CGI bugs updated since 26.05.2003
Published:		30.05.2003
Source:
SecurityVulns ID:		2844
Type:		remote
Level:		5/10

Affected:		GEEKLOG : Geeklog 1.3
		POSTNUKE : PostNuke 0.7
		GULFTECH : PAFileDB
		BLNEWS : BLNews 2.1
		UPB : Ultimate PHP Board 1.9
		TEXTPORTAL : TextPortál 0.8
		BANDMIN : Bandmin 1.4
		ZEUS : Zeus 4.2
		B2 : b2 cafelog 0.6
		SHOUTBOX : Webfroot Shoutbox 2.32
		YOUNGPIP : Philboard 1.14
		MTECH : P-Synch
CVE:		CVE-2007-0920 (SQL injection vulnerability in philboard_forum.asp in Philboard 1.14 and earlier allows remote attackers to execute arbitrary SQL commands via the forumid parameter.)

Original document		JeiAr, Multiple Vulnerabilities In P-Synch Password Management (30.05.2003)
		aresu_(at)_bosen.net, Philboard Forum Vulnerability (30.05.2003)
		pokleyzz, Webfroot Shoutbox 2.32 directory traversal and code injection. (30.05.2003)
		pokleyzz, b2 cafelog 0.6.1 remote command execution. (30.05.2003)
		pokleyzz, Geeklog 1.3.7sr1 and below multiple vulnerabilities. (30.05.2003)
		JeiAr, PAFileDB SQL Injection Vulnerability & Ratings Cheat Fix (30.05.2003)
		Hugo Vázquez Caramés, Another ZEUS Server web admin XSS! (30.05.2003)
		rkc, Postnuke: path disclosure (0.7.2.3 and prior) (29.05.2003)
		silent needel, Bandmin 1.4 XSS Exploit (29.05.2003)
		bugtracklist.fm, TextPortal Default Password Vulnerability (26.05.2003)
		euronymous, UPB: Discussion Board/Web-Site Takeover (26.05.2003)
		Over_G, PHP source code injection in BLNews (26.05.2003)

Discuss:

Read or add your comments to this news (0 comments)