Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : php5 vulnerabilities (USN-1358-1)

It was discovered that PHP computed hash values for form parameters without restricting the ability to trigger hash collisions predictably. This could allow a remote attacker to cause a denial of service by sending many crafted parameters. CVE-2011-4885 ATTENTION: this update changes previous PHP...

Ignition 1.3 Local File Inclusion

Ignition 1.3 page Local File Inclusion Vulnerability disclosed by cOndemned download: http://launchpad.net/ignition/trunk/1.3/+download/ignition-1.3.tar.gz note: 1. Magicquotesgpc should be turned off in order to exploit this vulnerability 2. LFI bugs found by me in previous version 1.2 are still...

Sql injection

Multiple SQL injection vulnerabilities in TemaTres 1.031, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 idcorreoelectronico and 2 idpassword parameters to login.php. NOTE: the provenance of this information is unknown; the details are obtained...

doop CMS <= 1.3.7 (page) Local File Inclusion Vulnerability

No description provided by source. | DOOP CMS =1.3.7 Local File Inclusion | || | vuln path: ?page=/../../../../../../../etc/passwd%00 | | | | dork: Doop CMS | | dork2: powered by Doop CMS | | | | work only if magicquotesgpc are set to OFF | || | vuln code: | | line 544: | | if !isset$REQUEST'page...