NYCPHP Meetup

NYPHP.org

[nycphp-talk] more crappy programs: security focus 230 - 232

Daniel Convissor danielc at analysisandsolutions.com
Wed Jan 21 00:41:33 EST 2004


Hi Folks:

Sorry for the delay in posting these...

================================================================
Subject: SecurityFocus Newsletter #230
Date: Mon, 5 Jan 2004 15:17:29 -0700 (MST)

Apache mod_php Module File Descriptor Leakage Vulnerability
http://www.securityfocus.com/bid/9302

OpenBB Index.PHP Remote SQL Injection Vulnerability
http://www.securityfocus.com/bid/9300

OpenBB Board.PHP Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/9303

PHP-Nuke Survey Module SQL Injection Vulnerability
http://www.securityfocus.com/bid/9305

Private Message System index.php Page Parameter Cross-Site S...
http://www.securityfocus.com/bid/9308

php-ping Count Parameter Command Execution Vulnerability 
http://www.securityfocus.com/bid/9309

MiniBB Profile Website Name HTML Injection Vulnerability
http://www.securityfocus.com/bid/9310

phpBB GroupCP.PHP SQL Injection Vulnerability
http://www.securityfocus.com/bid/9314

PHPCatalog ID Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/9318


================================================================
Subject: SecurityFocus Newsletter #231
Date: Mon, 12 Jan 2004 15:02:17 -0700 (MST)

EasyDynamicPages config_page.php Remote PHP File Include Vul...
http://www.securityfocus.com/bid/9338

Invision Power Board Calendar.PHP SQL Injection Vulnerabilit...
http://www.securityfocus.com/bid/9353

HotNews Multiple PHP File Include Vulnerabilities
http://www.securityfocus.com/bid/9357

FreznoShop Search Script Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/9359

vBulletin Calendar Script SQL Injection Vulnerability
http://www.securityfocus.com/bid/9360

Phorum Multiple Cross-Site Scripting/HTML Injection Vulnerab...
http://www.securityfocus.com/bid/9361

Phorum Registration Script hide_email SQL Injection Vulnerab...
http://www.securityfocus.com/bid/9363

ThWboard board.php Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/9367

PhpGedView Multiple PHP Remote File Include Vulnerabilities
http://www.securityfocus.com/bid/9368

PhpGedView Search Script Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/9369

PhpGedView PHPInfo Information Disclosure Weakness
http://www.securityfocus.com/bid/9371

PostCalendar Search Function SQL Injection Vulnerability
http://www.securityfocus.com/bid/9372


================================================================
Subject: SecurityFocus Newsletter #232
Date: Tue, 20 Jan 2004 14:45:23 -0700 (MST)

Andy's PHP Projects Man Page Lookup Script Information Discl...
http://www.securityfocus.com/bid/9395

VisualShapers EZContents Module.PHP Remote Command Execution...
http://www.securityfocus.com/bid/9396

PHPDig Config.PHP Include Remote Command Execution Vulnerabi...
http://www.securityfocus.com/bid/9424

PHPShop Project Multiple Vulnerabilities
http://www.securityfocus.com/bid/9437


Enjoy,

--Dan

-- 
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
            data intensive web and database programming
                http://www.AnalysisAndSolutions.com/
 4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409



More information about the talk mailing list