pMachine.txt

Informations : °°°°°°°°°°°°° Language : PHP Version : Free 2.2.1 Website : http://www.pmachine.com Problem : Include Security Hole PHP Code/Location : °°°°°°°°°°°°°°°°°°° This will work if registerglobals is ON OR OFF. /pm/lib.inc.php : ------------------------------------------------------------...

Truegalerie admin.php loggedin Parameter Admin Authentication Bypass

The remote host is running TrueGalerie, an album management system written in PHP. There is a flaw in the version of TrueGalerie that could allow an attacker to log in as the administrator without having to know the password, simply by requesting the URL : /admin.php?loggedin=1 Provided PHP's...

(RHSA-2002:214) php security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP server. The mail function in PHP 4.x to 4.2.2 may allow local script authors to bypass safe mode restrictions and modify command line arguments to the MTA such as sendmail in the 5th argument to mail, altering MTA...

[VSA0306] YABBSE 1.4.1 SQL Injection Bugs

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Subject: void.at SA YaBB SE SQL Injection Bugs void.at Security Advisory VSA0306 YaBB SE is a web based forum written in PHP. Overview - -------- Due to sql injection bugs, it is possible for an remote user without an account to get access to user...

Security Patchs for PHP Products

PHPSecure made some patchs for security holes in PHP products. Here is the list : - ALP - Banner Ad 2.0 : http://www.phpsecure.org/index.php?id=1&zone=pDl More details : http://online.securityfocus.com/search?category=22&query=ALP - Tight Auction 3.0 :...

News Evolution 1.02.0 - Include Undefined Variable Command Execution

News Evolution 1.02.0 - Include Undefined Variable Command Execution source: https://www.securityfocus.com/bid/6260/info News Evolution is a freely available, open source news software package. It is written in PHP, and designed for use on Unix and Linux operating systems. The problem occurs in t...

Important: Red Hat Security Advisory: apache, mod_ssl, php security update for Stronghold

Updated versions of the Apache HTTP server, PHP, and modssl are now available which close possible buffer overflows in the Apache HTTP server benchmarking tool, fixes two cross-site scripting vulnerabilities in the error pages, and fix possible local privilege escalation. These updates also fix...

Important: Red Hat Security Advisory: apache, mod_ssl, php security update for Stronghold

Updated versions of the Apache HTTP server, PHP, and modssl are now available which close possible buffer overflows in the Apache HTTP server benchmarking tool, fixes two cross-site scripting vulnerabilities in the error pages, and fix possible local privilege escalation. These updates also fix...

Apache 2.0.(39|40) DOS (PHP!)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -==--==--==- I put PHP in the title so I know this message will reach the "sekur1ty c0mmun1ty", that knows that PHP is bad, because it's easy to write insecure applications, unlike C. - -==--==--==- Problem: o Apache 2.0 .39 and .40 tested on Linuxx...

Important: Red Hat Security Advisory: php security update

PHP versions earlier than 4.1.0 contain a vulnerability that could allow arbitrary commands to be executed. updated 22 Aug 2002 The initial set of errata packages contained an incorrect set of dependencies. This meant that a number of packages would need to be installed before php that were not...

OpenBB 1.0 - Unauthorized Moderator Access

source: https://www.securityfocus.com/bid/4823/info OpenBB is web forum software written in PHP. It will run on most Linux and Unix variants, in addition to Microsoft Windows operating systems. OpenBB is reported to be vulnerable to a condition that will allow an unauthorized user to gain moderat...

PostNuke 0.703 - caselist Arbitrary Module Include

source: https://www.securityfocus.com/bid/4381/info PostNuke is a content management system originally forked from the PHP-Nuke project. It is implemented in PHP, and available for Windows, Linux and other Unix based systems. A vulnerability has been reported in some versions of PostNuke...

Security holes in two PHP services.

The first one is poll "avotravis " versions 2.1 and less. 1 Distortion of the limitations of multiple votes : Set the cookie with the name "alreadyvoted" and value "1" to the url /avotravis.php3?vote=1 for "yes" and /avotravis.php3?vote=1 for "no". 2 Access to the part administration : Set the...

PHP 4.x session spoofing

Hi, +-------------------+ | What are sessions | +-------------------+ A session ID is required to identify people. It is passed over to the browser and then is either part of the url or is stored as a cookie. With every request the browser also sends this ID over to the server which makes is...