Project ListAlerts from SecurityFocus Newsletter #338
APPLICATIONS USING PHP
- ADOdb Multiple Cross-Site Scripting Vulnerabilities
- PEAR::Auth Multiple Unspecified SQL Injection Vulnerabilities
- SquirrelMail Multiple Cross-Site Scripting and IMAP Injection Vulnerabilities
- PHPNuke Index.PHP Search Module SQL Injection Vulnerability
- PHPNuke CAPTCHA Bypass Weakness
- Leif M. Wright Blog HTML Injection Vulnerability
- Leif M. Wright Blog Information Disclosure Vulnerability
- MyBB Multiple Cross-Site Scripting Vulnerabilities
- V-webmail Multiple Cross-Site Scripting Vulnerabilities
- BirthSys Multiple SQL Injection Vulnerabilities
- RCBlog Index.PHP Directory Traversal Vulnerability
- E107 Website System Chatbox Plugin HTML Injection Vulnerability
- Coppermine Multiple File Include Vulnerabilities
- Geeklog Multiple Input Validation Vulnerabilities
- Admbook Remote PHP Script Code Execution Vulnerability
- PostNuke Multiple Input Validation Vulnerabilities
- Guestbox HTML Injection Vulnerability
- Melange Chat Session Header Information Disclosure Vulnerability
- Barracuda Directory Multiple HTML Injection Vulnerabilities
- IlchClan Multiple SQL Injection Vulnerabilities
- Magic Calendar Lite Index.PHP SQL Injection Vulnerability
- TTS Software Time Tracking Software Edituser.PHP Access Validation Vulnerability
RELATED STUFF
- GnuPG Detached Signature Verification Bypass Vulnerability
This was fixed in version 1.4.2.1, but other issues were fixed subsequently, so upgrade to 1.4.2.2.
