|
PHP, ASP, CGI web applications security vulnerabilities
updated since 16.05.2005 | | Published: |  | 21.05.2005 | | Source: |  | | | SecurityVulns ID: |  | 4796 | | Type: |  | remote | | Level: |  | 5/10 | | Description: |  | PHP inclusions, SQL injections, directory traversals, crossite scripting, etc. |
| Affected: |  | OPENBB : OpenBB 1.0 | | | | INVISION : Invision Power Board 2.0 | | | | INVISION : Invision Power Board 1.3 | | | | FUSIONPHP : Fusion News 3.6 | | | | WBB : Burning Board 2.3 | | | | WORDPRESS : WordPress 1.5 | | | | METALINKS : MetaCart e-Shop 8 | | | | SKULLSPLITTER : Skull-Splitter Guestbook 2.2 | | | | POSTNUKE : PostNuke 0.750 | | | | JGSXA : JGS-Portal 3.0 | | | | DOTNETNUKE : DotNetNuke 3.0 | | | | PHOTOPOST : Photopost | | | | FUSIONPHP : Fusion SBX 1.2 | | | | sigma : Sigma ISP Manager 6.6 | | | | ULTIMATEFORUM : Ultimate Forum 1.0 | | | | CHEETAH : Cheetah 0.9 | | | | SHOPSCRIPTFREE : Shop-Script FREE | | | | NPDS : NPDS 5.0 | | | | EDMS : eDMS 2.0 | | | | HELPCENTERLIVE : Help Center Live 1.0 | | | | S9Y : Serendipity 0.8 | | | | SUREGEMAIL : SurgeMail 3.0 | | | | PHPATM : phpAtm 1.21 | | | | TOPO : TOPo 2.2 | | | | GROOVE : Groove Virtual Office 3.1 | | | | GROOVE : Groove Workspace 2.5 |
| Original document |  | SECUNIA, [SA15421] Groove Virtual Office / Workspace Multiple Vulnerabilities (21.05.2005) |
| | | Thomas Waldegger, [BuHa Security] Wordpress SQL-Injection (21.05.2005) |
| | | SECUNIA, [SA15325] TOPo Multiple Vulnerabilities (20.05.2005) |
| | | SECURITEAM, [EXPL] Invision Power Board SQL Injection Vulnerability (member_id, Exploit) (20.05.2005) |
| | | Ingvar Gilbert, phpATM arbitrary PHP code inclusion (20.05.2005) |
| | | SECUNIA, [SA15425] SurgeMail Unspecified Cross-Site Scripting Vulnerabilities (19.05.2005) |
| | | SECUNIA, [SA15405] Serendipity File Upload and Cross-Site Scripting Vulnerabilities (18.05.2005) |
| | | SECUNIA, [SA15401] Help Center Live Multiple Vulnerabilities (18.05.2005) |
| | | SECUNIA, [SA15410] eDMS Multiple Unspecified Vulnerabilities (18.05.2005) |
| | | SECUNIA, [SA15385] NPDS Cross-Site Scripting and SQL Injection Vulnerabilities (18.05.2005) |
| | | SECUNIA, [SA15400] Shop-Script FREE "categoryID" and "productID" SQL Injection (18.05.2005) |
| | | SECUNIA, [SA15386] Cheetah Insecure Module Importing Vulnerability (17.05.2005) |
| | | SECUNIA, [SA15362] ImageGallery system Exposure of User Credentials (17.05.2005) |
| | | SECUNIA, [SA15374] Ultimate Forum Exposure of Encrypted User Credentials (17.05.2005) |
| | | SECUNIA, [SA15336] OpenBB Cross-Site Scripting and SQL Injection Vulnerabilities (17.05.2005) |
| | | SECURITEAM, [EXPL] Fusion SBX Remote Command Execution (Exploit 2) (17.05.2005) |
| | | SECURITEAM, [UNIX] PhotoPost Arbitrary Data (Exploit) (17.05.2005) |
| | | JeiAr, Woltlab Burning Board SQL Injection Vulnerability (17.05.2005) |
| | | Mark Woan, DotNetNuke (Multiple XSS) (17.05.2005) |
| | | dedi dwianto, Multiple Vulnerabilities in MetaCart e-Shop (17.05.2005) |
| | | deluxe_(at)_security-project.org, [SePro Bugtraq] WBB Portal - JGS-Portal <= 3.0.2 - Multiple Vulnerabilities (09.05.05) (17.05.2005) |
| | | tjomi4_(at)_gmail.com, Fusion News v3.6.1 - remote shell exploit (17.05.2005) |
| | | pokleyzz, [Full-disclosure] Postnuke 0.750 - 0.760rc4 local file inclusion (16.05.2005) |
| | | Morinex Eneco, Skull-Splitter's Guestbook Multiple XXS/HTML injection (16.05.2005) |
|
|
|
|
|
