[nycphp-talk] #248 of security focus
Daniel Convissor
danielc at analysisandsolutions.com
Tue May 11 01:01:32 EDT 2004
Hi:
Have you ever noticed that when someone is sloppy in one place, they're
probably sloppy in loads of others? Well, this seems to hold true when it
comes to the people responsible for buggy code. When reading the SF
newsletter I need to determine if the reported package uses PHP. Many of
the websites of the software in question don't say right up front which
language the application is written in or even what their pacakge does.
Oy.
SquirrelMail Folder Name Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/10246
Moodle Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/10251
Coppermine Photo Gallery Multiple Input Validation Vulnerabi...
http://www.securityfocus.com/bid/10253
PROPS SQL Injection and Cross-Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/10258
JelSoft VBulletin Forum Creation HTML Injection Vulnerabilit...
http://www.securityfocus.com/bid/10280
Simple Machines Forum Size Tag HTML Injection Vulnerability
http://www.securityfocus.com/bid/10281
PHPNuke Modules.php Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/10282
PHPX Multiple Cross-Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/10283
PHPX Multiple Administrator Command Execution Vulnerability
http://www.securityfocus.com/bid/10284
e107 Website System Multiple Script HTML Injection Vulnerabi...
http://www.securityfocus.com/bid/10293
--
T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y
data intensive web and database programming
http://www.AnalysisAndSolutions.com/
4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409
More information about the talk
mailing list