 |
|
|
|
| Fast n Furious DtDNS Updater information leak | | Published: |  | 30.05.2005 | | Source: |  | SECUNIA | | SecurityVulns ID: |  | 4843 | | Type: |  | local | | Level: |  | 5/10 | | Description: |  | Command line arguments are visible in process list. |
| Affected: |  | FASTNFURIOUS : Fast n Furious DtDNS Updater 1.3 |
| Original document |  | SECUNIA, [SA15544] Fast n Furious DtDNS Updater Command Line Argument Disclosure (30.05.2005) |
| Stronghold 2 game DoS | | Published: | | 30.05.2005 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4840 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Allocated memory size is controlled by client. |
| Affected: | | 2KGAMES : Stronghold 2 1.2 |
| Original document | | Luigi Auriemma, [Full-disclosure] Crash in Stronghold 2 1.2 (30.05.2005) |
Nortel VPN routers DoS
updated since 30.05.2005 | | Published: | | 31.05.2005 | | Source: | | SECUNIA | | SecurityVulns ID: | | 4842 | | Type: | | remote | | Level: | | 5/10 | | Description: | | IKE packets with malformed ISAKMP header lead to crash or reboot. |
| Affected: | | NORTEL : Nortel 600 | | | | NORTEL : Nortel 1010 | | | | NORTEL : Nortel 1050 | | | | NORTEL : Nortel 1100 | | | | NORTEL : Nortel 1600 | | | | NORTEL : Nortel 1700 | | | | NORTEL : Nortel 1740 | | | | NORTEL : Nortel 2600 | | | | NORTEL : Nortel 2700 | | | | NORTEL : Nortel 4500 | | | | NORTEL : Nortel 4600 | | | | NORTEL : Nortel 5000 |
| Original document | | Roy Hills, [Full-disclosure] Nortel VPN Router Malformed Packet DoS Vulnerability (31.05.2005) |
| | | SECUNIA, [SA15548] Nortel VPN Routers IKE Packet Handling Denial of Service (30.05.2005) |
PHP, ASP, CGI web applications security vulnerabilities
updated since 30.05.2005 | | Published: | | 03.06.2005 | | Source: | | | | SecurityVulns ID: | | 4841 | | Type: | | remote | | Level: | | 5/10 | | Description: | | PHP inclusions, SQL injections, directory traversals, crossite scripting, etc. |
| Affected: | | PHPBB : phpBB 2.0 | | | | ZEROBOARD : Zeroboard 4.1 | | | | PHPMAILER : PHPMailer 1.7 | | | | PHOTOGRAPHUONTHE : Exhibit Engine 1.22 | | | | PHOTOGRAPHUONTHE : Exhibit Engine 1.54 | | | | PHPTHUMB : phpThumb() 1.5 | | | | LIBERUM : Liberum Help Desk 0.97 | | | | POPPER : Popper 1.41 | | | | FUSE : FUSE 2.3 | | | | MWCHAT : MWChat 6.0 | | | | CUTEPHP : CuteNews 1.3 | | | | PHPCMS : phpCMS 1.2 | | | | HOSTINGCONTROLLE : Hosting Controller 6.1 | | | | E107 : E107 0.617 | | | | MYBLOGGIE : myBloggie 2.1 | | | | PHPMAILER : PHPMailer 1.72 | | | | SEVENGRAFF : NewLife Blogger 3.3 | | | | MYBB : MyBB 1.0 | | | | QUALITEAM : x-cart Gold 4.0 | | | | POWERSCRIPTS : PowerDownload 3.0 | | | | CALENDARIX : Calendarix Advanced | | | | PHPSTAT : phpStat 1.5 | | | | JIRO : JiRo's Upload System 1.0 | | | | EZSCRIPTS : ezUserManager 1.3 | | | | IMAN : I-Man 0.9 | | | | NEXTWEB : NEXTWEB (i)Site | | | | FSWIKI : FSWikiLite 0.0 | | | | FREESTYLEWIKI : FreeStyle Wiki 3.5 | | CVE: |  | CVE-2006-7184 (Multiple PHP remote file inclusion vulnerabilities in Exhibit Engine (EE) 1.22, and possibly earlier, allow remote attackers to execute arbitrary PHP code via a URL in the toroot parameter to (1) fetchsettings.php or (2) fstyles.