SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   


View Topics  >  Advisory  >  GulfTech Security Research Team

Aug 18 2006   osCommerce Input Validation Flaw in 'shopping_cart.php' Lets Remote Users Inject SQL Commands
Aug 17 2006   Zen Cart Input Validation Flaws Let Remote Users Inject SQL Commands and Execute Arbitrary Code
Mar 3 2006   Gallery Input Validation Holes Let Remote Users Delete Files and Conduct Cross-Site Scripting Attacks
Feb 28 2006   phpRPC decode() Input Validaiton Bug Lets Remote Users Execute Arbitrary Code
Feb 25 2006   Mambo Input Validation Holes in 'mambo.php' Permit SQL Injection and in _setTemplate() Function Let Remote Users Include Local Files
Feb 22 2006   PEAR LiveUser Input Validation Flaws in Processing Cookies Let Remote Users Determine File Existence and Delete Files
Feb 10 2006   eyeOS Initialization Error in $_SESSION Array Lets Remote Users Execute Arbitrary Code
Feb 10 2006   CPAINT Input Validation Hole in 'cpaint2.inc.php' Permits Cross-Site Scripting Attacks
Jul 21 2005   Mozilla Firefox xpcom Race Condition Lets Remote Users Crash the Browser
Jul 21 2005   Mozilla Browser xpcom Race Condition Lets Remote Users Crash the Browser
Jul 1 2005   Simple Machines Forum Input Validation Hole in 'msg' Parameter Lets Remote Users Inject SQL Commands
Jun 24 2005   UBBThreads Multiple Input Validation Holes Permit Cross-Site Scripting, SQL Injection, and HTTP Response Splitting Attacks
Jun 21 2005   paFAQ Flaws Let Remote Users Download the Database, Inject SQL Commands, Conduct Cross-Site Scripting Attacks, and Execute Arbitrary Code
Jun 15 2005   paFileDB Multiple Bugs Permit SQL Injection and Cross-Site Scripting Attacks and Let Remote Users View or Execute Local Files
Jun 13 2005   FusionBB Input Validation Holes Let Remote Users Inject SQL Commands, View Files, and Execute Files
May 17 2005   Help Center Live Input Validation Bugs Permit SQL Injection and Cross-Site Scripting Attacks
May 17 2005   WoltLab Burning Board Input Validation Hole in verify_email() Permits SQL Injection
May 6 2005   Invision Power Board Input Validation Hole in 'login.php' Permits SQL Injection and in 'topics.php' Permits Cross-Site Scripting Attacks
May 3 2005   SitePanel 2 Validation Bugs Let Remote Users Execute Arbitrary Commands, View Arbitrary Files, and Conduct Cross-Site Scripting Attacks
May 3 2005   osTicket Bugs Let Remote Users Execute Arbitrary Commands and Permit Directory Traversal, SQL Injection, and Cross-Site Scripting Attacks
Apr 28 2005   phpBB Notes Mod Input Validation Hole in 'posting_notes.php' Permits SQL Injection
Apr 10 2005   ModernBill Include File Error in Sample 'news.php' Script Lets Remote Users Execute Commands and Input Validation Holes in 'orderwiz.php' Permit Cross-Site Scripting Attacks
Mar 29 2005   phpCOIN Lets Remote Users Inject SQL Commands and Execute Arbitrary Files on the Target System
Mar 22 2005   Kayako eSupport Input Validation Bugs in 'i' and 'c' Parameters Lets Remote Users Conduct Cross-Site Scripting Attacks
Jan 4 2005   PhotoPost Classifieds Input Validation Hole Lets Remote Users Upload Scripting Files
Jan 4 2005   ReviewPost Pro Input Validation Hole Lets Remote Users Upload Scripting Files
Jan 4 2005   PhotoPost Pro 'showgallery.php' Input Validation Holes Permit SQL Injection and Cross-Site Scripting Attacks
Dec 29 2004   PHP-Calendar Include File Flaw Lets Remote Users Execute Arbitrary Commands
Dec 28 2004   WHM AutoPilot 'server_inc' Include File Flaw Lets Remote Users Execute Arbitrary Commands
Dec 24 2004   Help Center Live Include File Flaw Lets Remote Users Execute Arbitrary Commands
Dec 23 2004   PsychoStats Input Validation Error Lets Remote Users Conduct Cross-Site Scripting Attacks
Dec 20 2004   eSupport Input Validation Holes Permit SQL Injection and Cross-Site Scripting Attacks
