Forum - Computer security: vulnerabilities and exploits database

[EN] securityvulns.ru
no-pyccku

CGI bugs
updated since 15.08.2002
Published: 25.08.2002
Source: BUGTRAQ
SecurityVulns ID: 2229
Type: remote
Level: 5/10

Affected: CGI : L-Forum 2.4
CGI : mantisbt 0.17
CAFELOG : b2 Weblog Tool 2.06
CGI : php-affiliate 1.0
CGI : Web Shop Manager 1.1
ICEWARP : IceWarp Webmail 3.3
PHPNUKE : PHP-Nuke 5.6
CGI : Bonsai
TOMAHAWK : SteelArrow
PROHOST : FUDforum 2.0
ACHIEVO : Achievo 0.7
ACHIEVO : Achievo 0.8
ACHIEVO : Achievo 0.9
BLAZIX : Blazix 1.2

Original document Auriemma Luigi, Blazix 1.2 jsp view and free protected folder access (25.08.2002)

Jeroen Latour, [Mantis Advisory/2002-07] Bugs in private projects listed on 'View Bugs' (25.08.2002)

Jeroen Latour, [Mantis Advisory/2002-06] Private bugs accessible in Mantis (25.08.2002)

document Jeroen Latour, Arbitrary code execution problem in Achievo (23.08.2002)

Ulf Harnhammar, FUDforum file access and SQL Injection (20.08.2002)

NGSSoftware Insight Security Research, Multiple Buffer Overflow vulnerabilities in SteelArrow (#NISR19082002B) (20.08.2002)

Jeroen Latour, [Mantis Advisory/2002-03] Bug listings of private projects can be viewed through cookie manipulation (20.08.2002)

document Jeroen Latour, [Mantis Advisory/2002-05] Arbitrary code execution and file reading vulnerability in Mantis (20.08.2002)

Jeroen Latour, [Mantis Advisory/2002-01] SQL poisoning vulnerability in Mantis (20.08.2002)

Jeroen Latour, [Mantis Advisory/2002-02] Limiting output to reporters can be bypassed (20.08.2002)

document Jeroen Latour, [Mantis Advisory/2002-04] Arbitrary code execution vulnerability in Mantis (20.08.2002)

Stan Bubrouski, Advisory: Bonsai XSS and Physical Path Revealing Vulnerabilities (20.08.2002)

<-delusion->, PHP-Nuke v5.6 - Users can compromise admin accts. (16.08.2002)

document Ulf Harnhammar, L-Forum XSS and upload spoofing (16.08.2002)

DarC KonQuesT, IceWarp Webmail XSS (16.08.2002)

Tacettin Karadeniz, Web Shop Manager Security Vulnerability (16.08.2002)

MOD, Input validation attack in php-affiliate-v1.0 (16.08.2002)

Matthew Murphy, Multiple Vulnerabilities in CafeLog Weblog Package (15.08.2002)

document Joao Gouveia, mantisbt security flaw (15.08.2002)

Matthew Murphy, L-Forum Vulnerability - SQL Injection (15.08.2002)

Discuss: Read or add your comments to this news (0 comments)

Show		Threads
		Messages


Login:*		(Register)
Password:*
(private)	To:
(reply)	Subject:*
Text:

Main Forum (Eng) General security questions not appropriate for another forums.	3proxy Forum (Eng) All 3proxy question must be posted to this forum.	Bugs, Vulnerabilities, PoCs and Exploits (Eng) All vulnerability related questions, vulnerability digging and exploit creation.	Windows programming and administration (Eng) Administering Windows and application development.	Unix programming and administation (Eng) Administering Unix and application development.	Test forum Please post all test messages here. All test messages from different forums will be deteted.
Main Forum (Rus)	3proxy Forum (Rus)	Bugs, Vulnerabilities, PoCs and Exploits (Rus)	Windows programming and administration (Rus)	Unix programming and administation (Rus)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin