NYCPHP Meetup

[Daniel Convissor]

These summaries are available online
RSS:  http://phpsec.org/projects/vulnerabilities/securityfocus.xml
HTML: http://phpsec.org/projects/vulnerabilities/securityfocus.html

Alerts from SecurityFocus Newsletter #329

The large number of Perl items in this week's newsletter is
surprising.


APPLICATIONS USING PHP
----------------------
Flatnuke Index.PHP Directory Traversal Vulnerability
http://www.securityfocus.com/bid/15796

Netref Index.php SQL Injection Scripting Vulnerability
http://www.securityfocus.com/bid/15801

Netref Index.PHP SQL Injection Vulnerability
http://www.securityfocus.com/bid/15862

Horde Turba Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/15802

Horde Mnemo Remote HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/15803

Horde Nag Remote HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/15804

Horde Application Framework Input Validation Vulnerabilities
http://www.securityfocus.com/bid/15806

Horde Kronolith Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/15808

Horde Application Framework CSV File Upload Code Execution Vulnerability
http://www.securityfocus.com/bid/15810

UseBB PHP_SELF Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/15817

Scout Portal Toolkit  Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/15818

Arab Portal Link.PHP SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/15820

PHPCoin Coin_CFG.PHP SQL Injection Vulnerability
http://www.securityfocus.com/bid/15830

PHPCoin Config.PHP File Include Vulnerability
http://www.securityfocus.com/bid/15831

EncapsGallery Gallery.PHP SQL Injection Vulnerability
http://www.securityfocus.com/bid/15836

PHPWebGallery Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/15837

Plogger Index.PHP Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/15839

PHP JackKnife Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/15841

Mantis View_filters_page.PHP Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/15842

Link Up Gold Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/15843

Snipe Gallery Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/15844

mcGallery PRO Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/15845

PHP Web Scripts Ad Manager Pro Advertiser_statistic.PHP SQL Injection Vulnerability
http://www.securityfocus.com/bid/15847

Jamit Job Board Index.PHP SQL Injection Vulnerability
http://www.securityfocus.com/bid/15848

DreamLevels Dream Poll View_Results.PHP SQL Injection Vulnerability
http://www.securityfocus.com/bid/15849

MySQL Auction Search Module Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/15852

PHP Support Tickets Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/15853

CKGold Search.PHP Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/15854

PHPNuke Content Filtering Byapss Vulnerability
http://www.securityfocus.com/bid/15855

WHMCompleteSolution Knowledgebase.PHP Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/15856

WikkaWiki TextSearch.PHP Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/15860

QuickPayPro Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/15863

MarmaraWeb E-Commerce Remote File Include Vulnerability 
http://www.securityfocus.com/bid/15877

MarmaraWeb E-Commerce Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/15875

TML CMS Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/15876

AlmondSoft Almond Classifieds SQL Injection Vulnerability
http://www.securityfocus.com/bid/15899


RELATED STUFF
-------------
cURL / libcURL URL Parser Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/15756
Upgrade to 7.15.1.

Apache Mod_IMAP Referer Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/15834