Search:Vulnerability:28.11.2005 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Kadu Gadu-Gadu instant messaging client DoS
Published: 28.11.2005
Source: MGIZOWSKI
SecurityVulns ID: 5484
Type: remote
Level: 5/10
Description: Application hangs on malcrafted message.

Original document Michał Gizowski, Kadu remote DoS (28.11.2005)

Discuss: Read or add your comments to this news (0 comments)

Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)
Published: 28.11.2005
Source:
SecurityVulns ID: 5483
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, mb_send_mail() message headers modification, etc.

Affected: EFICTION : eFiction 2.0
CAFUEGO : SDMS 2.0
ALEXKING : PHP Doc System 1.5
TDSYSTEMS : AD Center 2000 NG Pro
SIMPLEBBS : SimpleBBS 1.1
WEAVERSLAVE : Netzbrett 1.5
SOURCESHOCK : ShockBoard 3.0
SOURCESHOCK : ShockBoard 4.0
REALSOFTSTUDIO : Ugroup 2.6
JBB : JBB 0.9
UPYOURNET : edmoBBS 0.9
TURNK : K-Search 1.0
WWWSEARCHSOLUTIO : Google API Search 1.3
WWWSEARCHSOLUTIO : RevenuePilot 1.2
WWWSEARCHSOLUTIO : SearchFeed 1.3
SCRIPTSTEMPLATES : AllWeb search 3.0
SOURCEWELL : SourceWell 1.3
SOFTBIZSCRIPTS : Softbiz Resource Repository 1.1
NELOGIC : Nephp Publisher 4.5
GEEKLOG : geeklog 1.4
BEDENG : BedengPSP 1.1
PHPNUKE : Top Music module 3.0
13SCRIPTS : Babe Logger 2
ZAINU : Zainu 2.0
ENTERPRISEHEART : Enterprise Connector 1.0
OMISTARKBASE : Omnistar KBase 4.0
ATHENA : Athena 0.1
QNEWS : Q-News 2.0
PHPGREETZ : phpgreetz 0.1
ATLANTISFAQ : AltantisFAQ 3.0
FREEWEBSTAT : FreeWebStat 1.0
PHPWEBSTATISTIK : PHP Web Statistik 1.4
WEBCALENDAR : WebCalendar 1.0
FAQSYSTEMS : FaqRing 3.0

Original document r0t, FaqRing 3.0 SQL inj. vuln. (28.11.2005)

ascii, [Full-disclosure] WebCalendar Multiple Vulnerabilities (28.11.2005)

ascii, [Full-disclosure] Php Web Statistik Multiple Vulnerabilities (28.11.2005)

ascii, [Full-disclosure] Free Web Stat Multiple XSS Vulnerabilities (28.11.2005)

document r0t, AltantisFAQ SQL inj. vuln. (28.11.2005)

SECUNIA, [SA17771] Q-News "id" File Inclusion Vulnerability (28.11.2005)

gb.network_(at)_gmail.com, Remote file include in Q-News (28.11.2005)

gb.network_(at)_gmail.com, Remote file include in phpgreetz (28.11.2005)

gb.network_(at)_gmail.com, Remote file include in Athena (28.11.2005)

document :) :), Randshop all versiyon Sql Эnjection (28.11.2005)

r0t, SDMS 2.0 SQL inj. vuln. (28.11.2005)

r0t, PHP Doc System 1.5.1 Local file inclusion vuln. (28.11.2005)

r0t, ADC2000 NG Pro SQL inj. vuln. (28.11.2005)

r0t, SimpleBBS v1.1 SQL inj. vuln. (28.11.2005)

document r0t, Netzbrett 1.5.1 SQL inj. vuln. (28.11.2005)

r0t, ShockBoard SQL inj. vuln. (28.11.2005)

r0t, Ugroup 2.6.2 SQL inj. vuln. (28.11.2005)

r0t, JBB SQL inj. vuln. (28.11.2005)

r0t, edmoBBS SQL inj. vuln. (28.11.2005)

r0t, K-Search Multiple vuln. (28.11.2005)

document r0t, Google API Search XSS vuln. (28.11.2005)

r0t, RevenuePilot Search Engine XSS vuln. (28.11.2005)

r0t, SearchFeed Search Engine XSS vuln. (28.11.2005)

r0t, AllWeb search SQL inj. vuln. (28.11.2005)

r0t, SourceWell SQL inj. vuln. (28.11.2005)

r0t, Softbiz Resource Repository Script SQL vuln. (28.11.2005)

document r0t, Nephp Publisher v4.5.x SQL inj. vuln. (28.11.2005)

r0t, Geeklog 1.4.x Full Path Disclosure vuln. (28.11.2005)

r0t, BedengPSP sql inj. vuln. (28.11.2005)

r0t, Top Music module for PHP Nuke SQL inj. vuln (28.11.2005)

r0t, Babe Logger V2 Sql inj. vuln. (28.11.2005)

document r0t, Zainu 2.x SQL inj. vuln. (28.11.2005)

r0t, Enterprise Connector SQL inj. vuln (28.11.2005)

r0t, Omnistar KBase SQL inj, vuln. (28.11.2005)

:) :), HPMaker by artmedic webdesign Remote File Inclusion (28.11.2005)

:) :), HUG WEBMASTERWARE ADMARKT all versiyon bug (28.11.2005)

document :) :), HUG WEBMASTERWARE ADMARKT all versiyon bug (28.11.2005)

Discuss: Read or add your comments to this news (0 comments)

unalz archiver buffer overflow
updated since 28.11.2005
Published: 31.01.2006
Source: BUGTRAQ
SecurityVulns ID: 5486
Type: remote
Level: 5/10
Description: Buffer overflow on oversized archived file name.

Affected: UNALZ : unalz 0.52

Original document DEBIAN, [SECURITY] [DSA 959-1] New unalz packages fix arbitrary code execution (31.01.2006)

SECUNIA, [SA17774] unalz Filename Handling Buffer Overflow Vulnerability (28.11.2005)

Discuss: Read or add your comments to this news (0 comments)

ktools library buffer overflow
updated since 28.11.2005
Published: 31.05.2006
Source: FULL-DISCLOSURE
SecurityVulns ID: 5485
Type: library
Level: 5/10
Description: VGETSTRING macro buffer overflow.

Affected: MOTOR : motor 3.2
KTOOLS : ktools 0.3

Original document DEBIAN, [Full-disclosure] [SECURITY] [DSA 1083-1] New motor packages fix arbitrary code execution (31.05.2006)

Sieg Fried, [Full-disclosure] ZRCSA-200503 - ktools Buffer Overflow Vulnerability (28.11.2005)

Discuss: Read or add your comments to this news (0 comments)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

test server