Computer Security

PHP, ASP, CGI web applications security vulnerabilities
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



PHP, ASP, CGI web applications security vulnerabilities
updated since 19.04.2005
Published:23.04.2005
Source:
SecurityVulns ID:4708
Type:remote
Level:5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, etc.
Affected:GENEWEB : geneweb 4.06
 JAWS : jaws 0.4
 EGROUPWARE : eGroupWare 1.0
 PHPROJEKT : PHPROJEKT 4.2
 ONEWORLDSTORE : OneWorldStore
 COPPERMINE : Coppermine Photo Gallery 1.3
 PHPBB : Knowledge Base MOD
 INFO2WWW : info2www 1.2
 DUWARE : DuPortal 3.4
 KNUSPERLEICHT : Shoutbox SCRIPT 3.0
 OCEAN12 : Ocean12 Calendar manager 1.01
 AZBB : AZ Bulletin Board 1.0
 NETREF : Annuaire Netref 4.2
 ECOMMERCECARTS : EcommPro 3
 NETMAILSHARE : netMailshare Professional 4.0
 WOLTLAB : Woltlab Burning Board 2.3
 ASPNUKE : Asp Nuke 0.80
 ARGOSOFT : Argosoft Mail Server 1.8
 YAZAPORT : E-Cart 1.1
Original documentdocumentSECUNIA, [SA15054] WebAPP E-Cart Module Shell Command Injection Vulnerability (23.04.2005)
 documentShineShadow, Multiple vulnerabilities in Argosoft Mail Server 1.8.7.6 (23.04.2005)
 documentdcrab_(at)_hackerscenter.com, Multiple Sql injection and XSS in Asp Nuke 0.80 (Working exploits included) (23.04.2005)
 documentdeluxe_(at)_security-project.org, [SePro Bugtraq] WBB - WoltLab Burning Board <= 2.3.1 - XSS Vulnerability (22.04.05) (23.04.2005)
 documentSECUNIA, [SA15038] netMailshar Professional Two Vulnerabilities (22.04.2005)
 documentpiker piker, Vulnerability kali's tagboard (22.04.2005)
 documentSECURITEAM, [NT] OneWorldStore Cross Site Scripting and SQL Injection Vulnerabilities (21.04.2005)
 documentSECURITEAM, [UNIX] Jaws Cross Site Scripting (GlossaryModel.php) (21.04.2005)
 documentSSC Advisory Notice, Secure Science Corporation Application Software Advisory 055 (21.04.2005)
 documentc0d3r_(at)_ihsteam.com, Ecommerce-Carts SQL injection vulnerability ( IHSTeam ) (21.04.2005)
 documentjaguar, Annuaire Netref v4.2 [ fwrite php ] vulnerability (21.04.2005)
 documentJeiAr, Multiple Security Issues Found In AZBB (21.04.2005)
 documentJeiAr, Multiple eGroupware Vulnerabilities (21.04.2005)
 documentZinho, [HSC Security Group] Ocean12 Calendar manager 1.01 SQL injection (20.04.2005)
 documentSECUNIA, [SA15027] PHP Labs proFile "dir" and "file" Cross-Site Scripting (20.04.2005)
 documentSECUNIA, [SA15009] CityPost Automated Link Exchange "msg" Cross-Site Scripting (20.04.2005)
 documentSECUNIA, [SA15010] CityPost Simple PHP Upload "message" Cross-Site Scripting (20.04.2005)
 documentSECUNIA, [SA15011] CityPost Image Editor Cross-Site Scripting Vulnerabilities (20.04.2005)
 documentCorryL, [Full-disclosure] Shoutbox SCRIPT <= 3.0.2 Administrative MD5 Username and Password Retrieval (20.04.2005)
 documentdcrab_(at)_hackerscenter.com, DUportal Pro 3.4 has MANY Sql injection and Sql Errors. (20.04.2005)
 documentDEBIAN, [SECURITY] [DSA 712-1] New geneweb packages fix insecure file operations (20.04.2005)
 documentDEBIAN, [SECURITY] [DSA 711-1] New info2www packages fix cross-site scripting vulnerability (20.04.2005)
 documentHillel Himovich, UBB Thread printthread.php SQL Injection (20.04.2005)
 documentdeluxe_(at)_security-project.org, phpBB - Knowledge Base MOD - SQL-Injection and Full Path Disclosure (19.04.2005)
 documentGHC team, Vulnerability in Coppermine Photo Gallery 1.3.* (19.04.2005)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
 


Рейтинг@Mail.ru