FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

lifetype -- ADOdb "server.php" Insecure Test Script Security Issue

Affected packages
lifetype < 1.0.3

Details

VuXML ID 116b0820-d59c-11da-8098-00123ffe8333
Discovery 2006-04-19
Entry 2006-04-27

Secunia reports:

A security issue has been discovered in LifeType, which can be exploited by malicious people to execute arbitrary SQL code and potentially compromise a vulnerable system.

The problem is caused due to the presence of the insecure "server.php" test script.

References

CVE Name CVE-2006-0146
URL http://secunia.com/advisories/17418/
URL http://secunia.com/advisories/19699/