|
Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)
updated since 26.09.2005 | | Published: |  | 30.09.2005 | | Source: |  | | | SecurityVulns ID: |  | 5246 | | Type: |  | remote | | Level: |  | 5/10 | | Description: |  | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
| Affected: |  | JPORTAL : jPortal 2.2 | | | | MANTIS : Mantis 0.19 | | | | PUNBB : PunBB 1.2 | | | | POSTNUKE : PostNuke 0.760 | | | | JPORTAL : Jportal 2.3 | | | | S9Y : Serendipity 0.8 | | | | PHPFUSION : PHP-Fusion 6.0 | | | | PHPMYFAQ : phpMyFAQ 1.5 | | | | MANTIS : Mantis 1.0 | | | | MAXDEV : MD-Pro 1.0 | | | | PERLDRIVER : perldriver 2.0 | | | | MYLITTLEFORUM : My Little Forum 1.5 | | | | ALSTRASOFT : E-Friends 4.0 | | | | MAILGUST : MailGust 1.9 | | | | GESHI : GeSHi 1.0 | | | | CONTENTSERV : ContentServ 3.1 | | | | MALL23 : Mall23 eCommerce 4.10 | | | | ICDEVGROUP : Interchange 5.2 | | | | MOVABLETYPE : Movable Type 3.1 | | | | SEOBOARD : SEO-Board 1.03 | | | | IPB : Riverdark RSS Syndicator 2.1 | | | | PHPZENER : PHP Zener 1.4 | | | | LUCIDCMS : lucidCMS 1.0 | | | | CJDESIGN : CJLinkOut 1.0 | | | | CJDESIGN : CJ Tag Board 3.0 | | | | CJDESIGN : CJ Web2Mail 3.0 | | | | SQMAIL : SquirrelMail Address Add Plugin 2.0 | | | | JSHOP : Jshop Server 1.3 |
| Original document |  | durito, просмотр файлов в JShop Server 1.3.0 (30.09.2005) |
| | | SECURITEAM, [UNIX] MAXdev MD-Pro Multiple Vulnerabilities (Code Execution, Path Disclosure and CSS) (29.09.2005) |
| | | Nenad Jovanovic, [Full-disclosure] Serendipity: Account Hijacking / CSRF Vulnerability (29.09.2005) |
| | | Moritz Naumann, [Full-disclosure] SquirrelMail Address Add Plugin XSS (29.09.2005) |
| | | retrogod_(at)_aliceposta.it, PHP-Fusion v6.00.109 SQL Injection / admin|users credentials disclosure (29.09.2005) |
| | | SECUNIA, [SA16963] CJ Web2Mail Cross-Site Scripting Vulnerabilities (28.09.2005) |
| | | SECUNIA, [SA16966] CJ Tag Board Cross-Site Scripting Vulnerabilities (28.09.2005) |
| | | SECUNIA, [SA16970] CJ LinkOut "123" Cross-Site Scripting Vulnerability (28.09.2005) |
| | | SECUNIA, [SA16945] jPortal Download Search SQL Injection Vulnerability (28.09.2005) |
| | | ghc_(at)_ghc.ru, SEO borad: SQL injection (28.09.2005) |
| | | x1ngbox_(at)_gmail.com, lucidCMS 1.0.11 is susceptible to a cross site scripting attack (28.09.2005) |
| | | Jose Antonio, Mantis Bugtracker - Remote Database Scanner and XSS Vulnerabilities (28.09.2005) |
| | | SECUNIA, [SA16934] IPB Riverdark RSS Syndicator Module Cross-Site Scripting (27.09.2005) |
| | | SECUNIA, [SA16949] SEO-Board admin.php SQL Injection Vulnerability (27.09.2005) |
| | | SECUNIA, [SA16899] Movable Type Multiple Weaknesses and Vulnerabilities (26.09.2005) |
| | | SECUNIA, [SA16923] Interchange Catalog Skeleton SQL Injection and ITL Injection Vulnerabilities (26.09.2005) |
| | | SECUNIA, [SA16908] PunBB Two Vulnerabilities (26.09.2005) |
| | | SECUNIA, [SA16903] Mall23 eCommerce "idOption_Dropdown_2" SQL Injection Vulnerability (26.09.2005) |
| | | qobaiashi_(at)_gmx.net, [Full-disclosure] ContentServ features remote file disclosure (26.09.2005) |
| | | Maksymilian Arciemowicz, [Full-disclosure] GeSHi Local PHP file inclusion 1.0.7.2 (26.09.2005) |
| | | retrogod_(at)_aliceposta.it, My Little Forum 1.5 / 1.6beta SQL Injection (26.09.2005) |
| | | retrogod_(at)_aliceposta.it, MailGust 1.9 SQL Injection (26.09.2005) |
| | | khc_(at)_bsdmail.org, AlstraSoft E-Friends Remote Command Exucetion (26.09.2005) |
| | | retrogod_(at)_aliceposta.it, PhpMyFAQ 1.5.1 multiple vulnerabilities (26.09.2005) |
| | | krasza_(at)_gmail.com, Sql injection in jPortal version 2.3.1 (module download) (26.09.2005) |
| | | retrogod_(at)_aliceposta.it, My Little Forum 1.5 / 1.6beta SQL Injection (26.09.2005) |
| | | morning_wood, [Full-disclosure] perldiver (26.09.2005) |
|
|
|
|
|
