Search:Vulnerability:23.04.2005 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

PHP, ASP, CGI web applications security vulnerabilities
updated since 19.04.2005
Published: 23.04.2005
Source:
SecurityVulns ID: 4708
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, etc.

Affected: GENEWEB : geneweb 4.06
JAWS : jaws 0.4
EGROUPWARE : eGroupWare 1.0
PHPROJEKT : PHPROJEKT 4.2
ONEWORLDSTORE : OneWorldStore
COPPERMINE : Coppermine Photo Gallery 1.3
PHPBB : Knowledge Base MOD
INFO2WWW : info2www 1.2
DUWARE : DuPortal 3.4
KNUSPERLEICHT : Shoutbox SCRIPT 3.0
OCEAN12 : Ocean12 Calendar manager 1.01
AZBB : AZ Bulletin Board 1.0
NETREF : Annuaire Netref 4.2
ECOMMERCECARTS : EcommPro 3
NETMAILSHARE : netMailshare Professional 4.0
WOLTLAB : Woltlab Burning Board 2.3
ASPNUKE : Asp Nuke 0.80
ARGOSOFT : Argosoft Mail Server 1.8
YAZAPORT : E-Cart 1.1

Original document SECUNIA, [SA15054] WebAPP E-Cart Module Shell Command Injection Vulnerability (23.04.2005)

ShineShadow, Multiple vulnerabilities in Argosoft Mail Server 1.8.7.6 (23.04.2005)

dcrab_(at)_hackerscenter.com, Multiple Sql injection and XSS in Asp Nuke 0.80 (Working exploits included) (23.04.2005)

document deluxe_(at)_security-project.org, [SePro Bugtraq] WBB - WoltLab Burning Board <= 2.3.1 - XSS Vulnerability (22.04.05) (23.04.2005)

SECUNIA, [SA15038] netMailshar Professional Two Vulnerabilities (22.04.2005)

piker piker, Vulnerability kali's tagboard (22.04.2005)

SECURITEAM, [NT] OneWorldStore Cross Site Scripting and SQL Injection Vulnerabilities (21.04.2005)

document SECURITEAM, [UNIX] Jaws Cross Site Scripting (GlossaryModel.php) (21.04.2005)

SSC Advisory Notice, Secure Science Corporation Application Software Advisory 055 (21.04.2005)

c0d3r_(at)_ihsteam.com, Ecommerce-Carts SQL injection vulnerability ( IHSTeam ) (21.04.2005)

jaguar, Annuaire Netref v4.2 [ fwrite php ] vulnerability (21.04.2005)

document JeiAr, Multiple Security Issues Found In AZBB (21.04.2005)

JeiAr, Multiple eGroupware Vulnerabilities (21.04.2005)

Zinho, [HSC Security Group] Ocean12 Calendar manager 1.01 SQL injection (20.04.2005)

SECUNIA, [SA15027] PHP Labs proFile "dir" and "file" Cross-Site Scripting (20.04.2005)

document SECUNIA, [SA15009] CityPost Automated Link Exchange "msg" Cross-Site Scripting (20.04.2005)

SECUNIA, [SA15010] CityPost Simple PHP Upload "message" Cross-Site Scripting (20.04.2005)

SECUNIA, [SA15011] CityPost Image Editor Cross-Site Scripting Vulnerabilities (20.04.2005)

document CorryL, [Full-disclosure] Shoutbox SCRIPT <= 3.0.2 Administrative MD5 Username and Password Retrieval (20.04.2005)

dcrab_(at)_hackerscenter.com, DUportal Pro 3.4 has MANY Sql injection and Sql Errors. (20.04.2005)

DEBIAN, [SECURITY] [DSA 712-1] New geneweb packages fix insecure file operations (20.04.2005)

document DEBIAN, [SECURITY] [DSA 711-1] New info2www packages fix cross-site scripting vulnerability (20.04.2005)

Hillel Himovich, UBB Thread printthread.php SQL Injection (20.04.2005)

deluxe_(at)_security-project.org, phpBB - Knowledge Base MOD - SQL-Injection and Full Path Disclosure (19.04.2005)

document GHC team, Vulnerability in Coppermine Photo Gallery 1.3.* (19.04.2005)

Discuss: Read or add your comments to this news (0 comments)

KDE desktop environment PCX graphics format buffer overflow
updated since 12.04.2005
Published: 23.04.2005
Source: FULL-DISCLOSURE
SecurityVulns ID: 4670
Type: library
Level: 6/10
Description: Multiple kimgio image reading vulnerabilities.

Affected: KDE : KDE 3.2
KDE : KDE 3.3
KDE : KDE 3.4

Original document KDE, [KDE Security Advisory]: kimgio input validation errors (23.04.2005)

SUSE, [Full-disclosure] SUSE Security Announcement: various KDE security problems (SUSE-SA:2005:022) (12.04.2005)

Discuss: Read or add your comments to this news (0 comments)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin