NYCPHP Meetup

NYPHP.org

[nycphp-talk] PHP in SecurityFocus #325

Daniel Convissor danielc at analysisandsolutions.com
Fri Nov 25 11:30:35 EST 2005 

These summaries are available online
RSS:  http://phpsec.org/projects/vulnerabilities/securityfocus.xml
HTML: http://phpsec.org/projects/vulnerabilities/securityfocus.html

Alerts from SecurityFocus Newsletter #325

PHP
---
PHP cURL and GD Multiple Safe_Mode and Open_Basedir Restriction Bypass Vulnerabilities
http://www.securityfocus.com/bid/15411
Upgrade to PHP 4.4.1. For PHP 5, it is best to upgrade to an RC of
5.1.0.

PHP Apache 2 Virtual() Safe_Mode and Open_Basedir Restriction Bypass Vulnerability
http://www.securityfocus.com/bid/15413
Upgrade to PHP 4.4.1. For PHP 5, it is best to upgrade to an RC of
5.1.0.


APPLICATIONS USING PHP
----------------------
Help Center Live Module.PHP Local File Include Vulnerability
http://www.securityfocus.com/bid/15404

XOOPS Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/15406

Horde Unspecified Error Message Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/15409

Wizz Forum Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/15410

PHPsysInfo Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/15414

Peel rubid Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/15415

Codegrrl Protection.PHP Unspecified Code Execution Vulnerability
http://www.securityfocus.com/bid/15417

Cyphor Show.PHP SQL Injection Vulnerability
http://www.securityfocus.com/bid/15418

PHPNuke Search Module SQL Injection Vulnerability
http://www.securityfocus.com/bid/15421

MyBulletinBoard Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/15424

MyBulletinBoard Unspecified Denial Of Service Vulnerability
http://www.securityfocus.com/bid/15426

Pearl Forums Index.PHP Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/15425

Pearl Forums Index.PHP Local File Include Vulnerability
http://www.securityfocus.com/bid/15433

PHPWCMS  Multiple Remote File Include Vulnerabilities
http://www.securityfocus.com/bid/15436

PHPWCMS Multiple Cross-Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/15440

Pollvote File Include Vulnerability
http://www.securityfocus.com/bid/15439

AlstraSoft Template Seller Pro Remote File Include Vulnerability
http://www.securityfocus.com/bid/15441

AlstraSoft Template Seller Pro SQL Injection Vulnerability
http://www.securityfocus.com/bid/15442

Ekinboard Profile.PHP Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/15447

Ekinboard Title Post HTML Injection Vulnerability
http://www.securityfocus.com/bid/15443

Mambo Open Source Remote File Include Vulnerability
http://www.securityfocus.com/bid/15461

Antharia OnContent // CMS Index.PHP SQL Injection Vulnerability
http://www.securityfocus.com/bid/15464

PHPWebThings MSG Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/15465

Unclassified NewsBoard Forum.PHP SQL Injection Vulnerability
http://www.securityfocus.com/bid/15466

Arki-DB Index.PHP SQL Injection Vulnerability
http://www.securityfocus.com/bid/15467

Uresk Links Admin Index.PHP Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/15469

PHP Easy Download Edit.PHP Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/15470

Pmachine Pro Email This Entry Mail_autocheck.PHP Remote File Include Vulnerability
http://www.securityfocus.com/bid/15473

Interspire ArticleLive NX Search Module SQL Injection Vulnerability
http://www.securityfocus.com/bid/15480

Revize CMS Query_results.JSP SQL Injection Vulnerability
http://www.securityfocus.com/bid/15481

LiteSpeed ConfMgr.php Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/15485

XMB Forum Member.PHP HTML Injection Vulnerability
http://www.securityfocus.com/bid/15489

PHP-Fusion Options.php and Viewforum.php SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/15502

Exponent Content Management System Multiple Improper File Permission Vulnerabilities
http://www.securityfocus.com/bid/15503

PHPMyFAQ Multiple Cross-Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/15504


RELATED STUFF
-------------
Opera Web Browser HTML Form Status Bar Misrepresentation Vulnerability
http://www.securityfocus.com/bid/15472

More information about the talk mailing list