PHP, ASP, CGI web applications security vulnerabilities - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

PHP, ASP, CGI web applications security vulnerabilities
updated since 21.02.2005
Published: 27.02.2005
Source:
SecurityVulns ID: 4510
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, etc.

Affected: PHPBB : phpBB 2.0
VBULLETIN : vBulletin 3.0
PHPNUKE : PHP-Nuke 7.4
MEDIAWIKI : MediaWiki 1.3
PHPMYADMIN : phpMyAdmin 2.6
MAMBO : Mambo 4.5
PANEWS : paNews 2.0
WEBCONNECT : WebConnect 6.4
WEBCONNECT : WebConnect 6.5
INL : Ulog-php 1.0
IRM : IRM 1.5
VERITY : Ultraseek 5.3
IGENERIC : iGeneric eShop 1.2
PBLANG : PBLang 4.65
CYCLADES : AlterPath Manager 1.2
GINP : ginp 0.21
CHATANYWHERE : Chat Anywhere 2.72
PUNBB : PunBB 1.2
PHPWEBSITE : phpWebSite 0.10
TWIKI : ImageGalleryPlugin 1.0

Original document HaCkZaTaN, -==phpBB 2.0.12 Full path disclosure==- (27.02.2005)

kreon, PHP-Nuke 7.4 WebLinks SQL-Injection (27.02.2005)

SECUNIA, [SA14384] TWiki ImageGalleryPlugin Shell Command Injection (25.02.2005)

HaCkZaTaN, phpWebSite 0.10.0 Full Path disclosure (25.02.2005)

document John Gumbel, Multiple vulns in punBB (25.02.2005)

Maksymilian Arciemowicz, [SECURITYREASON.COM] phpMyAdmin 2.6.1 Remote file inclusion and XSS cXIb8O3.4 (25.02.2005)

tjomka_(at)_navigator.lv, phpWebSite-0.10.0_exploit (25.02.2005)

tjomka_(at)_navigator.lv, phpWebSite-0.10.0 эксплоит (25.02.2005)

document SECUNIA, [SA14382] phpMyAdmin Local File Inclusion and Cross-Site Scripting (24.02.2005)

SECUNIA, [SA14385] Chat Anywhere User Credentials Disclosure (24.02.2005)

SECUNIA, [SA14373] ginp Directory Traversal Vulnerability (24.02.2005)

sullo, [Full-Disclosure] Cyclades AlterPath Manager Vulnerabilities (24.02.2005)

document Raven, Software PBLang 4.65 pm.php XSS vulnerability (24.02.2005)

Raven, Software PBLang 4.65 pmpshow.php XSS vulnerability (24.02.2005)

Raven, Software PBLang 4.65 search.php XSS vulnerability (24.02.2005)

IDEFENSE, iDEFENSE Security Advisory 02.22.05: phpBB Group phpBB2 Arbitrary File Unlink Vulnerability (24.02.2005)

document pokleyzz, [SCAN Associates Security Advisory] vbulletin 3.0.6 and below php code injection (24.02.2005)

John Cobb, [NOBYTES.COM: #5] iGeneric eShop 1.2 - Information Disclosure & Possible SQL Injection (24.02.2005)

IDEFENSE, iDEFENSE Security Advisory 02.22.05: phpBB Group phpBB Arbitrary File Disclosure Vulnerability (24.02.2005)

document matrix_killer ma3x, PHPBB 2.0.12 bug (24.02.2005)

SECUNIA, [SA14367] Verity Ultraseek Search Request Cross-Site Scripting (22.02.2005)

pokleyzz, [Full-Disclosure] : [SCAN Associates Security Advisory] vbulletin 3.0.6 and below php code injection (22.02.2005)

SECUNIA, [SA14360] MediaWiki Multiple Vulnerabilities (22.02.2005)

document SECUNIA, [SA14362] phpBB Avatar Functions Information Disclosure and Deletion (22.02.2005)

SECUNIA, [SA14342] IRM LDAP Login Security Bypass Vulnerability (22.02.2005)

SECUNIA, [SA14337] Mambo "GLOBALS['mosConfig_absolute_path']" File Inclusion (22.02.2005)

SECUNIA, [SA14321] Ulog-php SQL Injection Vulnerabilities (22.02.2005)

document CIRT Advisory, [Full-Disclosure] The WebConnect 6.4.4 and 6.5 contains several vulnerabilities (21.02.2005)

tjomka_(at)_navigator.lv, paNews v2.0b4 - PHP Injection (21.02.2005)

Files: phpWebSite-0.10.0 exploit
Discuss: Read or add your comments to this news (0 comments)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

test server