CGI/PHP/ASP bugs updated since 04.01.2005
Published:		09.01.2005
Source:
SecurityVulns ID:		4329
Type:		remote
Level:		5/10

Affected:		VBULLETIN : vBulletin 3.0
		GNU : GNUBoard 3.40
		FLATNUKE : Flatnuke 2.5
		IBPROARCADE : IbProArcade 2.5
		IWEBNEGAR : IwebNegar 1.1
		REVIEWPOST : ReviewPost 2.83
		PHOTOPOST : PhotoPost 4.8
		QWIKIWIKI : QWikiwiki 1.4
		XANGA : Xanga
		B2EVOLUTION : b2evolution 0.9
		SPHPBLOG : SPHPBlog 0.3
		PHPWIND : PHPWind 1.3
		XISC : PRADO 1.5

Original document		SECURITEAM, [NEWS] PRADO 'page' Parameter Allows Code Execution (09.01.2005)
		SECURITEAM, [UNIX] PHPWind Skin Vulnerability (Exploit) (09.01.2005)
		Madelman, Simple PHP Blog directory traversal vulnerability (08.01.2005)
		SECURITEAM, [UNIX] MyCart Discloses Settings Information to Remote Users (07.01.2005)
		Madelman, [Full-Disclosure] Simple PHP Blog directory traversal vulnerability (07.01.2005)
		Rafel Ivgi, [Full-Disclosure] WinHKI - LHA File Incorrect Filename Handeling Leads to Crash/Underflow (07.01.2005)
		SECUNIA, [SA13718] b2evolution "title" SQL Injection Vulnerability (06.01.2005)
		SECUNIA, [SA13722] MyBulletinBoard "uid" SQL Injection Vulnerability (06.01.2005)
		gnaa/rkz, [Full-Disclosure] Xanga Cookie Stealing Vunerability XSS - GNAA Security Center (06.01.2005)
		Madelman, QWikiwiki directory traversal vulnerability (06.01.2005)
		JeiAr, Multiple PhotoPost Pro Vulnerabilities (05.01.2005)
		JeiAr, Serious Vulnerabilities In PhotoPost ReviewPost (05.01.2005)
		SECURITEAM, [EXPL] iWebNegar Configuration Nullification (DoS) (04.01.2005)
		SECURITEAM, [UNIX] SQL Injection Vulnerability in IBProArcade (Arcade.php) (04.01.2005)
		SECURITEAM, [UNIX] vBulletin init.php SQL Injection (specialtemplates) (04.01.2005)
		Pierquinto Manco, Multiple Vulnerabilities in FlatNuke (04.01.2005)
		SSR Team, STG Security Advisory: [SSA-20041224-21] File extensions restriction bypass vulnerability in GNUBoard (04.01.2005)

Discuss:

Read or add your comments to this news (0 comments)