Dec 15 2004   phpGroupWare Multiple Input Validation Holes Permit SQL Injection and Cross-Site Scripting Attacks
Dec 2 2004   SugarCRM Input Validation Holes Let Remote Users View Files, Inject SQL Commands, and Conduct Cross-Site Scripting Attacks
Sep 28 2004   dBpowerAMP Audio Player Buffer Overflows Let Remote Users Execute Arbitrary Code
Sep 28 2004   dBpowerAMP Music Converter Buffer Overflows Let Remote Users Execute Arbitrary Code
Sep 21 2004   Emulive Server4 Authentication Error Grants Administrative Access to Remote Users
Sep 17 2004   DNS4Me Lets Remote Users Crash the Web Service and Conduct Cross-Site Scripting Attacks
Sep 1 2004   phpWebSite Input Validation Bugs in 'cal_template' and Other Parameters Permit SQL Injection and Cross-Site Scripting Attacks
Aug 30 2004   Xedus Web Server Input Validation Flaws Disclose Files to Remote Users and Permit Cross-Site Scripting Attacks
Aug 26 2004   Keene Digital Media Server Encoded URL Directory Traversal Flaw Discloses Files to Remote Users
Aug 24 2004   Easy File Sharing Web Server Discloses All Files on the Disk to Remote Users
Aug 24 2004   LiveWorld Products Allow Remote Users to Conduct Cross-Site Scripting Attacks
Aug 20 2004   BadBlue Web Server Service Can Be Denied With Multiple Connections from the Same Host
May 4 2004   PHPX Has Mulitple Input Validation Holes That Permit Cross-Site Scripting Attacks
Apr 25 2004   OpenBB Input Validation Holes Let Remote Users Inject SQL Commands and Conduct Cross-Site Scripting Attacks
Apr 15 2004   phpBugTracker Input Validation Flaws in 'user.php', 'bugs.php', and 'query.php' Let Remote Users Inject SQL Commands
Apr 12 2004   TikiWiki Multiple Input Validation Holes Let Remote Users Inject SQL Commands, Conduct Cross-Site Scripting Attacks, and Upload Files
Mar 29 2004   PhotoPost PHP Pro Has Multiple Input Validation Holes That Let Remote Users Inject SQL Commands and Conduct Cross-Site Scripting Attacks
Mar 22 2004   Invision Gallery Multiple Input Validation Errors Let Remote Users Inject SQL Commands
Mar 22 2004   Invision Power Top Site List Input Validation Hole in 'comment' Feature Permits SQL Injection
Mar 22 2004   phpBB Input Validation Flaws in 'admin_smilies.php' and 'admin_styles.php' Let Remote Authenticated Administrators Inject SQL
Mar 16 2004   Mambo Open Source Input Validation Errors in 'id' and Other Parameters Permit SQL Injection and Cross-Site Scripting Attacks
Mar 16 2004   vBulletin showthread, forumdisplay, and memberlist Input Validation Bugs Permit Cross-Site Scripting Attacks
Mar 15 2004   Phorum HTTP_REFERER and Other Input Validation Flaw Permits Cross-Site Scripting Attacks
Jan 16 2004   Metadot Portal Server Input Validation Holes Permit SQL Injection and Cross-Site Scripting Attacks
Jan 16 2004   phpShop Multiple Input Validation Flaws Permit SQL Injection, Cross-Site Scripting, and Disclosure of Customer Data
Jan 12 2004   phpGedView 'timeline.php' and 'placelist.php' Input Validation Flaws Permit SQL Injection
Jan 7 2004   PostNuke Input Validation Flaw in 'sortby' Variable in 'members_list' Module Permits SQL Injection
Dec 19 2003   ProjectApp Authentication Flaw Lets Remote Users Gain Administrative Access
Dec 19 2003   IntranetApp Access Control Flaw Lets Remote Authenticated Users Reset Passwords for Arbitrary Accounts
Dec 19 2003   PortalApp Authentication Flaw Lets Remote Users Gain Administrative Access
Dec 18 2003   AutoRank PHP Input Validation Flaw in 'accounts.php' Permits Remote SQL Injection
Dec 18 2003   osCommerce 'osCsid' Input Validation Flaw Allows Remote Users to Conduct Cross-Site Scripting Attacks
Dec 16 2003   Invision Power Top Site List 'offset' Input Validation Flaw May Let Remote Users Inject SQL Commands
Dec 16 2003   Aardvark Topsites PHP Input Validation Flaw Permits Remote SQL Injection







Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC