Computer Security

Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)
updated since 22.08.2005
Published:28.08.2005
Source:
SecurityVulns ID:5129
Type:remote
Level:5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:PHPBB : phpBB 2.0
 PAFILEDB : paFileDB 3.1
 VBULLETIN : vBulletin 3.0
 PHPKIT : PHPKIT 1.6
 POSTNUKE : PostNuke 0.760
 COPPERMINE : Coppermine Gallery 1.3
 MANTIS : Mantis 1.0
 NEPHP : Nephp Publisher Enterprise 3.04
 RUNCMS : Runcms 1.2
 AREAEDIT : AreaEdit 0.4
 NETQUERY : Netquery 3.11
 SAVEWEBPORTAL : SaveWebPortal 3.4
 COURIER : SqWebMail 5.0
 FOOJAN : Foojan PHP Weblog
 PHPGRAPHY : phpGraphy 0.9
 GALLERY : Gallery 1.5.1
 YAPIG : YaPiG 0.95
 SIMPLEPHP : Simple PHP Blog 0.4
 PHOTOPOST : PhotoPost PHP Pro 5.1
 AWSTATS : awstats 6.4
 PHPWEBNOTES : phpWebNotes 2.0
 DE-NEEF : Looking Glass 20040427
Original documentdocumentretrogod_(at)_aliceposta.it, Looking Glass v20040427 arbitrary commands execution / cross site scripting (28.08.2005)
 documentCedric Cochin, Multiple PHP Images Galleries EXIF Metadata XSS Vulnerabilities (28.08.2005)
 documentScott Dewey, Simple PHP Blog File Upload and User Credentials Exposure Vulnerabilities (28.08.2005)
 documentnf2, XSS security hole in phpwebnotes. (28.08.2005)
 documentfournaux_(at)_khmerdev.com, AWstats Path Disclosure Vulnerability (28.08.2005)
 documentSECUNIA, [SA16597] PhotoPost PHP Pro EXIF Data Script Insertion Vulnerability (26.08.2005)
 documentSECUNIA, [SA16598] Simple PHP Blog Image File Upload Vulnerability (26.08.2005)
 documentSECUNIA, [SA16594] Gallery EXIF Data Script Insertion Vulnerability (26.08.2005)
 documentSECUNIA, [SA16596] YaPig EXIF Data Script Insertion Vulnerability (26.08.2005)
 documentSECUNIA, [SA16595] phpGraphy EXIF Data Script Insertion Vulnerability (26.08.2005)
 documentSECUNIA, [SA16516] vBulletin BBCode IMG Tag Cross-Site Request Forgery (26.08.2005)
 documentastovidatu_(at)_security-project.org, PaFileDB 3.1 - SQL-Injection (26.08.2005)
 documentSECUNIA, [Full-disclosure] Secunia Research: SqWebMail Attached File Script Insertion Vulnerability (24.08.2005)
 documentSECUNIA, [SA16522] SaveWebPortal Multiple Vulnerabilities (24.08.2005)
 documentSECUNIA, [SA16523] Netquery "host" Parameter Arbitrary Command Execution (24.08.2005)
 documentSECUNIA, [SA16511] AreaEdit SpellChecker Plugin Code Execution Vulnerability (23.08.2005)
 documentSECUNIA, [SA16514] RunCMS SQL Injection and Arbitrary Variable Overwrite Vulnerability (23.08.2005)
 documentMaksymilian Arciemowicz, [SECURITYREASON.COM] Multiple vulnerabilities in PostNuke 0.760-RC4b=>x cXIb8O3.15 (23.08.2005)
 documentphuket, SQL Injection and PHP Code Injection Vulnerabilities in PHPKit 1.6.1 (23.08.2005)
 documentbl2k_(at)_shabgard.org, Nephp Publisher Enterprise 3.04 Cross Site Scripting (22.08.2005)
 documentSECUNIA, [SA16506] Mantis Cross-Site Scripting and SQL Injection Vulnerabilities (22.08.2005)
 documentSECUNIA, [SA16499] Coppermine Photo Gallery EXIF Data Script Insertion (22.08.2005)
 documenth4cky0u, [Full-disclosure] BBCode [IMG] [/IMG ] Tag Vulnerability (22.08.2005)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server