PHP, ASP, CGI web applications security vulnerabilities - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

PHP, ASP, CGI web applications security vulnerabilities
updated since 18.07.2005
Published: 22.07.2005
Source:
SecurityVulns ID: 5014
Type: remote
Level: 5/10

Affected: PHPBB : phpBB 2.0
OPENBB : OpenBB 1.0
UPB : Ultimate PHP Board 1.9
CUTEPHP : CuteNews 1.3
VPASP : VP-ASP 5.0
PHPNEWS : PHPNews 1.2
HOSTINGCONTROLLE : Hosting Controller 6.1
PHPFUSION : PHP-Fusion 6.0
PHPPGADMIN : phppgadmin 3.5
PHPSLASH : phpSlash 0.7
PHPSLASH : phpSlash 0.8
PHPPAGEPROTECT : PHPPageProtect 1.0
CALOGIC : CaLogic 1.2
PHPFINANCE : PHPFinance 0.3
SEOBOARD : Seo-Board 1.0
E107 : e107 0.6171
REVIEWPOST : ReviewPost PHP PRO 2.0
DVBBS : Dvbbs 7.1
PHPSURVEYOR : PHP Surveyor 0.98
CONTREXX : Contrexx 1.0
HITACHI : Groupmax Web Workflow Server Set for Active Server Pages 6.52
HITACHI : Groupmax Form for Active Server Pages 3.10
PYROX : Pyrox Search 1.05
CMSIMPLE : CMSimple 2.4
DXXO : dxxo Count Web Statistics
PHPSITESEARCH : PHPSiteSearch 1.7
SENDCARD : sendcard 3.0
CYBERSOURCE : Business Center

Original document No Sue Please, [Full-disclosure] User privilege escalation exploit. (22.07.2005)

SECUNIA, [SA16165] sendcard "id" SQL Injection Vulnerability (22.07.2005)

SECUNIA, [SA16148] PHPNews "user" and "password" SQL Injection Vulnerability (22.07.2005)

SECUNIA, [SA16149] phpBB BBcode "url" Script Insertion Vulnerability (22.07.2005)

document SECUNIA, [SA16156] PHPSiteSearch "query" Cross-Site Scripting Vulnerability (22.07.2005)

SECUNIA, [SA16143] dxxo Count Web Statistics SQL Injection Vulnerability (22.07.2005)

SECUNIA, [SA16144] Ultimate PHP Board Cross-Site Scripting and Script Insertion (22.07.2005)

SECUNIA, [SA16147] CMSimple "search" Cross-Site Scripting Vulnerability (22.07.2005)

document SECUNIA, [SA16154] Pyrox Search "whatdoreplace" Cross-Site Scripting Vulnerability (22.07.2005)

SECUNIA, [SA16135] Hitachi Groupmax Form and Web Workflow Server Set Denial of Service (22.07.2005)

Christopher Kunz, [Full-disclosure] Advisory 11/2005: Multiple vulnerabilities in Contrexx (22.07.2005)

document morning_wood, [Full-disclosure] PHPTopSites (22.07.2005)

r_i_t_b_15_(at)_yahoo.com, SQL Injection in Chinese ASP Webcounter (21.07.2005)

ghc_(at)_ghc.ru, PHPNews SQL injection vulnerability (21.07.2005)

PHPBB, phpBB 2.0.17 released (21.07.2005)

thegreatone2176_(at)_yahoo.com, Multiple Vulnerabilities in PHP Surveyor (21.07.2005)

document SECUNIA, [SA16096] PHP-Fusion BBcode "color" CSS Code Insertion Vulnerability (20.07.2005)

SECURITEAM, [EXPL] phpSlash Account Hijacking (Exploit) (20.07.2005)

SECUNIA, [SA16131] DVBBS "showerr.asp" Cross-Site Scripting Vulnerability (20.07.2005)

SECUNIA, [SA16134] ReviewPost PHP Pro "sort" SQL Injection Vulnerability (20.07.2005)

document SECUNIA, [SA16129] CuteNews "selected_search_arch" Cross-Site Scripting Vulnerability (20.07.2005)

SECUNIA, [SA16117] e107 Nested BBcode Script Insertion Vulnerability (20.07.2005)

SECURITEAM, [EXPL] OpenBB CID SQL Injection (Exploit) (20.07.2005)

SECUNIA, [SA16051] SEO-Board "smilies_popup.php" Cross-Site Scripting (19.07.2005)

document SECUNIA, [SA13276] PHPFinance Logon Bypass Vulnerability (19.07.2005)

SECUNIA, [SA16090] CaLogic "CLPATH" Arbitrary File Inclusion Vulnerability (19.07.2005)

SECUNIA, [SA16110] PHPPageProtect Cross-Site Scripting Vulnerabilities (19.07.2005)

DEBIAN, [SECURITY] [DSA 759-1] New phppgadmin packages fix directory traversal vulnerability (19.07.2005)

document SECUNIA, [SA16115] Hosting Controller Multiple Vulnerabilities (18.07.2005)

SECUNIA, [SA16104] VP-ASP Shopping Cart SQL Injection Vulnerabilities (18.07.2005)

Files: OpenBB CID SQL Injection Exploit
Discuss: Read or add your comments to this news (0 comments)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin