|
CGI bugs
updated since 29.12.2003 | | Published: |  | 12.01.2004 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 3336 | | Type: |  | remote | | Level: |  | 5/10 |
| Affected: |  | PHPGROUPWARE : phpGroupWare 0.9 | | | | GALLERY : Gallery 1.3 | | | | PHORUM : Phorum 3.4 | | | | PHPNUKE : PHP-Nuke 7.0 | | | | PHPBB : phpBB 2.06 | | | | PHPPING : php-ping | | | | MINIBB : miniBB 1.7 | | | | VCARD4J : vCard4J | | | | STOITSOV : EasyDynamicPages 2.0 | | | | INVISION : Invision Power Board 1.3 | | | | POSTNUKE : PostNuke 0.726 | | | | HOTNEWS : HotNews 0.7 | | | | MANLIX : Manlix SW GuestBook 0.5 | | | | VBULLETIN : Vbulletin 2.3 | | | | PROMOSI-WEB : ArdGuest Standard 1.6 | | | | PHPGEDVIEW : PHPGEDVIEW 2.61 | | | | FREZNOSHPO : FreznoShop 1.3 | | | | JITTERBUG : jitterbug 1.6 | | CVE: |  | CVE-2007-0307 (PHP remote file inclusion vulnerability in include/common.php in Poplar Gedcom Viewer 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the env[rootPath] parameter.) |
| Original document |  | DEBIAN, [Full-Disclosure] [SECURITY] [DSA 420-1] New jitterbug packages fix arbitrary command execution (12.01.2004) |
| | | SECURITEAM, [UNIX] FreznoShop Cross Site Scripting Vulnerability (search.php) (09.01.2004) |
| | | Calum Power, Multiple Vulnerabilities in Phorum 3.4.5 (09.01.2004) |
| | | Vietnamese Security Group, Vuln in PHPGEDVIEW 2.61 Multi-Problem (09.01.2004) |
| | | DEBIAN, [Full-Disclosure] [SECURITY] [DSA 419-1] New phpgroupware packages fix unintended PHP execution and SQL injection (09.01.2004) |
| | | Frontal Attack, The Cross Site Scripting inArdGuest Standard (09.01.2004) |
| | | Qianwei Hu, vBulletin Forum 2.3.xx calendar.php SQL Injection (06.01.2004) |
| | | Frontal Attack, cgi bugs (06.01.2004) |
| | | Dariusz 'Officerrr' Kolasinski, HotNews arbitary file inclusion (06.01.2004) |
| | | Security Corporation Security Advisory, [SCSA-025] Invision Power Board SQL Injection Vulnerability (06.01.2004) |
| | | JeiAr, PostNuke Issues (0.726 && Possibly Older) (06.01.2004) |
| | | Security Corporation Security Advisory, [SCSA-025] Invision Power Board SQL Injection Vulnerability (04.01.2004) |
| | | Vietnamese Security Group, include() vuln in EasyDynamicPages v.2.0 (03.01.2004) |
| | | Just1n T1mberlake, Possible XSS vuln in VCard4J (03.01.2004) |
| | | Jay Gates, SQL Injection in phpBB's groupcp.php (30.12.2003) |
| | | Chintan Trivedi, Cross Site Scripting vulnerability in miniBB 1.7 (latest) and earlier (30.12.2003) |
| | | Jens Liebchen, [Full-Disclosure] php-ping: Executing arbritary commands (29.12.2003) |
| | | r00t_(at)_rsteam.ru, PHP-NUKE 7.0 FINAL (and olders) sql injection (29.12.2003) |
|
|
|
|
|
