NYCPHP Meetup

NYPHP.org

[nycphp-talk] several security focus newsletters...

Daniel Convissor danielc at analysisandsolutions.com
Thu Jun 24 02:12:42 EDT 2004 

Hi Folks:

Pardon the delay.  I've been busy cleaning up and improving pear.php.net.

--Dan

================================
SecurityFocus Newsletter #251

e107 Website System User.PHP HTML Injection Vulnerability
http://www.securityfocus.com/bid/10405

cPanel Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/10407

Pimentech PimenGest2 RowLatex.inc.PHP Information Disclosure...
http://www.securityfocus.com/bid/10408

PHP Input/Ouput Wrapper Remote Include Function Command Exec...
http://www.securityfocus.com/bid/10427
[This is an utterly stupid report.  I sent an email to SF saying so. --Dan]

JPortal Print.php SQL Injection Vulnerability
http://www.securityfocus.com/bid/10430


================================
SecurityFocus Newsletter #252

PHPoto Picture_view Script Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/10431

Land Down Under BBCode HTML Injection Vulnerability
http://www.securityfocus.com/bid/10435

e107 Website System Multiple Vulnerabilities
http://www.securityfocus.com/bid/10436

SquirrelMail Email Header HTML Injection Vulnerability
http://www.securityfocus.com/bid/10439

PHP-Nuke Direct Script Access Security Bypass Vulnerability
http://www.securityfocus.com/bid/10447

Gallery Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/10451

Mail Manage EX MMEX Script Settings Parameter Remote PHP Fil...
http://www.securityfocus.com/bid/10457

Slackware Linux PHP Packages Insecure Linking Configuration ...
http://www.securityfocus.com/bid/10461


================================
SecurityFocus Newsletter #253

PHP Microsoft Windows Shell Escape Functions Command Executi...
http://www.securityfocus.com/bid/10471
[This is real.  Make sure you've upgraded to 4.3.7.  --Dan]

PHP-Nuke Reviews Module Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/10493

Invision Power Board SSI.PHP SQL Injection Vulnerability
http://www.securityfocus.com/bid/10511

PHP-Nuke Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/10524


================================
SecurityFocus Newsletter #254

Horde Chora Viewer Remote Command Execution Vulnerability
http://www.securityfocus.com/bid/10531

Invision Power Board SSI.PHP Cross-Site Scripting Vulnerabil...
http://www.securityfocus.com/bid/10539

Pivot Remote module_db.PHP File Include Vulnerability
http://www.securityfocus.com/bid/10553

PHPHeaven PHPMyChat Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/10556

Invision Power Board Potential IP Address Spoofing Vulnerabi...
http://www.securityfocus.com/bid/10559


-- 
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
            data intensive web and database programming
                http://www.AnalysisAndSolutions.com/
 4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335 f: 718-854-0409

More information about the talk mailing list