|
PHP, ASP, CGI web applications security vulnerabilities
updated since 11.04.2005 | | Published: |  | 17.04.2005 | | Source: |  | | | SecurityVulns ID: |  | 4657 | | Type: |  | remote | | Level: |  | 5/10 | | Description: |  | PHP inclusions, SQL injections, directory traversals, crossite scripting, etc. |
| Affected: |  | INVISION : Invision Power Board 1.3 | | | | WEBCT : WebCT 4.1 | | | | PHPNUKE : PHP-Nuke 7.6 | | | | ACNEWS : ACNews 1.0 | | | | TOWERBLOG : TowerBlog 0.6 | | | | RABIDS : RadBids 2 | | | | LOGICSSOFTWARE : LOG-FT | | | | UMMAGUMMA : zOOm Image Gallery 2.1 | | | | JPORTAL : Jportal 2.3 | | | | AZDG : AzDGDatingPlatinum 1.1 | | | | XAMPP : XAMPP 1.4 | | | | CENTRA : Centra 7 | | | | SPLITBRAIN : DokuWiki | | | | WORDPRESS : WordPress 1.5 | | | | EGROUPWARE : eGroupWare 1.006 | | | | PHPBB2 : phpBB Plus 1.52 | | | | S9Y : serentdipity 0.8 | | | | ALL4WWW : All4WWW 1.0 | | | | ONEWORLDSTORE : OneWorldStore | | | | RSA : RSA Authentication Agent for Web for IIS 5.2 | | | | MYBLOGGIE : myBloggie 2.1 | | | | SPHPBLOG : sphpblog 0.4 | | | | CHRISNOWAK : Mafia Blog 0.4 |
| Original document |  | tom cruise, phpBB datenbank mod has XSS/SQL Injection in the id variable (16.04.2005) |
| | | dcrab_(at)_hackerscenter.com, Http Response Splitting Vulnerability In PHP-NUKE 7.6 and below (16.04.2005) |
| | | Francisco Alisson, Mafia Blog (16.04.2005) |
| | | ahmad muammar, Vulnerabilities in sphpblog (16.04.2005) |
| | | Francisco Alisson, myBloggie 2.1.1 (16.04.2005) |
| | | SECUNIA, [SA14954] RSA Authentication Agent for Web for IIS Cross-Site Scripting (15.04.2005) |
| | | dcrab_(at)_hackerscenter.com, Multiple multiple sql injection/errors and xss vulnerabilities in OneWorldStore (15.04.2005) |
| | | Francisco Alisson, All4WWW-Homepagecreator Remote Command Execution (15.04.2005) |
| | | kreon, serendipity SQL Injection vulnerability (14.04.2005) |
| | | dcrab_(at)_hackerscenter.com, Multiple Sql injection and XSS vulnerabilities in phpBB Plus v.1.52 and below and some of its modules. (14.04.2005) |
| | | Gerald Quakenbush, eGroupWare Leaks Files (13.04.2005) |
| | | Nicolas Montoza, WordPress XSS and HTML injection (13.04.2005) |
| | | kreon, DoKuWiki file-upload vulnerabilities (13.04.2005) |
| | | Andreas Constantinides, zOOM Media Gallery - Simple SQL Injection discovery (13.04.2005) |
| | | Clorox, Centra 7 XSS Exploit (13.04.2005) |
| | | lacertosum_(at)_yahoo.com, WebCT 4.1 vulnerable to XSS attacks (12.04.2005) |
| | | morning_wood, [Full-disclosure] XAMPP (12.04.2005) |
| | | kreon, AzDGDatingPlatinum multiple vulnerabilities (12.04.2005) |
| | | Marcin "CiNU5" Krupowicz, Sql injection in jPortal version 2.3.1 (module banner) (12.04.2005) |
| | | dcrab_(at)_hackerscenter.com, Invision board 1.3.1 and below are vulnerable to a sql injection vulnerability [PATCH INCLUDED] (12.04.2005) |
| | | JeiAr, Multiple ModernBill 4.3.0 And Earlier Vulnerabilities (11.04.2005) |
| | | Andreas Constantinides, [VulnWatch] zOOM Media Gallery - Simple SQL Injection discovery (11.04.2005) |
| | | SECUNIA, [SA14851] Logics Software LOG-FT File Transfer Arbitrary File Disclosure (11.04.2005) |
| | | SECURITEAM, [UNIX] RadBids Multiple Vulnerabilities (11.04.2005) |
| | | CorryL, [Full-disclosure] TowerBlog <= 0.6 Admin Account View [x0n3-h4ck] (11.04.2005) |
| | | BilDos, Exploti... (11.04.2005) |
|
|
|
|
|
