditing (72), SOX (85), SSL (171), Systems integrators (8), VPNs (247), Vulnerability assessment (683), Web App Security Consortium (8), Web App Security Consortium (17), Web application firewall (81), Web services security (522), WLANs (342), Worms (268), WPA (15), XML (27)

Desktop Security

Anti-spam (135), Antivirus (338), Application Security (999), Attacks / Exploits / Threats (2371), Authentication (823), Browser security (671), Digital certificates (58), Digital signatures (44), Disk encryption (54), DRM (51), Encryption (564), File/folder encryption (35), Identity management (320), IM (69), Malware (1230), Messaging Security (483), PGP (5), Phishing (612), Rootkits (102), S/MIME (2), Security Administration / Management (1570), Social engineering (321), Spam (643), Spyware (249), Tokens (67), Trojans (333), User privacy (1360), Viruses (353), VOIP security (112), Vulnerabilities (2715), Vulnerability Management (396), Worms (268)

Discovery and management

Anomaly detection (74), Application scanning (138), AVDL (1), Black Hat (108), COBIT (8), Consultants (203), Content filtering (162), CVE (7), End-user monitoring (238), Filtering (50), FISMA (19), HIPAA (101), Host intrusion prevention (104), Host-based IDS (44), IDS (14), IDS (163), IPS (263), ISACA (1), ISO 17799 (8), Log aggregation (51), Network IDS (33), OWASP (14), OWASP (10), PCI (184), Penetration testing (175), Penetration testing (189), SAML (2), SIM/SEM (193), Source-code auditing (72), SOX (85), Vulnerability assessment (683), Vulnerability management (767), Web App Security Consortium (8)

802.11x (46), Application quality assurance (27), Authentication (823), Backup security (63), Biometrics (152), Buffer overflows (101), Digital certificates (58), Disk encryption (54), Encryption (564), End-user monitoring (238), HIPAA (101), Host anti-spam (75), Host anti-spyware (98), Host antivirus (107), Host intrusion prevention (104), Host Protection (460), Host-based IDS (44), Host/server configuration (15), Host/server encryption (8), Host/server patching (9), IDS (14), IEEE (4), ISO 17799 (8), Least-privilege user (46), License management (30), NAC (274), P2P management (28), Patch management (283), PGP (14), Port control (12), Single sign-on (66), Smart cards (75), Software metering (3), SOX (85), Systems integrators (8), TCG (18), Tokens (67), User privacy (1360), Vulnerability Management (396), WPA (15)

Security services

Agency application (2), Application quality assurance (27), Application scanning (138), AVDL (1), COBIT (8), Consultants (203), FISMA (19), HIPAA (101), ISO 17799 (8), Managed services (291), PCI (184), Penetration testing (175), PKI (44), Policy management (440), SIM/SEM (193), Source-code auditing (72), SOX (85), Systems integrators (8)

Storage Security

AES (11), Backup security (63), COBIT (8), Database encryption (53), DES (3), Digital vaults (8), Disk encryption (54), Encryption (125), File/folder encryption (35), FIPS-140-2 (1), FISMA (19), Hashing algorithms (15), HIPAA (101), Host/server encryption (8), Identity management (101), ISO 17799 (8), Key management (63), Law enforcement (922), Legislation (289), Offsite backup (26), PCI (184), PKI (44), SOX (85), Stored data losses (308), Systems integrators (8), Triple DES (3), User privacy (1360)

Wireless Security

802.11x (46), AES (11), Auditing (27), COBIT (8), Credential service provider (8), DES (3), Digital certificates (58), Digital signatures (44), DOS (185), EAP/LEAP (1), FISMA (19), Hashing algorithms (15), HIPAA (101), Host/server encryption (8), IEEE (4), IETF (10), ISO 17799 (8), Key management (63), NAC (274), Network IDS (33), PCI (184), Penetration testing (175), PKI (44), Port control (12), Tokens (67), Triple DES (3), VPNs (247), Vulnerability assessment (683), WLANs (342), WPA (15)