SQL injection vulnerability in news_popup.php in Taboada MacroNews 1.0 allows remote authenticated users to execute arbitrary SQL commands via the id parameter.
CVE-2014-10033
SQL injection vulnerability in the update_zone function in catalog/admin/geo_zones.php in osCommerce Online Merchant 2.3.3.4 and earlier allows remote administrators to execute arbitrary SQL commands via the zID parameter in a list action.
CVE-2014-10034
Multiple SQL injection vulnerabilities in the admin area in couponPHP before 1.2.0 allow remote administrators to execute arbitrary SQL commands via the (1) iDisplayLength or (2) iDisplayStart parameter to (a) comments_paginate.php or (b) stores_paginate.php in admin/ajax/.
CVE-2014-10035
Multiple cross-site scripting (XSS) vulnerabilities in the admin area in couponPHP before 1.2.0 allow remote administrators to inject arbitrary web script or HTML via the (1) sEcho parameter to comments_paginate.php or (2) stores_paginate.php or the (3) affiliate_url, (4) description, (5) domain, (6) seo[description], (7) seo[heading], (8) seo[title], (9) seo[keywords], (10) setting[logo], (11) setting[perpage], or (12) setting[sitename] to admin/index.php.
CVE-2014-10036
Cross-site scripting (XSS) vulnerability in JetBrains TeamCity before 8.1 allows remote attackers to inject arbitrary web script or HTML via the cameFromUrl parameter to feed/generateFeedUrl.html.
CVE-2014-10037
Directory traversal vulnerability in DomPHP 0.83 and earlier allows remote attackers to have unspecified impact via a .. (dot dot) in the url parameter to photoalbum/index.php.
CVE-2014-10038
SQL injection vulnerability in agenda/indexdate.php in DomPHP 0.83 and earlier allows remote attackers to execute arbitrary SQL commands via the ids parameter.
3 social media dangers to avoid
Included below are three different social media dangers that can become a problem from time to time.
Fake Influence – That Twitter account with tens of thousands of followers must be legitimate and interesting, right? Not always. While follower counts can sometimes indicate influence, they’re not a perfect measuring stick. Scammers or companies trying to promote their products in deceptive ways can create fake accounts and then buy followers in a way that’s just about as easy as buying something from Amazon. Try to look beyond the follower count to see if someone or something is really worth following. For example, who follows them, and what are they posting about? Also, how long has the account been active?
Trolling – An online troll can basically be described as someone who’s trying to cause problems online. This can sometimes just prove to be an inconvenience, but in many cases, the activity crosses over into harassment that can be very hurtful. We’ve all seen comments on social media that demonstrate this behavior. Many times they come from people who are deliberately trying to hide their real identity. It can be tempting to respond to these posts, but there’s a saying that says that you shouldn’t feed the trolls, which means that you shouldn’t fall into their trap by responding because it only gives them more to work with.
Catfishing – This refers to the practice of creating a fake identity online in order to try and trick someone into a a romantic relationship. People who do this could be seeking revenge, they might have no self-confidence, or they might just enjoy the entertainment value of it. Either way, if you’re starting to form a romantic relationship online, it’s important to get proof that the person you’re talking to is actually who they say they are.
Those are just three of the problems that can be lurking on social media, but if you know what to watch out for, then you can have a better experience with social media.
The post 3 social media dangers to avoid appeared first on Avira Blog.