Ravens PHP Scripts: Security



Search on This Topic:   
[ Go to Home | Select a New Topic ]
 

 

acFTP REST/PBSZ Argument Handling Denial of Service More about Read More...

Posted on Tuesday, December 26, 2006 @ 16:10:25 CST in Security
by Raven

SECUNIA ADVISORY ID: SA23481

VERIFY ADVISORY: http://secunia.com/advisories/23481/

CRITICAL: Moderately critical

IMPACT: DoS

SOFTWARE: acFTP 1.x - http://secunia.com/product/9764/

DESCRIPTION: Gabriel Silva has discovered two vulnerabilities in acFTP, which can be exploited by malicious users and malicious people to cause a DoS (Denial of Service). Read More...


 

 

KISGB *default_path_for_themes* File Inclusion Vulnerability More about Read More...

Posted on Tuesday, December 26, 2006 @ 16:06:54 CST in Security
by Raven

SECUNIA ADVISORY ID: SA23477

VERIFY ADVISORY: http://secunia.com/advisories/23477/

CRITICAL: Highly critical

IMPACT: System access

SOFTWARE: KISGB 5.x - http://secunia.com/product/12955/

DESCRIPTION: mdx has reported a vulnerability in KISGB, which can be exploited by malicious people to compromise a vulnerable system. Read More...

Note: 
From Raven: I was not notified before this was released to the masses. I am in the process of testing my fixes and expect to release an update either today or tomorrow. It does not appear that the NUKE version is affected, although you should be sure that register_globals is set OFF.


 

 

TYPO3 *userUid* Command Execution Vulnerability More about Read More...

Posted on Thursday, December 21, 2006 @ 11:02:06 CST in Security
by Raven

SECUNIA ADVISORY ID: SA23446

VERIFY ADVISORY: http://secunia.com/advisories/23446/

CRITICAL: Highly critical

IMPACT: System access

SOFTWARE: TYPO3 4.x - http://secunia.com/product/12113/

DESCRIPTION: Daniel Fabian and J. Greil have reported a vulnerability in TYPO3, which can be exploited by malicious people to gain system access. Read More...


 

 

TYPO3 rtehtmlarea Extension *userUid* Command Execution More about Read More...

Posted on Thursday, December 21, 2006 @ 11:00:14 CST in Security
by Raven

SECUNIA ADVISORY ID: SA23466

VERIFY ADVISORY: http://secunia.com/advisories/23466/

CRITICAL: Highly critical

IMPACT: System access

SOFTWARE:
rtehtmlarea (extension for TYPO3) 0.x - http://secunia.com/product/12942/
rtehtmlarea (extension for TYPO3) 1.x - http://secunia.com/product/12943/

DESCRIPTION: Daniel Fabian and J. Greil have reported a vulnerability in the rtehtmlarea extension for TYPO3, which can be exploited by malicious people to gain system access. Read More...


 

 

Valdersoft Shopping Cart *commonIncludePath* File Inclusion More about Read More...

Posted on Thursday, December 21, 2006 @ 10:59:01 CST in Security
by Raven

SECUNIA ADVISORY ID: SA23464

VERIFY ADVISORY: http://secunia.com/advisories/23464/

CRITICAL: Highly critical

IMPACT: System access

SOFTWARE: Valdersoft Shopping Cart 3.x - http://secunia.com/product/4844/

DESCRIPTION: mdx has reported two vulnerabilities in Valdersoft Shopping Cart, which can be exploited by malicious people to compromise vulnerable systems. Read More...


 

 

SugarCRM Sugar Open Source Cross-Site Scripting Vulnerability More about Read More...

Posted on Thursday, December 21, 2006 @ 10:57:38 CST in Security
by Raven

SECUNIA ADVISORY ID: SA23424

VERIFY ADVISORY: http://secunia.com/advisories/23424/

CRITICAL: Less critical

IMPACT: Cross Site Scripting

SOFTWARE: Sugar Open Source 4.x - http://secunia.com/product/9921/

DESCRIPTION: A vulnerability has been reported in Sugar Open Source, which can be exploited by malicious people to conduct cross-site scripting attacks. Read More...


 



Page 59 of 102 (608 total stories) [ << | < | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | > | >> ]  

News ©

Site Info

Last SeenLast Seen
  • neralex
  • corpse
Server TrafficServer Traffic
  • Total: 554,779,392
  • Today: 138,006
Server InfoServer Info
  • Mar 14, 2026
  • 06:04 pm CDT
 
 

Site Navigation