1132 matches found
EternalMart Mailing List Manager 1.32 - Remote File Inclusion
EternalMart Mailing List Manager 1.32 - Remote File Inclusion source: https://www.securityfocus.com/bid/8767/info EternalMart Mailing List Manager and Guestbook are prone to remote file-include vulnerabilities. Remote attackers may cause malicious PHP code to run on the webserver...
PHP < 4.3.3 Multiple Vulnerabilities
The remote host is running a version of PHP that is older than 4.3.3. All versions of PHP 4 older than 4.3.3 contain multiple integer overflow vulnerabilities that may allow an attacker to execute arbitrary commands on this host. Another problem may also invalidate safemode. %NASLMINLEVEL 70300 C...
myPHPNuke.txt
Informations : °°°°°°°°°°°°° Language : PHP Version : 1.8.87 Website : http://www.myphpnuke.com Problems : - Upload/Copy/Include Files PHP Code/Location : °°°°°°°°°°°°°°°°°°° gallery/displayCategory.php : ------------------------------------------ ... attach;"; else die"No input file specified";...
eStore SQL Injection Vulnerability & Path Disclosure
1ndonesian Security Team 1st http://bosen.net/releases/ ============================================================== Security Advisory Advisory Name: eStore SQL Injection Vulnerability & Path Disclosure Release Date: 07/15/2003 Application: eStore 1.0.1 eStore 1.0.2 eStore 1.0.2b Platform: PHP...
Important: Red Hat Security Advisory: : : : New PHP packages fix vulnerabilities
Updated PHP packages are available for Red Hat Linux on IBM iSeries and pSeries systems. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP server. The mail function in PHP 4.x to 4.2.2 may allow local script authors to bypass safe mode restrictions and modify command...
b2 cafelog 0.6.1 remote command execution.
Products: b2 cafelog 0.6.1 http://cafelog.com/ Date: 29 May 2003 Author: pokleyzz pokleyzzatscan-associates.net Contributors: skatscan-associates.net shaharilatscan-associates.net muniratscan-associates.net URL: http://www.scan-associates.net Summary: b2 cafelog 0.6.1 remote command execution...
OneOrZero Security Problems (PHP)
Informations : °°°°°°°°°°°°°° Website : http://www.oneorzero.com Version : 1.4 rc4 Problems : - SQL Injection - Admin Access PHP Code/Location : °°°°°°°°°°°°°°°°°°° supporter/tupdate.php : -------------------------------------------------------------------------- if$groupid == 'change' $sql =...
Inaccurate Reports Concerning PHP Vulnerabilities
There have been a number of reports circulating about possible vulnerabilities in PHP. I'm going to address them one-by-one: Integer Overflow in socketiovecalloc WRONG! This is a Null-pointer de-reference: EAX = 00000000 EDI = 41414141 0085353A 8B 38 mov edi,dword ptr eax The access violation...
Inaccurate Reports Concerning PHP Vulnerabilities
There have been a number of reports circulating about possible vulnerabilities in PHP. I'm going to address them one-by-one: Integer Overflow in socketiovecalloc WRONG! This is a Null-pointer de-reference: EAX = 00000000 EDI = 41414141 0085353A 8B 38 mov edi,dword ptr eax The access violation...
Multiple PHP problems
Local integer overflow in socketiovecalloc may be exploited if PHP is compiled with --enable-sockets option. Memory allocation troubles. Buffer overflow in openlog...
Important: Red Hat Security Advisory: apache, openssl, php security update for Stronghold
Updated versions of Stronghold 3.0 are available to fix a number of vulnerabilities in OpenSSL, Apache, and PHP. Stronghold 3.0 contains a number of open source technologies such as OpenSSL, Apache, and PHP. The following paragraphs describe a number of issues that have been found in versions of...
Important: Red Hat Security Advisory: apache, openssl, php, tomcat security update for Stronghold
Updated versions of Stronghold 4 cross-platform are available to fix a number of vulnerabilities in OpenSSL, Apache, PHP, and Tomcat. Also included in this update are bug fixes for modproxy and the modauthzldap package. Stronghold 4 cross platform contains a number of open source technologies suc...
Mambo Site Server Remote Code Execution
Mambo PHP-Portal Vulnerability By Mindwarper :: [email protected] :: ------- ------- ---------------------- Vendor Information: ---------------------- Homepage : http://www.mamboserver.com Vendor : informed Mailed advisory: 09/01/03 Vender Response : None yet ---------------------- Affected Version...
CVE-2002-2217
Multiple PHP remote file inclusion vulnerabilities in Web Server Creator - Web Portal WSC-WebPortal 0.1 allow remote attackers to execute arbitrary PHP code via a URL in the 1 l parameter to customize.php or the 2 pg parameter to index.php...
squirellmail php bugs
Uninitialized PHP valirables, crossite scripting...
FreeNews 2.1 - Include Undefined Variable Command Execution
source: https://www.securityfocus.com/bid/6258/info FreeNews is a freely available, open source News software package. It is written in PHP, and designed for use on Unix and Linux operating systems. Programming errors in FreeNews could lead to the inclusion of arbitrary files on remote servers in...
Important: Red Hat Security Advisory: apache, mod_ssl, php security update for Stronghold
Updated versions of the Apache HTTP server, PHP, and modssl are now available which close possible buffer overflows in the Apache HTTP server benchmarking tool, fix two cross-site scripting vulnerabilities in the error pages, and fix possible local privilege escalation. These updates also fix...
Multiple Web Security Holes
I sent this three times to webappsec but without resultats. I try so on bugtraq, although that is less appropriate. ----------------------------------------------------- Five products in PHP are vulnerable to various holes. 1 TightAuction Website : http://www.tightprices.com Tested Version : 3.0...
[SECURITY] [DSA 168-1] New PHP packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 168-1 [email protected] http://www.debian.org/security/ Martin Schulze September 18th, 2002 http://www.debian.org/security/faq -...
DSA-168 php - bypassing safe_mode, CRLF injection
Bulletin has no description...