|
Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)
updated since 29.08.2005 | | Published: |  | 03.09.2005 | | Source: |  | | | SecurityVulns ID: |  | 5157 | | Type: |  | remote | | Level: |  | 5/10 | | Description: |  | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
| Affected: |  | PHPMYADMIN : phpMyAdmin 2.6 | | | | FLATNUKE : Flatnuke 2.5 | | | | PUNBB : PunBB 1.2 | | | | DAMEWARE : Mini Remote Control 4.8 | | | | FREESTYLEWIKI : FreeStyle Wiki 3.5 | | | | PHPFUSION : PHP-Fusion 6.0 | | | | SIMPLEPHPBLOG : SimplePHPBlog 0.4 | | | | NEOCROME : Land Down Under 801 | | | | FUDFORUM : Fud Forum 2.7 | | | | COSMOSHOP : cosmoshop 8.10 | | | | HELPDESK : Hesk 0.92 | | | | PUNBB : PunBB `.1 | | | | SCRIPTCENTER : AutoLinks Pro 2.1 | | | | PHPLDAPADMIN : phpLDAPadmin 0.9 | | | | E107 : e107 0.6 | | | | E107 : e107 0.7 | | | | SIMPLEMACHINE : Simple Machine Forum 1.0 | | | | WEBGUI : WebGUI 6.7 |
| Original document |  | SECUNIA, WebGUI Perl Code Execution Vulnerabilities (03.09.2005) |
| | | Mariano Nuñez Di Croce, CYBSEC - Multiple Vendor Web Vulnerability Scanner Arbitrary Script Injection Vulnerability (03.09.2005) |
| | | ad_(at)_class101.org, [Full-disclosure] Dameware critical hole (03.09.2005) |
| | | Filip Groszynski, CMS Made Simple <= 0.10 - PHP injection (02.09.2005) |
| | | retrogod_(at)_aliceposta.it, Simple Machine Forum 1-0-5 (possibly prior versions) user IP address / information disclosure (02.09.2005) |
| | | poizon_(at)_securityinfo.ru, XSS in GreyMatter blog (02.09.2005) |
| | | retrogod_(at)_aliceposta.it, Flatnuke 2.5.6 (possibly prior versions) Underlying system information disclosure / Administrative & users credentials disclosure (02.09.2005) |
| | | SECUNIA, FreeStyle Wiki Arbitrary Command Injection Vulnerability (31.08.2005) |
| | | Marc Ruef, e107 0.6 forum_post.php create new topics in non-existing forums (31.08.2005) |
| | | retrogod_(at)_aliceposta.it, phpLDAPadmin 0.9.6 - 0.9.7/alpha5 (possibly prior versions) system disclosure, (31.08.2005) |
| | | laurent gaffié, AutoLinks Pro 2.1 (31.08.2005) |
| | | s2b_(at)_hotmail.com, PunBB BBCode IMG Tag Script Injection Vulnerability (31.08.2005) |
| | | s2b_(at)_hotmail.com, Vulnerability in Helpdesk software Hesk 0.92 (31.08.2005) |
| | | 'ken'@FTU , SimplePHPBlog Arbitrary File Deletion and Sample Exploit (30.08.2005) |
| | | l0om, [cosmoshop <= 8.10.78] be the shopadmin in one step (30.08.2005) |
| | | riklaunim_(at)_gmail.com, FUD Forum < 2.7.1 PHP code injection vurnelability (30.08.2005) |
| | | h4cky0u, [Full-disclosure] Land Down Under 801 And Prior Multiple SQL Injection Vulnerabilities (29.08.2005) |
| | | bendeniz_avci_(at)_hotmail.com, Land Down Under (29.08.2005) |
| | | slacker4ever_1_(at)_juno.com, PHP-Fusion <= v6.00.107 XSS exploit (29.08.2005) |
| | | pacifico", 0] //--></script>a, Multiple CMS/Forum Vulnablilties (29.08.2005) |
| | | SECUNIA, [SA16605] phpMyAdmin Two Cross-Site Scripting Vulnerabilities (29.08.2005) |
|
|
|
|
|
