Section: .. / 0604-advisories /
| /// File Name: |
Overflow.pl-5.txt |
Description:
|
Overflow.pl Security Advisory #5 - Clam AntiVirus Win32-UPX Heap Overflow: Remote exploitation of an integer overflow vulnerability could allow execution of arbitrary code or cause denial of service.
| | Author: | Damian Put | | Homepage: | http://www.overflow.pl/ | | File Size: | 3109 | | Last Modified: | Apr 13 20:37:40 2006 |
| MD5 Checksum: | 0a10805c763ec4646ac7f1c2f9dadbc5 |
|
| /// File Name: |
Papoo-2.1.5 |
Description:
|
Papoo v2.1.5 suffers from XSS. POC included.
| | Homepage: | http://kecoak.or.id | | File Size: | 1802 | | Last Modified: | Apr 17 19:13:22 2006 |
| MD5 Checksum: | 703a852c570358be7f0fa6cbc6b765f2 |
|
| /// File Name: |
PatroNetCMS.txt |
Description:
|
PatroNet CMS suffers from XSS.
| | Author: | Shabgard Security Team | | Homepage: | http://www.shabgard.org | | File Size: | 433 | | Last Modified: | Apr 19 16:01:22 2006 |
| MD5 Checksum: | c48df7c4fe735ba6ca512ab8f6741746 |
|
| /// File Name: |
photokorn1.53.txt |
Description:
|
photokorn 1.53 and 1.542 suffer from SQL injection.
| | Author: | Dr-Jr7 | | File Size: | 378 | | Last Modified: | Apr 28 11:38:41 2006 |
| MD5 Checksum: | f43e5b2ec12da3ff6fa1e0822f1930ea |
|
| /// File Name: |
php-4.4.2-crash.txt |
Description:
|
It is possible to crash php and possibly apache by using a recursive function call. Tested on PHP 4.4.2 and 5.1.2.
| | Author: | cXIb8O3 | | Homepage: | http://SecurityReason.Com | | File Size: | 2999 | | Last Modified: | Apr 13 20:46:52 2006 |
| MD5 Checksum: | 0bea89e62cca915273892c81fcaa3fb0 |
|
| /// File Name: |
phpbb-admin.txt |
Description:
|
On a phpBB board, a user having access to the admin panel is able to execute PHP code.
| | Author: | noch22 | | File Size: | 684 | | Last Modified: | Apr 17 19:24:35 2006 |
| MD5 Checksum: | 7cc29a599cea22f2bdfba71f200bc53d |
|
| /// File Name: |
phpBB-template.txt |
Description:
|
phpBB HTML template files are parsed and executed as PHP code. Therefore anyone with access to the template files can execute php code on the system.
| | Author: | noch22 | | File Size: | 783 | | Last Modified: | Apr 17 19:24:01 2006 |
| MD5 Checksum: | 017cfbc4e19a631072a36defb06f8e81 |
|
| /// File Name: |
phpFaber.txt |
Description:
|
phpFaber TopSites suffers from XSS.
| | Author: | botan | | File Size: | 757 | | Last Modified: | Apr 19 18:01:39 2006 |
| MD5 Checksum: | dfd6895779b990df0f1e1e0817e24047 |
|
| /// File Name: |
PHPGraphy-0.9.11.txt |
Description:
|
PHPGraphy versions less than or equal to 0.9.11 allows unauthorized access to edit functionality.
| | Author: | rgod | | Homepage: | http://retrogod.altervista.org | | File Size: | 1441 | | Last Modified: | Apr 19 17:49:24 2006 |
| MD5 Checksum: | c72cb33ab6dcf1cbf331ea48e6f52fd5 |
|
| /// File Name: |
PhpGuestbook-1.0.txt |
Description:
|
PhpGuestbook versions less than or equal to 1.0 suffer from XSS.
| | Author: | qex | | File Size: | 164 | | Last Modified: | Apr 19 17:30:47 2006 |
| MD5 Checksum: | 850de908673f20d8d5cc9ae4d688b902 |
|
| /// File Name: |
phpinfo-xss.txt |
Description:
|
phpinfo() in PHP 5.1.2 and 4.4.2 suffers from a XSS vulnerability.
| | Author: | cXIb8O3 | | Homepage: | http://SecurityReason.Com | | File Size: | 2819 | | Last Modified: | Apr 13 20:41:56 2006 |
| MD5 Checksum: | 74c0c1c1b472186b7a7c7a89a96ea24d |
|
| /// File Name: |
phpListPro-2.0.txt |
Description:
|
phpListPro versions less than or equal to 2.00 suffer from a remote file inclusion vulnerability.
| | Author: | Aesthetico | | Homepage: | http://www.majorsecurity.de | | File Size: | 811 | | Last Modified: | Apr 12 02:38:47 2006 |
| MD5 Checksum: | 8b8c7401ee066a21c3a48e64a73071a0 |
|
| /// File Name: |
phpMyForum-4.0.txt |
Description:
|
phpMyForum 4.0 suffers from XSS and CRLF injection vulnerabilities.
| | Author: | Moroccan Security Team | | File Size: | 299 | | Last Modified: | Apr 12 14:14:06 2006 |
| MD5 Checksum: | babd12318ebf5de7a1913c913c53d2f6 |
|
| /// File Name: |
phpWebFTP-v3.2.txt |
Description:
|
phpWebFTP versions less than v3.2 are vulnerable to sql injection and directory transversal attacks
| | Author: | arko.dhar | | File Size: | 1081 | | Last Modified: | Apr 19 17:44:51 2006 |
| MD5 Checksum: | aa9ee101038f87acd2c4a1fac7db2065 |
|
| /// File Name: |
PHPWebGallery-1.4.1.txt |
Description:
|
PHPWebGallery 1.4.1 suffers from multiple XSS vulnerabilities.
| | Author: | Moroccan Security Team | | File Size: | 879 | | Last Modified: | Apr 12 14:15:24 2006 |
| MD5 Checksum: | 28364bc661abf5ee51acadca7dfc6945 |
|
| /// File Name: |
Phpwebgallery-1.4.1.txt |
Description:
|
Phpwebgallery versions less than or equal to 1.4.1 suffer from a SQL injection vulnerability.
| | Author: | t4h4 | | File Size: | 414 | | Last Modified: | Apr 10 21:09:30 2006 |
| MD5 Checksum: | 9cbdfc61d18a160b489f08dee72f38f3 |
|
| /// File Name: |
phpWebSite-2.txt |
Description:
|
phpWebSite versions less than and equal to 0.10.1 suffer from an SQL injection vulnerability in topics.php.
| | Author: | SnIpEr_SA | | Homepage: | http://phpwebsite.appstate.edu/ | | File Size: | 1148 | | Last Modified: | Apr 19 15:44:22 2006 |
| MD5 Checksum: | e22d8be1249e38888eae3c6d37400a97 |
|
| /// File Name: |
planetSearch-xss.txt |
Description:
|
planetSearch+ version 26.10.2005 is vulnerable to XSS.
| | Author: | d4igoro | | File Size: | 706 | | Last Modified: | Apr 17 19:06:37 2006 |
| MD5 Checksum: | d01c35f4b2ac826ab6e87eabace68931 |
|
| /// File Name: |
PowerClan1.14.txt |
Description:
|
PowerClan 1.14 suffers from a SQL injection vulnerability if magic_quotes_gpc = off.
| | Homepage: | http://d4igoro.blogspot.com/ | | File Size: | 612 | | Last Modified: | Apr 17 19:10:14 2006 |
| MD5 Checksum: | 0af0eb463e902f4b645711fc86dc4c7d |
|
| /// File Name: |
quick-n-easy.txt |
Description:
|
Quick 'n Easy FTP Server pro/lite suffers from a stack overflow when logging unicode.
| | Homepage: | http://www.c0d3r.org | | File Size: | 2627 | | Last Modified: | Apr 28 11:51:48 2006 |
| MD5 Checksum: | 9aef3a810e3355285f2ae55f0069327b |
|
| /// File Name: |
r57shell.php.txt |
Description:
|
r57shell.php suffers from XSS.
| | Author: | qex | | File Size: | 101 | | Last Modified: | Apr 28 13:35:17 2006 |
| MD5 Checksum: | e17339c3eb127eb55b3deb227867a072 |
|
| /// File Name: |
R7-0019.txt |
Description:
|
Rapid7 Advisory R7-0019 - Directory traversal vulnerability in SolarWinds TFTP Server for Windows
| | Author: | Rapid7 | | Homepage: | http://www.rapid7.com/ | | File Size: | 2805 | | Last Modified: | Apr 26 02:54:26 2006 |
| MD5 Checksum: | 715a26816b8644679e481a15a83d0236 |
|
| /// File Name: |
R7-0021.txt |
Description:
|
Rapid7 Advisory R7-0021 Symantec Scan Engine Authentication Fundamental Design Error
| | Homepage: | http://www.rapid7.com | | File Size: | 12277 | | Last Modified: | Apr 26 02:55:53 2006 |
| MD5 Checksum: | c298108281941fdf491818d9e29de5d1 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
