NYCPHP Meetup

NYPHP.org

[nycphp-talk] stuff from SecurityFocus Newsletter #290

Daniel Convissor danielc at analysisandsolutions.com
Wed Mar 2 12:08:42 EST 2005 

PHP related stuff in SecurityFocus Newsletter #290

I must say PHP has become very popular.  Of all the web
applications mentioned in SecurityFocus' lists of
vulnerabilities, there are FAR more mentions of apps using
PHP than any other language.  The low barrier to entry
has a downside, eh?


PHP STUFF
=========

PHP4 Readfile Denial Of Service Vulnerability
http://www.securityfocus.com/bid/12665

ZeroBoard Multiple Cross-Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/12596

PMachine Pro Remote File Include Vulnerability
http://www.securityfocus.com/bid/12597

Invision Power Board SML Code Script Injection Vulnerability
http://www.securityfocus.com/bid/12607

Mambo Open Source Tar.PHP Remote File Include Vulnerability
http://www.securityfocus.com/bid/12608

INL Ulog-php Multiple Unspecified SQL Injection Vulnerabilit...
http://www.securityfocus.com/bid/12610

PANews Remote PHP Script Code Execution Vulnerability
http://www.securityfocus.com/bid/12611

PHPBB Multiple Remote Path Disclosure Vulnerabilities
http://www.securityfocus.com/bid/12618

PHPBB Arbitrary File Disclosure Vulnerability      
http://www.securityfocus.com/bid/12621

VBulletin Misc.PHP Arbitrary PHP Script Code Execution Vulne...
http://www.securityfocus.com/bid/12622   

PHPBB Arbitrary File Deletion Vulnerability     
http://www.securityfocus.com/bid/12623

MediaWiki Multiple Unspecified Remote Vulnerabilities
http://www.securityfocus.com/bid/12625

iGeneric iG Shop Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/12627

PBLang Bulletin Board System Search.PHP Cross-Site Scripting...
http://www.securityfocus.com/bid/12631

PBLang Bulletin Board System PMPShow.PHP HTML Injection Vuln...
http://www.securityfocus.com/bid/12633

PBLang Bulletin Board System PM.PHP HTML Injection Vulnerabi...
http://www.securityfocus.com/bid/12634

ELOG Web Logbook Attached Filename Remote Buffer Overflow Vu...
http://www.securityfocus.com/bid/12639

ELOG Web Logbook Multiple Remote Unspecified Vulnerabilities
http://www.securityfocus.com/bid/12640

PHPMyAdmin Multiple Libraries And Themes Remote Cross-Site S...
http://www.securityfocus.com/bid/12644

PHPMyAdmin Multiple Local File Include Vulnerabilities
http://www.securityfocus.com/bid/12645

OOApp Guestbook Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/12647

PunBB Multiple Remote Input Validation Vulnerabilities
http://www.securityfocus.com/bid/12652

PHPWebSite Image File Processing Remote Arbitrary PHP File U...
http://www.securityfocus.com/bid/12653

CubeCart Multiple Cross-Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/12658

PBLang Bulletin Board System Remote PHP Script Injection Vul...
http://www.securityfocus.com/bid/12666


OTHER STUFF
===========

Microsoft Internet Explorer Pop-up Window Title Bar Spoofing...
http://www.securityfocus.com/bid/12602

Mozilla Firefox Scrollbar Remote Code Execution Vulnerabilit...
http://www.securityfocus.com/bid/12655

Mozilla Suite Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/12659


-- 
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
            data intensive web and database programming
                http://www.AnalysisAndSolutions.com/
 4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409

More information about the talk mailing list