 |
|
|
|
Bea Weblogic application server Server Console crossite scripting updated since 25.05.2005 | | Published: |  | 28.05.2005 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 4823 | | Type: |  | remote | | Level: |  | 5/10 | | Description: |  | Crossite scripting; no session cookie timeout is implemented. |
| ClamAV antivirus MacOS X shell characters problem | | Published: |  | 28.05.2005 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 4836 | | Type: |  | remote | | Level: |  | 6/10 | | Description: |  | Shell characters are not filtered in filename than external 'ditto' command in executed with system(). |
PHP, ASP, CGI web applications security vulnerabilities updated since 23.05.2005 | | Published: |  | 28.05.2005 | | Source: |  | | | SecurityVulns ID: |  | 4815 | | Type: |  | remote | | Level: |  | 5/10 | | Description: |  | PHP inclusions, SQL injections, directory traversals, crossite scripting, etc. |
| Original document |  | SoulBlack Group, PHP Stat Administrative User Authentication Bypass (28.05.2005) |
| |  | Rapigator, [Full-disclosure] Invision Power Board 1.x and 2.x Privilege Escalation Vulnerability (28.05.2005) |
| |  | Alberto Trivero, Microsoft Outlook Express 6.00.2800.1106 (28.05.2005) |
| |  | Nah, [Full-disclosure] XSS Bug in Jaws Glossary Action: ViewTerm ( v 0.4 - 0.5.1 (latest version)) (28.05.2005) |
| |  | SECUNIA, [SA15515] ZonGG "password" SQL Injection Vulnerability (27.05.2005) |
| |  | SECURITEAM, [EXPL] MaxWebPortal Administrator Password Retrieval (Exploit) (27.05.2005) |
| |  | Petey Beege, Invision Power Board 1.* and 2.* Exploit (BID 13529) (27.05.2005) |
| |  | rash ilusion, PHP Injection in PHP Poll Creator (26.05.2005) |
| |  | SECUNIA, [SA15494] FunkyASP AD System "password" SQL Injection Vulnerability (25.05.2005) |
| |  | Kristian Hermansen, [Full-disclosure] Miva Merchant 4.x Tax Calculation Bypass Vulnerability w/ PoC (25.05.2005) |
| |  | Filippo Spike Morelli, Gforge - viewFile.php security flaw (25.05.2005) |
| |  | SECUNIA, [SA15469] NewsletterEz "Password" SQL Injection Vulnerability (24.05.2005) |
| |  | SECUNIA, [SA15452] Blue Coat Reporter Multiple Unspecified Vulnerabilities (24.05.2005) |
| |  | SECURITEAM, [UNIX] WordPress Multiple Vulnerability (wp-trackback.php) (24.05.2005) |
| |  | SECUNIA, [SA15448] Cookie Cart Exposure of Order Notifications and Passwords (23.05.2005) |
| |  | SECUNIA, [SA15443] JiRo's Statistics System "Password" SQL Injection Vulnerability (23.05.2005) |
| |  | SECURITEAM, [UNIX] WebApp Arbitrary Code Execution (apage.cgi, Exploit) (23.05.2005) |
| |  | mircia mircia, PHPMyCart (latest) is vulnerable to XSS (23.05.2005) |
| |  | CENSORED, SQL инъекции в PortailPHP (23.05.2005) |
| |  | Maksymilian Arciemowicz, [SECURITYREASON.COM] PostNuke SQL Injection 0.750=>x (23.05.2005) |
| |  | Maksymilian Arciemowicz, [SECURITYREASON.COM] PostNuke Non Critical SQL Injection and Include 0.760-RC3=>x (23.05.2005) |
| |  | Maksymilian Arciemowicz, [SECURITYREASON.COM] PostNuke XSS and Full path disclosure 0.760RC3=>x (23.05.2005) |
| |  | Maksymilian Arciemowicz, [SECURITYREASON.COM] PostNuke XSS 0.760{RC2,RC3} (23.05.2005) |
|
|
|
|
|
|
|
|