NYCPHP Meetup

NYPHP.org

[nycphp-talk] php in SecurityFocus Newsletter #302

Daniel Convissor danielc at analysisandsolutions.com
Fri Jun 10 19:05:38 EDT 2005 

SecurityFocus Newsletter #302

APPLICATIONS USING PHP
----------------------
Shop-Script CategoryID SQL Injection Vulnerability    
http://www.securityfocus.com/bid/13633

Shop-Script ProductID SQL Injection Vulnerability     
http://www.securityfocus.com/bid/13635

PostNuke Blocks Module Directory Traversal Vulnerability
http://www.securityfocus.com/bid/13636

WoltLab Burning Board Verify_email Function SQL Injection Vu...
http://www.securityfocus.com/bid/13643

NPDS THOLD Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/13649

JGS-Portal Multiple Cross-Site Scripting and SQL Injection V...
http://www.securityfocus.com/bid/13650

Wordpress WP-Trackback.PHP SQL Injection Vulnerability
http://www.securityfocus.com/bid/13655

SafeHTML Quotes Handling Security Bypass Vulnerability
http://www.securityfocus.com/bid/13659

Wordpress Post.PHP Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/13663

Wordpress Edit.PHP Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/13664

Help Center Live Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/13666

Help Center Live Administrator Command Execution Vulnerability
http://www.securityfocus.com/bid/13667

S9Y Serendipity Multiple Unspecified Remote Vulnerabilities
http://www.securityfocus.com/bid/13669

PROMS Multiple Unspecified HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/13673

PROMS Project Members Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/13674

Core CMS Unspecified Security Vulnerability
http://www.securityfocus.com/bid/13675

PHP Advanced Transfer Manager Arbitrary File Include Vulnerability
http://www.securityfocus.com/bid/13691

EJ3 TOPo Multiple Index.PHP Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/13700

EJ3 TOPo Comments Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/13701


RELATED STUFF
-------------
MySQL mysql_install_db Insecure Temporary File Creation Vulnerability
http://www.securityfocus.com/bid/13660
MySQL versions prior to 4.0.12 and MySQL 5.x releases 5.0.4 and
prior versions are reported to be affected.

-- 
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
            data intensive web and database programming
                http://www.AnalysisAndSolutions.com/
 4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409

More information about the talk mailing list