NYCPHP Meetup

NYPHP.org

[nycphp-talk] PHP in SecurityFocus #347

Daniel Convissor danielc at analysisandsolutions.com
Sat May 6 14:51:39 EDT 2006 

These summaries are available online
RSS:  http://phpsec.org/projects/vulnerabilities/securityfocus.xml
HTML: http://phpsec.org/projects/vulnerabilities/securityfocus.html

Alerts from SecurityFocus Newsletter #347

APPLICATIONS USING PHP
----------------------
Clansys Index.PHP Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/17660

My Gaming Ladder Stats.PHP Remote File Include Vulnerability
http://www.securityfocus.com/bid/17657

CoreNews Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/17655

Simplog ImageList.PHP Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/17653

MKPortal Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/17651

dForum Multiple Remote File Include Vulnerabilities
http://www.securityfocus.com/bid/17650

Instant Photo Gallery Multiple Cross-Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/17696

Invision Power Board Search.PHP Script Injection Vulnerability
http://www.securityfocus.com/bid/17695

Invision Power Board Index.PHP CK Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/17690

PHPWebFTP Multiple Cross-Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/17688

NextAge Shopping Cart Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/17685

Photokorn Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/17683

RateIt Rateit.PHP SQL Injection Vulnerability
http://www.securityfocus.com/bid/17518

Built2go Movie Review Movie_CLS.PHP3 Remote File Include Vulnerability
http://www.securityfocus.com/bid/17679

Help Center Live OSTicket Module Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/17676

FlexBB Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/17574

SL_site Gallerie.PHP Information Disclosure Vulnerability
http://www.securityfocus.com/bid/17672

PHPMyAgenda Agenda.PHP3 Remote File Include Vulnerability
http://www.securityfocus.com/bid/17670

SL_site Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/17667

Scry Gallery Index.PHP Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/17668


RELATED STUFF
-------------
Mozilla Firefox iframe.contentWindow.focus Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/17671
This exists in the new 1.5.0.2 release and probably earlier releases.

More information about the talk mailing list