PHP, ASP, CGI web applications security vulnerabilities - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

PHP, ASP, CGI web applications security vulnerabilities
updated since 11.07.2005
Published: 17.07.2005
Source:
SecurityVulns ID: 4978
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected: PHPBB : phpBB 2.0
INVISION : Invision Power Board 2.0
INVISION : Invision Power Board 1.3
HOSTINGCONTROLLE : Hosting Controller 6.1
BLOGTORRENT : BlogTorrent 0.92
REINSVEIEN : DownloadProtect 1.0
IDBOARD : Id Board Free 1.1
SPID : SPiD 1.3
PPA : PPA 0.5
SQUITO : Squito Gallery 1.3
MOODLE : Moodle 1.5
INCREDIBLEINTERA : DragonFly Shopping Cart
PHPYAWP : Yawp 1.0
IPHOTOALBUM : iPhotoAlbum 1.1
SIDV : SiDv 3.0
ETOMITE : Etomite 0.6
PCDOC24 : WPS Web-Portal-System 0.7
EKSTREME : PHP Counter 7.2
PHPSFTPD : PHPsFTPd 0.4
YABBSE : YabbSE 1.5
SIMPLEMESSAGEBOA : Simple Message Board 2.0
WEBEOC : WebEOC 6.0
SEAGULL : Seagull PHP Framework 0.43
CLASS1 : Class-1 0.24
MOOSEGALLERY : MooseGallery 1.02
PHPCOUNTER : PHPCounter 7.2
PHPAUCTION : Phpauction GPL 2.0
EMILDA : Emilda 1.2
USANET : USANet Shopping Mall
USANET : Standard Classified Ads
USANET : MakeBid Standard Auction
USANET : MakeBid Reverse Auction
USANET : MakeBid Deluxe Auction
USANET : Domain Name Auction

Original document Zinho, [HSC Security Group] Invision PowerBoard 1.3.x - 2-x Exploit and Patch (17.07.2005)

durito, �� Web-Portal-System 0.7.0 (16.07.2005)

SECUNIA, [SA15985] USANet Creations Products Shell Command Injection Vulnerability (16.07.2005)

document SECUNIA, [SA15857] Emilda User Management Security Bypass Vulnerability (16.07.2005)

SECUNIA, [SA15967] Phpauction GPL Multiple Vulnerabilities (16.07.2005)

SECUNIA, [SA15816] PHPCounter "EpochPrefix" Cross-Site Scripting Vulnerability (16.07.2005)

SECUNIA, [SA16093] MooseGallery "type" File Inclusion Vulnerability (16.07.2005)

document SECUNIA, [SA16074] Seagull PHP Framework PEAR XML_RPC PHP Code Execution (16.07.2005)

SECUNIA, [SA16075] WebEOC Multiple Vulnerabilities (16.07.2005)

stormhacker_(at)_hotmail.com, XSS in forums Simple Message Board Version 2.0 Beta 1 (15.07.2005)

priestmaster, YaBBSe 1.5.5c Path disclosure problem (15.07.2005)

document Steve, PHPsFTPd - Admin password leak (14.07.2005)

priestmaster, Path Disclosure and XSS problem in PHP Counter 7.2 (14.07.2005)

blahplok_(at)_yahoo.com, WPS Web-Portal-System v.0.7.0 (wps_shop.cgi) remote commands execution vulnerability (14.07.2005)

CENSORED, CSS � etomite v0.6 (14.07.2005)

document CENSORED, SQL �� SiDv v3.0 (14.07.2005)

SECUNIA, [SA16031] iPhotoAlbum File Inclusion Vulnerabilities (13.07.2005)

Stefan Esser, Advisory 10/2005: Yawp/YaWiki Remote URL Include Vulnerability (13.07.2005)

dcrab_(at)_hackerscenter.com, Dragonfly Shopping Cart Multiple vulnerabilities (13.07.2005)

document SECUNIA, [SA16028] Moodle Unspecified Vulnerabilities (12.07.2005)

SECUNIA, [SA16009] Squito Gallery "photoroot" File Inclusion Vulnerability (12.07.2005)

SECUNIA, [SA16011] PPA "config[ppa_root_path]" File Inclusion Vulnerability (12.07.2005)

SECUNIA, [SA15976] Id Board free "f" SQL Injection Vulnerability (12.07.2005)

document SECUNIA, [SA16003] DownloadProtect "file" Disclosure of Sensitive Information (12.07.2005)

Emanuele "MadSheep" Gentili, blogtorrent remote/local user password disclosure (12.07.2005)

kehieuhoc_(at)_yahoo.com, Bug Hosting Controller New (v6.1 - Hotfix 2.1) (12.07.2005)

Fixbugs, phpbb <=2.0.16 bug (11.07.2005)

Files: Installation Path Disclosure Vulnerability phpBB <= 2.0.16
Discuss: Read or add your comments to this news (0 comments)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin