|
Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)
updated since 12.09.2005 | | Published: |  | 17.09.2005 | | Source: |  | | | SecurityVulns ID: |  | 5200 | | Type: |  | remote | | Level: |  | 5/10 | | Description: |  | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
| Affected: |  | AZDG : AzDGDatingLite 2.1 | | | | HOSTINGCONTROLLE : Hosting Controller 6.1 | | | | PUNBB : PunBB 1.2 | | | | SAWMILL : Sawmill 7.1 | | | | ATUTOR : ATutor 1.5 | | | | MYGUESTBOOK : MyGuestbook 0.6 | | | | MALL23 : Mall23 | | | | SAWMILL : Sawmill 7.0 | | | | PHPNUKE : PHP-Nuke 7.8 | | | | SITEINTERACTIVE : Subscribe Me Pro 2.044 | | | | SILVEREX : X-Chat 2.4 | | | | HANDYADDRESSBOOK : Handy Address Book Server 1.1 | | | | TWIKI : TWikiRelease02Sep2004 | | | | DELUXEBB : DeluxeBB 1.0 | | | | NOAH : Classifieds 1.3 | | | | DIGITALSCRIBE : Digital Scribe 1.4 | | | | AEWEBWORKS : aeDating 4.0 | | | | MIVA : MIVA Merchant 5 | | | | TAC : Vista Webstation 3.0 |
| Original document |  | CIRT Advisory, [Full-disclosure] [CIRT.DK - Advisory 37] TAC Vista Webstation 3.0 Directory Traversal bug in webinterface (17.09.2005) |
| | | SECUNIA, [SA16843] PHP-Nuke Unspecified wysiwyg Editor Vulnerabilities (16.09.2005) |
| | | SECUNIA, [SA16841] Digital Scribe "username" SQL Injection (16.09.2005) |
| | | admin_(at)_hyperconx.com, XSS Vulnerability in MIVA Merchant 5 - Includes Fix (16.09.2005) |
| | | alexsrb_(at)_netsite.com, Online Dating Software by AEwebworks - aeDating Script <= 4.0 Version Vulnerability (16.09.2005) |
| | | SECUNIA, [SA16824] Hosting Controller Unspecified Disclosure of Sensitive Information (15.09.2005) |
| | | SECUNIA, [SA16813] ATutor Password Reminder SQL Injection Vulnerability (15.09.2005) |
| | | rod hedor, Remote File Inclusion in MyGuestbook (15.09.2005) |
| | | retrogod_(at)_aliceposta.it, Digital Scribe v1.4 Login Bypass / SQL injection / remote code execution (15.09.2005) |
| | | Sap ., TWiki Remote Command Execution Vulnerability (15.09.2005) |
| | | alireza hassani, SQL injection & XSS in phpoutsourcing Noah's classifieds (15.09.2005) |
| | | SECUNIA, [SA16826] Noah's Classified SQL Injection and Cross-Site Scripting (15.09.2005) |
| | | SECUNIA, [SA16819] DeluxeBB SQL Injection Vulnerabilities (15.09.2005) |
| | | SECUNIA, [SA16820] TWiki "rev" Shell Command Injection Vulnerability (15.09.2005) |
| | | retrogod_(at)_aliceposta.it, ATutor 1.5.1 SQL Injection / Admin credentials disclosure / remote code execution (14.09.2005) |
| | | SECUNIA, [SA16798] Handy Address Book Server SEARCHTEXT Cross-Site Scripting (14.09.2005) |
| | | retrogod_(at)_aliceposta.it, AzDGDatingLite V 2.1.3 remote code execution (13.09.2005) |
| | | povilas_(at)_critical.lt, Denial of service vulnerability in X-Chat for Windows from Silverex.org (13.09.2005) |
| | | h4cky0u, [Full-disclosure] Subscribe Me Pro 2.044.09P and prior Directory Traversal Vulnerability (13.09.2005) |
| | | r.verton_(at)_gmail.com, PHP Nuke <= 7.8 Multiple SQL Injections (13.09.2005) |
| | | Mark Terry, [Full-disclosure] Sawmill XSS vuln (12.09.2005) |
| | | SECUNIA, [SA16775] PunBB Multiple Vulnerabilities (12.09.2005) |
| | | SECUNIA, [SA16778] Mall23 eCommerce "idPage" SQL Injection Vulnerability (12.09.2005) |
|
|
|
|
|
