Project ListAlerts from SecurityFocus Newsletter #356
PHP
- PHP Error_Log Safe_Mode Restriction-Bypass Vulnerability
This is mainly an issue in shared hosting environments. Ilia committed a fix for this on June 28 to ext/standard/basic_functions.c.
APPLICATIONS USING PHP
- ADOdb Tmssql.PHP Cross-Site Scripting Vulnerability
- Phorum Read.PHP Cross-Site Scripting Vulnerability
- Ralf Image Gallery Multiple Input Validation Vulnerabilities
- UebiMiau Multiple Cross-Site Scripting Vulnerabilities
- DreamAccount Index.PHP Remote File Include Vulnerability
- DreamAccount Auth.api.PHP Remote File Include Vulnerability
- PHPMySMS Gateway.PHP Remote File Include Vulnerability
- Winged Gallery Thumb.PHP Cross-Site Scripting Vulnerability
- Custom Dating Biz Multiple Input Validation Vulnerabilities
- SmartSiteCMS Inc_Foot.PHP Remote File Include Vulnerability
- Project Eros BBSEngine Multiple Input Validation Vulnerabilities
- YaBB SE Profile.php SQL Injection Vulnerability
- Infinite Core Technologies ICT INDEX.PHP SQL Injection Vulnerability
- THoRCMS Functions_cms.PHP Remote File Include Vulnerability
- Zorum Multiple SQL Injection Vulnerabilities
- MF Piadas Admin.PHP Remote File Include Vulnerability
- MF Piadas Admin.PHP Cross-Site Scripting Vulnerability
- CrisoftRicette Cookbook.PHP Remote File Include Vulnerability
- Jaws Search Gadget Multiple Input Validation Vulnerabilities
- Usenet Index.PHP Cross-Site Scripting Vulnerability
This blasphemous fool really named their software "Usenet." Amazing. - OpenGuestbook Multiple Input Validation Vulnerabilities
- Claroline Multiple Unspecified Cross-Site Scripting Vulnerabilities
- MyMail Login.PHP Cross-Site Scripting Vulnerability
- Anthill Multiple SQL Injection Vulnerabilities
- CBSMS Mambo Module Mod_CBSMS_Messages.PHP Remote File Include Vulnerability
- phpQLAdmin Multiple Cross-Site Scripting Vulnerabilities
- Bee-hive Multiple Remote File Include Vulnerabilities
- Mantis Multiple Unspecified Remote Vulnerabilities
- eNpaper1 Root_Header.PHP Remote File Include Vulnerability
- XennoBB Messages.PHP Cross-site Scripting Vulnerability
- dotProject UI.Class.PHP Cross-Site Scripting Vulnerability
- SiteBar Command.PHP Cross-Site Scripting Vulnerability
- Qdig Index.PHP Multiple Cross-Site Scripting Vulnerabilities
- DeluxeBB CP.PHP SQL Injection Vulnerability
- GL-SH Deaf Forum Multiple Cross-Site Scripting Vulnerabilities
RELATED STUFF
- GnuPG Parse_User_ID Remote Buffer Overflow Vulnerability
Upgrade to version 1.4.4.
