Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc) - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)
updated since 31.10.2005
Published: 05.11.2005
Source:
SecurityVulns ID: 5396
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected: PHPBB : phpBB 2.0
VBULLETIN : vBulletin 3.0
MAMBOSERVER : Mambo Server 4.5
INVISION : Invision Power Board 2.0
VCARD : vCard 2.9
SNITZ : Snitz Forums 2000 3.4
JPORTAL : Jportal 2.3
CPANEL : cPanel 10.2
MAILWATCH : MailWatch for MailScanner 1.0
SIMPLEPHP : Simple PHP Blog 0.4
CUREPHP : CuteNews 1.4
INVISION : Invision Gallery 2.0
OABOARD : OaBoard 1.0
ELITEFORUM : Elite Forum 1.0
SUBDREAMER : Subdreamer 2.2
MG2 : MG2 0.5
EYEOS : eyeOS 0.8
BEMOORE : News2Net
VUBB : VUBB
RINGTAIL : CaseBook 6.1
PHPHANDICAPPER : PHP HANDICAPPER
MOVABLETYPE : Movable Type 3.16
PHPWEBTHINGS : phpWebThings 0.4
PHPWEBTHINGS : PHPWebthings 1.4
JELSOFT : vBulletin 3.5
CPANEL : cPanel 10.6

Original document Tim Brown, Portcullis Security Advisory - Movable Type (09.02.2007)

SECUNIA, Secunia Research: cPanel Entropy Chat Script Insertion Vulnerability (05.11.2005)

Anti Matter, [Full-disclosure] Invision Power Board Privilege Escalation (2.0.1 + more) (05.11.2005)

SECUNIA, [SA17359] vBulletin Image Script Insertion Vulnerability (04.11.2005)

document SECUNIA, [SA17410] phpWebThings "forum" SQL Injection Vulnerability (04.11.2005)

SECUNIA, [SA17405] MailWatch for MailScanner Two Vulnerabilities (04.11.2005)

tHe cReW, [Full-disclosure] H4-CREW-000003 Advirosy: Superclick XSS via popup.php (04.11.2005)

Nomen Nescio, [Full-disclosure] Buggy blogging (04.11.2005)

document alireza hassani, Mambo Open Source, Path disclosure (04.11.2005)

retrogod_(at)_aliceposta.it, CuteNews 1.4.1 remote code execution (04.11.2005)

mousehack, JPORTAL Multiple SQL Injection (04.11.2005)

Nenad Jovanovic, Simple PHP Blog: Multiple XSS Vulnerabilities (03.11.2005)

document mousehack, PHP HANDICAPPER Multiple Vulnerability (03.11.2005)

SECUNIA, [SA17383] Ringtail CaseBook Cross-Site Scripting and Username Enumeration (02.11.2005)

SECUNIA, [SA17385] Snitz Forums 2000 "post.asp" Cross-Site Scripting Vulnerability (02.11.2005)

alireza hassani, VUBB XSS & path disclosure Vulnerabilities (02.11.2005)

document mousehack, News2Net SQL Injection (02.11.2005)

SECUNIA, [SA17105] eyeOS Script Insertion and Exposure of User Credentials (01.11.2005)

SECUNIA, [SA17387] ASP Fast Forum "error" Cross-Site Scripting Vulnerability (01.11.2005)

SECUNIA, [SA17378] Subdreamer Login SQL Injection Vulnerabilities (01.11.2005)

document h4cky0u, [Full-disclosure] HYSA-2005-009 Elite Forum 1.0.0.0 XSS Vulnerability (01.11.2005)

abducter_minds_(at)_yahoo.com, SQL IN FORUM.PHP (01.11.2005)

almaster_(at)_hotmail.com, SQL In Invision Gallery 2.0.3 (01.11.2005)

Stefan Esser, [Full-disclosure] Advisory 17/2005: phpBB Multiple Vulnerabilities (31.10.2005)

document sQl_(at)_hotmail.com, uplod phpshell in PHP Advanced Transfer Manager (31.10.2005)

x_(at)_hotmail.com, Remote File Inclusion in vCard :) (31.10.2005)

Preben Nylokken, Vulnerability in MG2 php based Image Gallery - bypass security, view password protected images (31.10.2005)

Discuss: Read or add your comments to this news (0 comments)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

test server