Alerts from SecurityFocus Newsletter #332

Summarized by Daniel Convissor

PHP

• PHP MySQL_Connect Remote Buffer Overflow Vulnerability

APPLICATIONS USING PHP

• MyBB Print Thread Script HTML Injection Vulnerability
• MyBB File Upload SQL Injection Vulnerability
• InTouch User Variable SQL Injection Vulnerability
• PHPJournaler Readold Variable SQL Injection Vulnerability
• Chimera Web Portal Multiple Input Validation Vulnerabilities
• B-Net Multiple HTML Injection Vulnerabilities
• ScozNet ScozBook AdminName Variable SQL Injection Vulnerability
• VBulletin Event Title HTML Injection Vulnerability
• Drupal URL-Encoded Input HTML Injection Vulnerability
• INCOGEN Bugport Multiple SQL Injection Vulnerabilities
• INCOGEN Bugport Index.PHP Multiple Cross-Site Scripting Vulnerabilities
• Primo Place Primo Cart Multiple SQL Injection Vulnerabilities
• Valdersoft Shopping Cart Remote File Include Vulnerability
• IDV Directory Viewer Index.PHP Information Disclosure Vulnerability
• raSMP User-Agent HTML Injection Vulnerability
• Lizard Cart CMS Multiple SQL Injection Vulnerabilities
• Foro Domus Multiple Input Validation Vulnerabilities
• ADN Forum Multiple Input Validation Vulnerabilities
• Modular Merchant Shopping Cart Cross-Site Scripting Vulnerability
• TheWebForum Multiple Input Validation Vulnerabilities
• TinyPHPForum Multiple Directory Traversal Vulnerabilities
• Navboard Multiple BBCode Tag Script Injection Vulnerabilities

RELATED STUFF

• Apache mod_auth_pgsql Multiple Format String Vulnerabilities