 |
|
|
|
Очередные ошибки в Web-приложениях PHP, ASP, CGI
дополнено с 25 июля 2005 г. | | Опубликовано: |  | 29 июля 2005 г. | | Источник: |  | | | SecurityVulns ID: |  | 5032 | | Тип: |  | удаленная | | Опасность: |  | 5/10 | | Описание: |  | Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, утечка информации и т.д. |
| Оригинальный текст |  | svt_(at)_svt.nukleon.us, [SVadvisory] - SQL injection in OpenBook 1.2.2 (02.08.2005) |
| | | fjlj_(at)_wvi.com, RO CP root exploit (31.07.2005) |
| | | Zinho, [HSC Security Group] SQL Injection in Product Cart 2.6 (31.07.2005) |
| | | l--s_(at)_hotmail.com, Kent's Guestbook database exploit (31.07.2005) |
| | | rat_(at)_marocmaffia.com, PC-EXPERIENCE/TOPPE CMS Security Advisory (31.07.2005) |
| | | JeiAr, Kayako liveResponse Multiple Vulnerabilities (31.07.2005) |
| | | group_(at)_soulblack.com.ar, Kshout Data Disclosure (31.07.2005) |
| | | Debasis Mohanty, [Full-disclosure] Indiatimes Shopping Cart XSS (Cross Site Scripting) Attacks (30.07.2005) |
| | | SECUNIA, [SA16252] @Mail Multiple Cross-Site Scripting Vulnerabilities (30.07.2005) |
| | | SECUNIA, [SA16264] Easy PX 41 CMS Cross-Site Scripting and Information Disclosure (30.07.2005) |
| | | SECUNIA, [SA16273] Simplicity oF Upload "language" File Inclusion Vulnerability (30.07.2005) |
| | | SECUNIA, [SA16260] PHPmyGallery "confdir" File Inclusion Vulnerability (30.07.2005) |
| | | SECUNIA, [SA16270] UNG "name" and "email" Mail Header Injection (30.07.2005) |
| | | l--s_(at)_hotmail.com, uguestbook exploit (29.07.2005) |
| | | Stefan Esser, Advisory 12/2005: UseBB Multiple Vulnerabilities (29.07.2005) |
| | | thegreatone2176_(at)_yahoo.com, Website Baker Project Multiple Vulnerabilities (29.07.2005) |
| | | Jose Antonio, Cross Site Scripting vulnerabilities in GForge (29.07.2005) |
| | | thegreatone2176_(at)_yahoo.com, PhpList Sql Injection and Path Disclosure (29.07.2005) |
| | | SECUNIA, [SA16253] GForge Cross-Site Scripting Vulnerabilities (28.07.2005) |
| | | SECUNIA, [SA16255] MySQL Eventum PEAR XML_RPC PHP Code Execution Vulnerability (28.07.2005) |
| | | SECUNIA, [SA16224] BMForum Plus! Cross-Site Scripting Vulnerabilities (28.07.2005) |
| | | SECUNIA, [SA16192] phpBook "admin" Cross-Site Scripting Vulnerability (27.07.2005) |
| | | SECUNIA, [SA16237] PNG Counter "digit" Cross-Site Scripting Vulnerability (27.07.2005) |
| | | SECUNIA, [SA16235] Hosting Controller comgetfile.asp Information Disclosure (27.07.2005) |
| | | SECUNIA, [SA16236] Clever Copy Cross-Site Scripting Vulnerabilities (27.07.2005) |
| | | Zinho, [HSC Security Group] XSS in CartWiz (27.07.2005) |
| | | SECURITEAM, [EXPL] Netquery Command Execution (Exploit) (26.07.2005) |
| | | SECUNIA, [SA16202] Asn Guestbook "version" Cross-Site Scripting Vulnerability (25.07.2005) |
| | | gr0up.pclabs_(at)_gmail.com, Atomic Photo Album (APA) apa_phpinclude.inc.php remote file include (25.07.2005) |
| | | newbug_(at)_chroot.org, Chroot Security Group Advisory 2005-07-25 -- ftplocate (25.07.2005) |
| | | thegreatone2176_(at)_yahoo.com, Beehive Forum Multiple Vulnerabilities (25.07.2005) |
| | | gb.network_(at)_gmail.com, PHP FirstPost remote file include vulnerability (25.07.2005) |
| Проблемы символьных линков в gopher (symbolic links) | | Опубликовано: | | 29 июля 2005 г. | | Источник: | | BUGTRAQ | | SecurityVulns ID: | | 5056 | | Тип: | | локальная | | Опасность: | | 5/10 | | Описание: | | Проблема символьных линков при создании временных файлов. |
DoS против графической библиотеки libtiff
дополнено с 29 июля 2005 г. | | Опубликовано: | | 19 августа 2005 г. | | Источник: | | BUGTRAQ | | SecurityVulns ID: | | 5055 | | Тип: | | библиотека | | Опасность: | | 5/10 | | Описание: | | Отказ при нулевом значении YCbCr subsampling. |
|
|
|
|
|
|
|
|
