PHP/ASP/CGI web applications security flaws updated since 10.01.2005
Published:		17.01.2005
Source:
SecurityVulns ID:		4344
Type:		remote
Level:		5/10

Affected:		ZEROBOARD : Zeroboard 4.1
		VBULLETIN : vBulletin 3.0
		INVISION : Invision Power Board 2.0
		ILOHAMAIL : IlohaMail 0.8
		AMPHORA : Amphora Gate StandAlone
		VHCS : Virtual Hosting Control System 2.2
		GREYMATTER : Greymatter 1.3
		WBB : Woltlab Burning Board Lite 1.0
		ALABANZA : AlaCart 2.18
		PHPADSNEW : phpAdsNew 2.0
		PHPNUKE : SGallery 1.01
		BITSHIFTERS : BiTBOARD 2.5
		EMOTION : MediaPartner 5.0
		EMOTION : MediaPartner 5.1
		BOTTOMLINE : Webseries Payment Application
		WBB : Burning Book Lite 1.1
		FORUMKIT : forumKIT 1.0
		HORDE : Horde 3.0
		MPM : MPM Guestbook Pro 1.05
		SITEMAN : Siteman 1.1
		SPARKLEBLOG : SparkleBlog 2.1
		EXBB : ExBB 1.9
		PHPGIFTREQ : phpGiftReq 1.4
		MINIS : Minis 0.2
		ITASTUDIO : ITA Forum 1.49

Original document		SECURITEAM, [EXPL] ITA Forum SQL Injection (17.01.2005)
		Madelman, [Full-Disclosure] Minis directory traversal vulnerability (17.01.2005)
		Madelman, [Full-Disclosure] phpGiftReq SQL Injection (17.01.2005)
		pigrelax, XSS in the nested BB tag in many forum (16.01.2005)
		bugtracklist.fm, Various Vulnerabilities in SparkleBlog (16.01.2005)
		Pedram hayati, XSS Vulnerability in Siteman v1.1.9 (15.01.2005)
		SECUNIA, [SA13849] MPM Guestbook Pro "header" File Inclusion Vulnerability (14.01.2005)
		Hyperdose Security, Cross Site Scripting holes found in Horde 3.0 (14.01.2005)
		SSR Team, STG Security Advisory: [SSA-20050113-25] ZeroBoard multiple vulnerabilities (14.01.2005)
		tom cruise, XSS Vulnerability in ForumKIT (14.01.2005)
		SECUNIA, [SA13794] Dokeos Course Script Insertion Vulnerability (13.01.2005)
		wang_(at)_readyresponse.org, IlohaMail Insecure Configuration Files (13.01.2005)
		Martin Heistermann, Woltlab Burning Book addentry.php SQL Injection (13.01.2005)
		Paul J Docherty, Portcullis Security Advisory 05-010 (13.01.2005)
		Paul J Docherty, Portcullis Security Advisory 05-008 (13.01.2005)
		Paul J Docherty, Portcullis Security Advisory 05-009 (13.01.2005)
		Paul J Docherty, Portcullis Security Advisory 05-007 (13.01.2005)
		Paul J Docherty, Portcullis Security Advisory 05-006 (13.01.2005)
		Paul J Docherty, Portcullis Security Advisory 05-005 (13.01.2005)
		Paul J Docherty, Portcullis Security Advisory 05-004 (13.01.2005)
		Paul J Docherty, Portcullis Security Advisory 05-003 (13.01.2005)
		Paul J Docherty, Portcullis Security Advisory 05-001 (13.01.2005)
		Martin Heistermann, Security Advisory: BiTBOARD xss (13.01.2005)
		Janek Vind, [waraxe-2005-SA#039] - Critical Sql Injection in Sgallery module for PhpNuke (13.01.2005)
		roman_(at)_mosk.ru, SQL-инъекция в phpAdsNew (13.01.2005)
		SECUNIA, [SA13769] Zeroboard "dir" File Inclusion Vulnerability (11.01.2005)
		durito, уязвимость в AlaCart Version 2.18 (11.01.2005)
		darkhawk matrix, SQL Injection Vulnerability in Invision Community Blog (11.01.2005)
		Martin Heistermann, Security Advisory: Woltlab Burning Board Lite formmail.php XSS (11.01.2005)
		Kernelpanik Labs - Security Lists, [Full-Disclosure] Kernelpanik Labs Digest 2005-1 (10.01.2005)

Discuss:

Read or add your comments to this news (0 comments)