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.) | | | | CVE-2006-7183 (PHP remote file inclusion vulnerability in styles.php in Exhibit Engine (EE) 1.22 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the toroot parameter.) |
| Original document | | SECUNIA, [SA15596] MWChat "CONFIG[MWCHAT_Libs]" File Inclusion Vulnerability (03.06.2005) |
| | | SECUNIA, [SA15561] FUSE Exposure of Sensitive Information (03.06.2005) |
| | | SECUNIA, [SA15584] Popper "form" File Inclusion Vulnerability (03.06.2005) |
| | | Paul Laudanski, [Full-disclosure] CastleCops phpBB bbcode Input Validation Disclosure (03.06.2005) |
| | | John Cantu, PHP Execution Vulnerability in CuteNews (03.06.2005) |
| | | SECUNIA, [SA15534] phpThumb() "src" Exposure of Sensitive Information (02.06.2005) |
| | | SECURITEAM, [EXPL] myBloggie SQL Injection (Exploit) (02.06.2005) |
| | | SECURITEAM, [EXPL] MyBulletinBoard(MyBB) SQL Injection (Exploit) (02.06.2005) |
| | | Daniel Fabian, [Full-disclosure] SEC-CONSULT SA20050602-2 :: Exhibit Engine Blind SQL Injection (02.06.2005) |
| | | Daniel Fabian, [Full-disclosure] SEC-CONSULT SA20050602-1 :: Arbitrary File Inclusion in phpCMS 1.2.x (02.06.2005) |
| | | B4D$c0Rp, e107 WebPortal (02.06.2005) |
| | | Jim Pangalos, [ZH2005-13SA] NEXTWEB (i)Site website management multiple vulnerabilities (02.06.2005) |
| | | SECUNIA, [SA15543] PHPMailer "Data()" Denial of Service Vulnerability (01.06.2005) |
| | | SECUNIA, [SA15555] Qualiteam X-Cart Gold SQL Injection Vulnerabilities (01.06.2005) |
| | | SECUNIA, [SA15538] FreeStyle Wiki Attachments Script Insertion Vulnerability (01.06.2005) |
| | | SECUNIA, [SA15558] I-Man File Attachments Upload Vulnerability (01.06.2005) |
| | | SECUNIA, [SA15550] ezUserManager Script Insertion and SQL Injection (01.06.2005) |
| | | SECUNIA, [SA15564] JiRo's Upload System "password" SQL Injection Vulnerability (01.06.2005) |
| | | SECURITEAM, [EXPL] ZeroBoard Remote Command Execution (Exploit, preg_replace) (01.06.2005) |
| | | SECURITEAM, [EXPL] phpStat Authentication Bypass Vulnerability (Exploit, Setup.PHP) (01.06.2005) |
| | | Alberto Trivero, Multiple vulnerabilities in MyBulletinBoard (MyBB) 1.00 RC4 (01.06.2005) |
| | | DarkBicho, multiple vulnerability Calendarix Advanced (01.06.2005) |
| | | SoulBlack Group, PowerDownload Remote File Inclusion (01.06.2005) |
| | | CENSORED, Многочисленные уязвимости в x-cart Gold (31.05.2005) |
| | | CENSORED, Multiple vulnerabilities in x-cart Gold (31.05.2005) |
| | | August Christopher, MyBB 1.0 RC4 XSS Bug (31.05.2005) |
| | | Mariano Nuсez Di Croce, CYBSEC - PHPMailer Infinite Loop Denial of Service (30.05.2005) |
| | | SECUNIA, [SA15540] Hosting Controller "jresourceid" SQL Injection Vulnerability (30.05.2005) |
| |
|
| |
