DSA-351 php4 - cross-site scripting

Bulletin has no description...

[SECURITY] [DSA 220-1] New squirrelmail packages fix cross site scripting problem

-------------------------------------------------------------------------- Debian Security Advisory DSA 220-1 [email protected] http://www.debian.org/security/ Martin Schulze January 2nd, 2003 http://www.debian.org/security/faq -...

DSA-220 squirrelmail - cross site scripting

Bulletin has no description...

NOCC 0.9.x - Webmail Script Injection

source: https://www.securityfocus.com/bid/4740/info NOCC is a web based email client implemented in PHP4. It includes support for POP3, SMTP and IMAP servers, MIME attachments and multiple languages. A script injection issue has been reported with the way emails are displayed to users of NOCC...

Некорректная работа с идентификаторами сеансов в PHP4 (session spoofing)

Идентификаторы сеансов хранятся в директории /tmp...

[SECURITY] New version of Debian php4 packages released (updated)

---------------------------------------------------------------------------- Debian Security Advisory [email protected] http://www.debian.org/security/ Daniel Jacobowitz October 14, 2000 - ---------------------------------------------------------------------------- Package: php4 Vulnerability:...

[SECURITY] New version of Debian php4 packages released

---------------------------------------------------------------------------- Debian Security Advisory [email protected] http://www.debian.org/security/ Daniel Jacobowitz October 14, 2000 - ---------------------------------------------------------------------------- Package: php4 Vulnerability:...

@stake Advisory: PHP3/PHP4 Logging Format String Vulnerability (A 101200-1)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 We contacted the PHP team on 10/3/2000 concerning this problem. We wanted to hold off releasing our advisory until a fix was available for PHP3 since some users may not be able to easily upgrade to PHP4. Fixes for PHP3 and PHP4 are now available. We a...