[nycphp-talk] php in SecurityFocus Newsletter #302

Daniel Convissor danielc at
Fri Jun 10 19:05:38 EDT 2005

SecurityFocus Newsletter #302

Shop-Script CategoryID SQL Injection Vulnerability

Shop-Script ProductID SQL Injection Vulnerability

PostNuke Blocks Module Directory Traversal Vulnerability

WoltLab Burning Board Verify_email Function SQL Injection Vu...

NPDS THOLD Parameter SQL Injection Vulnerability

JGS-Portal Multiple Cross-Site Scripting and SQL Injection V...

Wordpress WP-Trackback.PHP SQL Injection Vulnerability

SafeHTML Quotes Handling Security Bypass Vulnerability

Wordpress Post.PHP Cross-Site Scripting Vulnerability

Wordpress Edit.PHP Cross-Site Scripting Vulnerability

Help Center Live Multiple Input Validation Vulnerabilities

Help Center Live Administrator Command Execution Vulnerability

S9Y Serendipity Multiple Unspecified Remote Vulnerabilities

PROMS Multiple Unspecified HTML Injection Vulnerabilities

PROMS Project Members Unauthorized Access Vulnerability

Core CMS Unspecified Security Vulnerability

PHP Advanced Transfer Manager Arbitrary File Include Vulnerability

EJ3 TOPo Multiple Index.PHP Cross-Site Scripting Vulnerability

EJ3 TOPo Comments Multiple HTML Injection Vulnerabilities

MySQL mysql_install_db Insecure Temporary File Creation Vulnerability
MySQL versions prior to 4.0.12 and MySQL 5.x releases 5.0.4 and
prior versions are reported to be affected.

 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
            data intensive web and database programming
 4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409

More information about the talk mailing list