Search:Vulnerability:27.12.2003 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

CGI bugs
updated since 22.12.2003
Published: 27.12.2003
Source:
SecurityVulns ID: 3327
Type: remote
Level: 5/10

Affected: XOOPS : xoops 2.0
OSCOMMERCE : osCommerce 2.2
H6P : BES-CMS 0.4
H6P : BES-CMS 0.5
WEBPUBLISHER : WebPublisher 1.1
JAS : MailList from BulletScript
SADRAVEN : Sad Raven's guestbook 1.1
CYBERCATS : ChitChat Message Board 2.8
SITEINTERACTIVE : Subscribe Me Pro
QUICKSTORE : QuikStore Shopping Cart
BOASTOLOGY : bMachine 2.6
PSYCHOBLOGGER : Psychoblogger
ACTIVECAMPAIGN : Knowledge Builder
OPENBB : OpenBB 1.06

Original document n.teusink_(at)_planet.nl, OpenBB 1.06 SQL Injection (27.12.2003)

Zero-X ScriptKiddy, Remote Code Execution in Knowledge Builder. (27.12.2003)

Andrew Smith, Multiple Vulns in Psychoblogger beta1 (27.12.2003)

SECURITEAM, [UNIX] bMachine Cross Site Scripting Vulnerability (24.12.2003)

document Dr`Ponidi Haryanto, QuikStore Shopping Cart Discloses Installation Path & Files to Remote Users (24.12.2003)

JeiAr, osCommerce SQL Injection && DoS && Cross Site Scripting (23.12.2003)

Paul Craig - Pimp Industries, Subscribe Me Pro/Enterprise - Remote Code Execution via Backticked Perl Variable Injection. (22.12.2003)

document Peter Winter-Smith, ProjectForum Multiple Vulnerabilities (22.12.2003)

vLad aka vlbag, Множество уязвимостей в ChitChat Message Board (22.12.2003)

Chintan Trivedi, [Full-Disclosure] XSS vulnerability in XOOPS 2.0.5.1 (22.12.2003)

vLad aka vlbag, Несколько уязвимостей в Sad Raven's Guestbook (22.12.2003)

document vLad aka vlbag, Множество уязвимостей в MailList from BulletScript (22.12.2003)

vLad aka vlbag, Открытый доступ к конфиденциальной информации в WebPublisher v1.1b. (22.12.2003)

Security Corporation Security Advisory, [SCSA-024] BES-CMS including file vulnerability (22.12.2003)

Discuss: Read or add your comments to this news (0 comments)

PServ directory traversal
Published: 27.12.2003
Source: BUGTRAQ
SecurityVulns ID: 3334
Type: remote
Level: 5/10
Description: With // it's possible to traverse webroot.

Affected: PSERV : pServ 3.0

Original document Donato Ferrante, directory traversal bug in Pserv 3.0b2 (27.12.2003)

Discuss: Read or add your comments to this news (0 comments)

Apache mod_php and mod_perl file decriptor leak
updated since 27.12.2003
Published: 22.01.2004
Source: BUGTRAQ
SecurityVulns ID: 3335
Type: local
Level: 5/10
Description: Descriptor leakage allowws to spoof https session in child process.

Affected: APACHE : mod_php 4.2
APACHE : mod_php 4.3
APACHE : mod_perl 1.99

Original document Steve Grubb, Hijacking Apache 2 via mod_perl (22.01.2004)

Steve Grubb, Hijacking Apache 2 via mod_perl (22.01.2004)

Steve Grubb, Hijacking Apache https by mod_php (27.12.2003)

Discuss: Read or add your comments to this news (0 comments)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin