Project ListAlerts from SecurityFocus Newsletter #345
PHP
- PHP Multiple Safe_Mode and Open_Basedir Restriction Bypass Vulnerabilities
This was fixed in CVS on April 6, so should show up in PHP 5.1.3.
APPLICATIONS USING PHP
- Gallery Unspecified Cross-Site Scripting Vulnerability
- Horde Help Viewer Remote PHP Code Execution Vulnerability
- PHPWebGallery Multiple Cross-Site Scripting Vulnerabilities
- phpMyForum Index.PHP Multiple Cross-Site Scripting Vulnerabilities
- MyBulletinBoard Newthread.PHP HTML Injection Vulnerability
- Clever Copy Connect.INC Information Disclosure Vulnerability
- JetPhoto Multiple Cross-Site Scripting Vulnerabilities
- SIRE Lire.PHP Remote File Include Vulnerability
- APT-webshop Modules.PHP Multiple SQL Injection Vulnerabilities
- SPIP Spip_login.PHP Remote File Include Vulnerability
- JBook Index.PHP Cross-Site Scripting Vulnerability
- AWeb's Scripts Seller Buy.PHP Authorization Bypass Vulnerability
- AWeb's Banner Generator Cross-Site Scripting Vulnerability
- PHPList Index.PHP Local File Include Vulnerability
- Clansys Index.PHP SQL Injection Vulnerability
- SmartISoft phpListPro Config.PHP Remote File Include Vulnerability
- AzDGVote Remote File Include Vulnerability
- XMB Forum Flash Video Cross-Site Scripting Vulnerability
- VWar Admin.PHP Remote File Include Vulnerability
- ShopWeezle Multiple SQL Injection Vulnerabilities
- XBrite Members.PHP SQL Injection Vulnerability
- Shadowed Portal Load.PHP Cross-Site Scripting Vulnerability
- SQuery LibPath Parameter Multiple Remote File Include Vulnerabilities
- VegaDNS Multiple Input Validation Vulnerabilities
- Design Nation DNGuestbook Admin.PHP SQL Injection Vulnerabilities
- SIRE Arbitrary File Upload Vulnerability
- Indexu Multiple Remote File Include Vulnerabilities
- PHPKIT Include.PHP SQL Injection Vulnerability
- Blursoft Blur6ex Multiple Input Validation Vulnerabilities
- Dokeos Viewtopic.PHP SQL Injection Vulnerability
- JBook Form.PHP SQL Injection Vulnerabilities
