 |
|
|
|
Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)
updated since 08.08.2005 | | Published: |  | 14.08.2005 | | Source: |  | | | SecurityVulns ID: |  | 5078 | | Type: |  | remote | | Level: |  | 5/10 | | Description: |  | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
| Original document |  | SECURITEAM, [UNIX] Blog Torrent Remote User and Password Disclosure (14.08.2005) |
| | | SECURITEAM, [EXPL] SimplePHPBlog Password Disclosure (Exploit) (14.08.2005) |
| | | SECURITEAM, [EXPL] ezUpload path Parameter Command Execution (Exploit) (14.08.2005) |
| | | almaster_(at)_hotmail.com, SQL in PHPTB Topic Boards 2.0 (14.08.2005) |
| | | SECUNIA, [SA16420] Dev-PHP NULL Character File Display Weakness (13.08.2005) |
| | | SECUNIA, [SA16422] Bloodshed Dev-Pascal NULL Character File Display Weakness (13.08.2005) |
| | | SECUNIA, [SA16398] PHP Designer 2005 NULL Character File Display Weakness (13.08.2005) |
| | | laurent gaffié, Xoops 2.2.1 Full Path Disclosure (12.08.2005) |
| | | phuket, [Full-disclosure] My Bulletin Board RC 4 Vulnerabilities (12.08.2005) |
| | | Alexander Heidenreich, [Full-disclosure] Fudforum: incompletely check of user rights in tree view gaining access to all messages (12.08.2005) |
| | | SECUNIA, [SA16377] MidiCart ASP Shopping Cart SQL Injection Vulnerability (11.08.2005) |
| | | SECUNIA, [SA16389] Gallery PostNuke Integration Security Issue (11.08.2005) |
| | | gb.network_(at)_gmail.com, Full path disclosure in CaLogic 1.22 and possible in older versions. (10.08.2005) |
| | | SECUNIA, [SA16285] EQdkp session.php Session Handling Vulnerability (10.08.2005) |
| | | SECUNIA, [SA16370] VegaDNS "message" Cross-Site Scripting Vulnerability (10.08.2005) |
| | | SECUNIA, [SA16364] Lasso Professional Auth Tag Security Bypass Vulnerability (10.08.2005) |
| | | SECUNIA, [SA16362] cPanel Password Change Privilege Escalation Security Issue (10.08.2005) |
| | | SECUNIA, [SA16375] XMB Forum Server Set Variable Overwrite and SQL Injection (10.08.2005) |
| | | SECUNIA, [SA16388] PHlyMail Unspecified Login Bypass Vulnerability (10.08.2005) |
| | | SECUNIA, [SA16365] Chipmunk Forum "fontcolor" Cross-Site Scripting Vulnerability (09.08.2005) |
| | | SECUNIA, [SA16357] e107 HTML / TXT Attachment Script Insertion Vulnerability (09.08.2005) |
| | | SECUNIA, [SA16348] Invision Power Board HTML / TXT Attachment Script Insertion (09.08.2005) |
| | | SECUNIA, [SA16339] XOOPS PHPMailer and XML-RPC Vulnerabilities (09.08.2005) |
| | | heintz_(at)_hotmail.com, Sql injection and global variables poisoning in XMB Forum 1.9.1 (09.08.2005) |
| | | IDEFENSE, [Full-disclosure] iDEFENSE Security Advisory 08.09.05: AWStats ShowInfoURL Remote Command Execution Vulnerability (09.08.2005) |
| | | retrogod_(at)_aliceposta.it, FunkBoard V0.66CF (possibly prior versions) cross site scripting, possible database username/password disclosure & board takeover,possible remote code execution (09.08.2005) |
| | | SECUNIA, [SA16353] PHPLite Calendar Express Two Vulnerabilities (09.08.2005) |
| | | SECUNIA, [SA16371] FunkBoard Multiple Cross-Site Scripting Vulnerabilities (09.08.2005) |
| | | SECUNIA, [SA16351] phpIncludes News System SQL Injection Vulnerability (09.08.2005) |
| | | SECUNIA, [SA16329] tDiary Cross-Site Request Forgery Vulnerability (09.08.2005) |
| | | svt_(at)_svt.nukleon.us, [SVadvisory#13] - SQL injection in MYFAQ 1.0 (09.08.2005) |
| | | stormhacker_(at)_hotmail.com, XSS in forums CFBB v1.1.0 (09.08.2005) |
| | | edward11_(at)_postmaster.co.uk, E107 + IPB XSS Exploit (09.08.2005) |
| | | abducter_minds_(at)_yahoo.com, SQL IN Open Bulletin Board (09.08.2005) |
| | | retrogod_(at)_aliceposta.it, Gravity Board X v1.1 multiple vulnerabilities (09.08.2005) |
| | | Christopher Kunz, [Full-disclosure] Advisory 13/2005: Remote code execution in SysCP (08.08.2005) |
|
|
|
|
|
|
|
|
