Project ListAlerts from SecurityFocus Newsletter #361
Wow. This week's volume is up: 42 PHP applications. Plus Mozilla fixes are on tap.APPLICATIONS USING PHP
- Colophon Component Admin.Colophon.PHP Remote File Include Vulnerability
- Liga Manager Online Joomla! Component Remote File Include Vulnerability
- Moskool Component Admin.Moskool.PHP Remote File Include Vulnerability
- SecurityImages Component Multiple Remote File Include Vulnerabilities
- Mambatstaff MosConfig_Absolute_Path Remote File Include Vulnerability
- Artlinks MosConfig_Absolute_Path Remote File Include Vulnerability
- Com_Bayesiannaivefilter Mambo Component Remote File Include Vulnerability
- Mambo Gallery Manager MosConfig_Absolute_Path Remote File Include Vulnerability
- Knusperleicht ShoutBox SB_Include_Path Parameter Remote File Include Vulnerability
- Knusperleicht FileManager DWL_Download Remote File Include Vulnerability
- Knusperleicht Quickie Quick_Path Parameter Remote File Include Vulnerability
- Knusperleicht NewsPreporter News_include_path Remote File Include Vulnerability
- Knusperleicht FAQ Script Index.PHP Remote File Include Vulnerability
- Knusperleicht GuestBook GB_PATH Parameter Remote File Include Vulnerability
- Knusperleicht NewsLetter Index.PHP Remote File Include Vulnerability
- Ajax Chat Multiple Remote Vulnerabilities
- X-Scripts X-Statistics X-Statistics.PHP SQL Injection Vulnerability
- X-Scripts X-Poll Top.PHP SQL Injection Vulnerability
- X-Scripts X-Protection Protect.PHP SQL Injection Vulnerability
- User Home Pages UHP_CONFIG.PHP Remote File Include Vulnerability
- ATutor Multiple SQL Injection Vulnerabilities
- MyBulletinBoard UserCP.PHP Cross-Site Scripting Vulnerability
- MyBulletinBoard UserCP.PHP Directory Traversal Vulnerability
- Coppermine Photo Gallery Theme.PHP Remote File Include Vulnerability
- Advanced Webhost Billing System Contact.PHP Multiple Cross-Site Scripting Vulnerabilities
- OpenForum Multiple Cross-Site Injection Vulnerabilities
- MyNewsGroups Layersmenu.INC.PHP Remote File Include Vulnerability
- VBPortal Log Remote Code Execution Vulnerability
- PHPReactor EditProfile.PHP Remote File Include Vulnerability
- TinyPHPForum Multiple Cross-Site Scripting Vulnerabilities
- PHPAuction PHPAds_Path Variable Remote File Include Vulnerability
- Help Center Live Module.PHP Directory Traversal Vulnerability
- SQLiteWebAdmin Multiple Input Validation Vulnerabilities
- WordPress Multiple Unspecified Security Vulnerabilities
- XMB Forum U2UID SQL Injection Vulnerability
- TinyPHPForum Error.PHP Information Disclosure Vulnerability
- Voodoo Chat File_Path Parameter Remote File Include Vulnerability
- WoW Roster Multiple Remote File Include Vulnerabilities
- TSEP Copyright.PHP Remote File Include Vulnerability
- myEvent Myevent.PHP Remote File Include Vulnerability
- Banex PHP MySQL Banner Exchange Multiple Remote Vulnerabilities
- Seir Anphin V666 Community Management System Multiple SQL Injection Vulnerabilities
RELATED STUFF
- Mozilla Multiple Products Remote Vulnerabilities
New versions of Mozilla products address several security issues. Make sure to upgrade to the following versions:
Firefox 1.5.0.5 (NOTE: the Firefox 1.0.x branch is no longer being maintained.)
Thunderbird 1.5.0.5
SeaMonkey 1.0.3
