Forum - Computer security: vulnerabilities and exploits database

[EN] securityvulns.ru
no-pyccku

CGI bugs
updated since 02.12.2003
Published: 11.12.2003
Source:
SecurityVulns ID: 3288
Type: remote
Level: 5/10

Affected: XOOPS : xoops 2.0
XOOPS : xoops 1.3
VPASP : VP-ASP Shopping Cart 5.0
SURFBOARD : Surfboard 1.1
AESTHETIC : Jason Maloney's CGI Guestbook 3.0
CUTEPHP : CuteNews 1.3
ALABANZA : AlaCart 1.0
BITFOLGE : Snif 1.2
TODSAH : PieterPost 0.10
RNN : RNN Guestbook 1.2
ALANWARD : Alan Ward Acart 2.0
NEOCROME : Land Down Under 601
BMCWEB : BNCweb
MAMBOSERVER : Mambo Server 4.0
MAMBOSERVER : Mambo Server 4.5
FREESCRIPTS : VisitorBook LE

Original document Paul Johnston, Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax) (11.12.2003)

Chintan Trivedi, Mambo Open Source 4.0.14 SQL injection (11.12.2003)

Security Corporation Security Advisory, [SCSA-023] Multiple vulnerabilities in Mambo Server (11.12.2003)

document Matthias Bethke, BNCweb File Disclosure Vulnerability (09.12.2003)

SECURITEAM, [UNIX] Snif Script Cross Site Scripting Vulnerability (09.12.2003)

SECURITEAM, [UNIX] Land Down Under auth.php SQL Injection (09.12.2003)

Shaun Moore, Jason Maloney's Guestbook XSS Vulnerability. (09.12.2003)

document Xnuxer Research Laboratory, Cross Site Scripting in VP-ASP (09.12.2003)

Security Corporation Security Advisory, [SCSA-022] Multiple vulnerabilities in Xoops (06.12.2003)

parag0d_(at)_phreaker.net, Improper authentication checking in Alan Ward Acart (05.12.2003)

parag0d_(at)_phreaker.net, XSS vulnerabilities in register.asp in Alan Ward Acart (05.12.2003)

document parag0d_(at)_phreaker.net, Plaintext Vulnerability in Alan Ward Acart (05.12.2003)

parag0d_(at)_phreaker.net, XSS Vulnerabilities in Alan Ward Acart (05.12.2003)

Martin Mačok, XBoard < 4.2.7: pxboard insecure tmp file handling (05.12.2003)

Peter Winter-Smith, eZphotoshare Multiple Overflow Vulnerabilities (04.12.2003)

document SECURITEAM, [UNIX] RNN's Guestbook Multiple Vulnerabilities (03.12.2003)

datasink_(at)_op.pl, Pieterpost - access to "vitual" account (02.12.2003)

SECURITEAM, [UNIX] Snif File Disclosure Vulnerability (02.12.2003)

SECURITEAM, [NEWS] Alabanza AlaCart SQL Injection Vulnerability (02.12.2003)

document Securiteinfo.com, [Full-Disclosure] Cutenews 1.3 information disclosure (02.12.2003)

Shaun Moore, Jason Maloney's CGI Guestbook Remote Command Execution Vulnerability. (02.12.2003)

Luigi Auriemma, Surfboard <= 1.1.8 vulns (02.12.2003)

S-Quadra Security Research, Virtual Programming VP-ASP Shopping Cart 5.0 multiple SQL Injection Vulnerabilities (02.12.2003)

Discuss: Read or add your comments to this news (0 comments)

Show		Threads
		Messages


Login:*		(Register)
Password:*
(private)	To:
(reply)	Subject:*
Text:

Main Forum (Eng) General security questions not appropriate for another forums.	3proxy Forum (Eng) All 3proxy question must be posted to this forum.	Bugs, Vulnerabilities, PoCs and Exploits (Eng) All vulnerability related questions, vulnerability digging and exploit creation.	Windows programming and administration (Eng) Administering Windows and application development.	Unix programming and administation (Eng) Administering Unix and application development.	Test forum Please post all test messages here. All test messages from different forums will be deteted.
Main Forum (Rus)	3proxy Forum (Rus)	Bugs, Vulnerabilities, PoCs and Exploits (Rus)	Windows programming and administration (Rus)	Unix programming and administation (Rus)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin