|
FOG Forum "index.php" Local File Inclusion Vulnerabilities
|
|
|
|
Pet Grooming Management System "useradded.php" Security Bypass
|
|
|
|
FrSIRT - PHPauction GPL "include_path" Remote File Inclusion Vulnerabilities 2008-03-18
|
|
|
|
Bugtraq: OtherLogic[vocourse.php]SQL Injection Exploit
|
|
|
|
Fedora update for phpMyAdmin
|
|
|
|
Vuln: myPHPNuke 'printfeature.php' SQL Injection Vulnerability 2008-09-02
|
|
|
|
FrSIRT - Turbolinux Security Update Fixes phpMyAdmin Code Injection Vulnerability 2008-09-19
|
|
|
|
PHP-Nuke KutubiSitte "kid" SQL Injection 10-3-2008
|
|
|
|
CVE-2008-2346 (alkalinephp)
|
|
|
|
FrSIRT - PHPizabi Arbitrary File Upload Remote Code Execution Vulnerability 2008-02-18
|
|
|
|
CVE-2007-6470 (phpRPG)
|
|
|
|
Vuln: FaScript Faphoto 'show.php' SQL Injection Vulnerability 2008-04-02
|
|
|
|
Vuln: ComicShout 'news.php' SQL Injection Vulnerability 2008-06-02
|
|
|
|
Vuln: scWiki Common.PHP Remote File Include Vulnerability 2007-11-06
|
|
|
|
PHP-NUKE SQL Modules Name 4ndvddb Sun, 13 Jul 2008 14:09:46 +0200
|
|
|
|
Vuln: Akira Powered Image Gallery 'function.php' SQL Injection Vulnerability 2008-09-23
|
|
|
|
Vuln: phpFastNews Cookie Authentication Bypass Vulnerability 2008-10-18
|
|
|
|
Scribe <= 2.0 Remote PHP Code Execution 5-11-2007
|
|
|
|
FrSIRT - phpMyAdmin HTTP POST Request File Disclosure Vulnerability 2008-04-23
|
|
|
|
PHP-Nuke Search Module "sid" Parameter SQL Injection Vulnerability 2008-01-24
|
|
|
|
phpCMS "file" File Disclosure Vulnerability
|
|
|
|
FrSIRT - Slackware Security Update Fixes Multiple PHP Vulnerabilities 2008-09-04
|
|
|
|
eSyndiCat Directory Software Pro "register.php" Cross-Site Scripting
|
|
|
|
Pre Job Board "JobSearch3.php" SQL Injection Vulnerabilities
|
|
|
|
CVE-2008-3711 (phpArcadeScript)
|
|
|
|
CVE-2007-6323 (MMS Gallery PHP)
|
|
|
|
TalkBack Multiple Parameter Remote PHP File Inclusion Vulnerabilities 2007-11-22
|
|
|
|
Mini CWB "connector.php" Cross-Site Scripting Vulnerability
|
|
|
|
Vuln: ODFaq 'index.php' SQL Injection Vulnerability 2008-04-29
|
|
|
|
CVE-2008-3710 (cyboards_php_lite)
|
|
|
|
PHP 5.2.5 cURL safe_mode bypass 22-1-2008
|
|
|
|
Mantis "sort" PHP Code Execution Vulnerability
|
|
|
|
CVE-2008-0432 (phpAutoVideo)
|
|
|
|
Vuln: vShare YouTube Clone Script 'group_posts.php' SQL Injection Vulnerability 2008-05-09
|
|
|
|
CVE-2008-1043 (php User Base)
|
|
|
|
ArabCMS (rss.php rss) Local File Inclusion Vulnerability Thu, 23 Oct 2008 19:05:38 +0200
|
|
|
|
CVE-2007-6624 (PNphpBB)
|
|
|
|
CVE-2008-1149 (phpMyAdmin)
|
|
|
|
HP-UX update for Apache and Tomcat with PHP
|
|
|
|
PHP Classifieds "admin_username" SQL Injection Vulnerability
|
|
|
|
CVE-2008-3406 (phpLinkat)
|
|
|
|
Vuln: FaName 'page.php' SQL Injection Vulnerability 2008-07-01
|
|
|
|
Vuln: Amber Script Show_Content.PHP Local File Include Vulnerability 2007-11-27
|
|
|
|
Xoops PopnupBlog Module "index.php" Cross-Site Scripting
|
|
|
|
project alumni v1.0.9 (info.php) SQL Injection Vulnerability Sat, 10 May 2008 01:44:59 +0200
|
|
|
|
PHP-Nuke Module NukeC30 sql injection 12-3-2008
|
|
|
|
CVE-2008-4705 (myphpdating)
|
|
|
|
PHPSlideShow (toonchapter8.php) Cross-Site Scripting Vulnerability 27-11-2007
|
|
|
|
Bugtraq: [ECHO_ADV_89$2008] Softbiz Web Host Directory Script (search_result.php host_id) Blind Sql Injection Vulnerability
|
|
|
|
Thelia auth.php Security Bypass Vulnerability
|
|
|
|
PHPizabi "id" Information Disclosure and Manipulation
|
|
|
|
FrSIRT - BoonEx Ray "sIncPath" Remote PHP File Inclusion Vulnerability 2008-07-09
|
|
|
|
CVE-2008-3658 (PHP)
|
|
|
|
PHP Real Estate Classifieds "id" SQL Injection
|
|
|
|
GROUP-E Collaboration Software head_auth.php Remote File Inclusion
|
|
|
|
zKup PHP Code Execution and Security Bypass
|
|
|
|
CVE-2008-3197 (phpMyAdmin)
|
|
|
|
FrSIRT - XplodPHP AutoTutorials "id" Parameter SQL Injection Vulnerability 2008-04-16
|
|
|
|
Bugtraq: [SECURITY] [DSA 1641-1] New phpmyadmin packages fix several issues
|
|
|
|
CVE-2008-1847 (phpAddressBook)
|
|
|
|
PHP-Nuke Kütüb-i Sitte Module "kid" SQL Injection
|
|
|
|
CVE-2008-2479 (phpfix)
|
|
|
|
Vuln: gCards GetNewsItem.PHP SQL Injection Vulnerability 2008-04-21
|
|
|
|
Gentoo update for phpmyadmin
|
|
|
|
Vuln: phpMyAdmin Multiple Cross-Site Scripting Vulnerabilities 2008-09-20
|
|
|
|
Vuln: WebPortal CMS 'action.php' Unauthorized Access Vulnerability 2008-01-07
|
|
|
|
CVE-2008-3709 (cyboards_php_lite)
|
|
|
|
Vuln: PHP Coupon Script 'index.php' SQL Injection Vulnerability 2008-09-02
|
|
|
|
DevMass Shopping Cart "kfm_base_path" PHP File Inclusion Vulnerability 2007-11-23
|
|
|
|
FrSIRT - E-Php CMS "es_id" Parameter Remote SQL Injection Vulnerability 2008-09-18
|
|
|
|
Vuln: phpMyAdmin Shared Host Remote Information Disclosure Vulnerability 2008-07-05
|
|
|
|
PHPMyCart "cat" SQL Injection Vulnerability
|
|
|
|
TYPO3 phpMyAdmin Extension Cross-Site Scripting Vulnerability
|
|
|
|
CVE-2008-2050 (PHP)
|
|
|
|
PHP-Nuke 4ndvddb Module "id" SQL Injection Vulnerability
|
|
|
|
Vuln: Mantis 'account_prefs_update.php' Local File Include Vulnerability 2008-09-22
|
|
|
|
CVE-2008-1163 (phpArcadeScript)
|
|
|
|
ITCms Arbitrary PHP Code Execution Vulnerability
|
|
|
|
Fedora 9 Update: php-pear-Cache-1.5.5-1.fc9 Mon, 20 Oct 2008 18:22:00 +0000
|
|
|
|
Vuln: MemHT Portal 'inc_statistics.php' SQL Injection Vulnerability 2008-09-09
|
|
|
|
FrSIRT - Basic PHP Events Lister "id" Parameter SQL Injection Vulnerability 2008-09-23
|
|
|
|
phpRaider "pConfig_auth[phpbb_path]" File Inclusion
|
|
|
|
phpMyAdmin Database Name SQL Injection and Cross Site Scripting 2007-11-12
|
|
|
|
FrSIRT - PHP-Crawler "footer_file" Remote PHP File Inclusion Vulnerability 2008-09-18
|
|
|
|
TYPO3 phpMyAdmin Extension Unspecified Cross-Site Scripting
|
|
|
|
phPay "config" Parameter Processing Local File Inclusion Vulnerability 2007-12-17
|
|
|
|
phpBBViet "phpbb_root_path" File Inclusion Vulnerability
|
|
|
|
phpIP Management Two SQL Injection Vulnerabilities
|
|
|
|
CVE-2008-0145 (PHP)
|
|
|
|
FrSIRT - basebuilder "mj_config[src_path]" PHP File Inclusion Vulnerability 2008-09-23
|
|
|
|
CVE-2007-6296 (phpMyChat)
|
|
|
|
FrSIRT - Slackware Security Update Fixes PHP Multiple Remote Vulnerabilities 2008-05-26
|
|
|
|
JLMForo System (modificarPerfil.php) Cross-Site Scripting Vulnerability 16-12-2007
|
|
|
|
Vuln: PHPEcho CMS 'Smarty.class.php' Remote File Include Vulnerability 2008-02-23
|
|
|
|
BlogMe PHP "id" SQL Injection Vulnerability
|
|
|
|
PHP <= 5.2.5 Gettext Lib multiple Denial of service 15-11-2007
|
|
|
|
Vuln: phpMyAdmin 'server_databases.php' Remote Command Execution Vulnerability 2008-09-20
|
|
|
|
PMOS Help Desk "form.php" Header Handling Code Injection Vulnerability 2007-12-27
|
|
|
|
PMOS Help Desk PHP Code Execution and Security Bypass
|
|
|
|
PHP Multiple Function Buffer Overflow and Security Bypass Vulnerabilities 2007-11-12
|
|
|
|
PHP-Nuke Module ZClassifieds [cat] SQL Injection 13-3-2008
|
|
|
|
Quick.Cms.Lite "admin.php" Cross-Site Scripting
|
|
|
|
CVE-2007-6396 (Flat PHP Board)
|
|
|
|
X7 Chat <= 2.0.1A1 (mini.php help_file) Local File Inclusion Vulnerability Sun, 26 Oct 2008 13:40:50 +0100
|
|
|
|
CVE-2008-2088 (php_forge)
|
|
|
|
FrSIRT - phpMyAdmin Multiple Cross-Site Request Forgery Vulnerabilities 2008-07-16
|
|
|
|
H-Sphere webshell4 "login.php" Cross-Site Scripting
|
|
|
|
Goast - PHP 5.1.6 Buffer Overflow 4-11-2007
|
|
|
|
phpBB PJIRC mod LFI 1-4-2008
|
|
|
|
PHPKIT "contentid" Parameter Remote SQL Query Injection Vulnerability 2007-11-26
|
|
|
|
CVE-2007-6134 (PHPKIT)
|
|
|
|
CVE-2008-5000 (phpx)
|
|
|
|
Vuln: Connectix Boards 'part_userprofile.php' Remote File Include Vulnerability 2008-01-30
|
|
|
|
XPWeb "Download.php" Arbitrary File Download
|
|
|
|
phphelpdesk Multiple vulnerabilities 11-11-2007
|
|
|
|
phpscripts Ranking Script "admin" Cookie Security Bypass
|
|
|
|
CVE-2008-4352 (phpsmartcom)
|
|
|
|
Vuln: AssetMan 'search_inv.php' Multiple Vulnerabilities 2008-09-19
|
|
|
|
CVE-2008-4125 (phpbb)
|
|
|
|
CVE-2008-1164 (phpComasy)
|
|
|
|
Vuln: Samart-cms 'site.php' SQL Injection Vulnerability 2008-06-23
|
|
|
|
Vuln: H2O-CMS PHP Code Injection and Cookie Authentication Bypass Vulnerabilities 2008-10-29
|
|
|
|
Pilot Group eTraining (news_read.php id) SQL Injection Vulnerability Sun, 26 Oct 2008 13:39:55 +0100
|
|
|
|
Multiple LFI in PowerPHPBoard 1.00b 29-3-2008
|
|
|
|
FrSIRT - phpMyAdmin "sort_by" Parameter PHP Code Injection Vulnerability 2008-09-16
|
|
|
|
PHP-Fusion "submit_info[]" SQL Injection Vulnerability
|
|
|
|
FrSIRT - PHP Auto Listings Script "itemno" Remote SQL Injection Vulnerability 2008-11-06
|
|
|
|
Vuln: phpMyAdmin Local Information Disclosure Vulnerability 2008-07-05
|
|
|
|
CVE-2008-3764 (php_live_helper)
|
|
|
|
FrSIRT - phpMyAdmin Javascript Escaping Cross Site Scripting Vulnerability 2008-09-23
|
|
|
|
phpFix Two SQL Injection Vulnerabilities
|
|
|
|
Vuln: Synergiser Index.PHP Local File Include Vulnerability 2007-11-05
|
|
|
|
myPHPNuke < 1.8.8_8rc2 (XSS/SQL) Multiple Remote Vulnerabilities Wed, 17 Sep 2008 00:52:31 +0200
|
|
|
|
Vuln: Confixx Saveserver.PHP Remote File Include Vulnerability 2007-12-26
|
|
|
|
MMS Gallery PHP "id" File Inclusion Vulnerabilities
|
|
|
|
Vuln: BosClassifieds 'account.php' Cross-Site Scripting Vulnerability 2008-03-07
|
|
|
|
CVE-2008-2695 (phpinv)
|
|
|
|
AuraCMS "pages_data.php" Manipulation of Data
|
|
|
|
Vuln: PHP Helpdesk Login SQL Injection Vulnerability 2007-11-06
|
|
|
|
CVE-2008-0471 (phpBB)
|
|
|
|
Softbiz jokes and funny pictures (index.php) sql injection 27-2-2008
|
|
|
|
Vuln: vBulletin 'admincp/image.php' SQL Injection Vulnerability 2008-11-18
|
|
|
|
Fedora update for phpMyAdmin
|
|
|
|
FrSIRT - Debian Security Update Fixes phpMyAdmin Security Bypass Issues 2008-09-22
|
|
|
|
CVE-2008-3659 (PHP)
|
|
|
|
FrSIRT - Yerba SACphp "mod" Parameter Local File Inclusion Vulnerability 2008-10-07
|
|
|
|
CVE-2008-4157 (phpvid)
|
|
|
|
CVE-2008-4758 (phpdaily)
|
|
|
|
eTicket 'index.php' Cross Site Scripting Path Vulnerability 2-2-2008
|
|
|
|
CVE-2008-2480 (plusphp_short_url_multi-user_script)
|
|
|
|
FrSIRT - phpArcadeScript "cat" Parameter Remote SQL Injection Vulnerability 2008-08-20
|
|
|
|
Bugtraq: ExoPHPdesk user profile XSS / profile SQL injection
|
|
|
|
CVE-2008-3767 (phpBazar)
|
|
|
|
Vuln: phpHoo3 'phpHoo3.php' SQL Injection Vulnerability 2008-07-17
|
|
|
|
FrSIRT - PHP Forge "id" Parameter Remote SQL Query Injection Vulnerability 2008-04-29
|
|
|
|
PhpGedView Unspecified Vulnerability
|
|
|
|
Debian update for php5
|
|
|
|
Debian Security Update Fixes PHP5 Buffer Overflow and Security Bypass 2008-01-04
|
|
|
|
FMDeluxe (index.php) Cross-Site Scripting Vulnerability 29-11-2007
|
|
|
|
DomPHP Multiple Vulnerabilities
|
|
|
|
Vuln: webSPELL 'index.php' Cross-Site Scripting Vulnerability 2008-01-30
|
|
|
|
CVE-2008-1629 (PHPkrm)
|
|
|
|
Vuln: Multiple Scripts For Sites Products 'directory.php' SQL Injection Vulnerability 2008-10-31
|
|
|
|
CVE-2008-1534 (PowerPHPBoard)
|
|
|
|
DFF PHP Framework API "DFF_config[dir_include]" File Inclusion Vulnerabilities
|
|
|
|
CVE-2008-2865 (php_site_lock)
|
|
|
|
Vuln: my123tkShop e-Commerce-Suite 'mainfile.php' SQL Injection Vulnerability 2007-12-18
|
|
|
|
CVE-2007-6100 (phpMyAdmin)
|
|
|
|
CVE-2007-6462 (PHP Real Estate Classifieds Premium Plus)
|
|
|
|
Auditing PHP: Understanding register_globals Mon, 19 May 2008 12:39:04 +0000
|
|
|
|
FrSIRT - Debian Security Update Fixes PHP Buffer Overflow and Security Bypass 2008-05-19
|
|
|
|
Vuln: auraCMS 'user.php' Access Validation Vulnerability 2008-03-28
|
|
|
|
Slackware update for php4
|
|
|
|
Free PHP VX Guestbook Security Bypass Vulnerabilities
|
|
|
|
PHP-Nuke "modules/Search/index.php" SQL Injection
|
|
|
|
PHP Auto Dealer "v_cat" SQL Injection Vulnerability
|
|
|
|
Wordpress Pluging wp-footnotes 2.2 (admin_panel.php) Multiple Vulnerabilites 12-2-2008
|
|
|
|
mask PHP File Manager Cookie Security Bypass
|
|
|
|
CVE-2008-2556 (php_visit_counter)
|
|
|
|
Vuln: GForge Advanced_Search.PHP Cross Site Scripting Vulnerability 2008-01-26
|
|
|
|
suPHP Race Condition Vulnerabilities
|
|
|
|
smbfs and apache+php source code disclosure 22-12-2007
|
|
|
|
Calendar Proverbs <=1.1 (caladmin.php) Remote SQL Injection 29-11-2007
|
|
|
|
Bugtraq: [ MDVSA-2008:202 ] phpMyAdmin
|
|
|
|
FrSIRT - 7Shop "imageupload.php" Arbitrary File Upload Vulnerability 2008-10-30
|
|
|
|
p.mapper "_SESSION[PM_INCPHP]" File Inclusion
|
|
|
|
CVE-2008-2769 (phpRaider)
|
|
|
|
Gentoo: PHP Toolkit Data disclosure and Denial of Service Thu, 17 Apr 2008 19:35:00 +0000
|
|
|
|
Vuln: SWsoft Confixx Fehler.Inc.PHP Remote File Include Vulnerability 2007-11-27
|
|
|
|
CVE-2008-4611 (php_ziyaretci_defteri)
|
|
|
|
phpBB eXtreme Styles Module "phpEx" Local File Inclusion
|
|
|
|
Vuln: PHP Auto Listings Script 'adminlogin.php' SQL Injection Vulnerability 2008-11-11
|
|
|
|
phpMyAdmin "$_REQUEST" SQL Injection Vulnerability
|
|
|
|
PHPKIT "contentid" SQL Injection Vulnerability
|
|
|
|
Bugtraq: ComicShout 2.8 (news.php news_id) SQL Injection Vulnerability
|
|
|
|
Talkback 2.3.6 Multiple Local File Inclusion/PHPInfo Disclosure Vulns Fri, 19 Sep 2008 02:23:00 +0200
|
|
|
|
Gentoo: PHP Multiple vulnerabilities Sun, 16 Nov 2008 11:09:00 +0000
|
|
|
|
CVE-2008-4591 (phpwebgallery)
|
|
|
|
CVE-2008-3763 (php_live_helper)
|
|
|
|
CVE-2008-1416 (PHPauction GPL)
|
|
|
|
Bugtraq: [ECHO_ADV_88$2008] Prozilla Hosting Index (directory.php cat_id) Blind Sql Injection Vulnerability
|
|
|
|
eggblog rss.php URL Cross-Site Scripting
|
|
|
|
CVE-2008-0681 (phpShop)
|
|
|
|
CVE-2008-2020 (PHP-Nuke, e-Commerce-Suite, phpMyBitTorrent, TorrentFlux, e107, WebZE, OpenDb, La...)
|
|
|
|
CVE-2008-0203 (Cryptographp)
|
|
|
|
PHP-Nuke Module League (team&tid) XSS Vulnerability Thu, 13 Nov 2008 17:59:35 +0100
|
|
|
|
CVE-2008-4378 (hot_links_sql_php)
|
|
|
|
Vuln: Centreon 'get_image.php' Local File Include Vulnerability 2008-02-27
|
|
|
|
Amber Script 1.0 (show_content.php id) Local File Inclusion Vulnerability 27-11-2007
|
|
|
|
FrSIRT - phpMyAdmin Session Data Information Disclosure Vulnerability 2008-03-31
|
|
|
|
FrSIRT - Fedora Security Update Fixes PHP Multiple Remote Vulnerabilities 2008-06-23
|
|
|
|
CVE-2008-4880 (php_shop)
|
|
|
|
CVE-2008-0821 (PHPLive)
|
|
|
|
FrSIRT - Fedora Security Update Fixes phpMyAdmin Cross Site Scripting Issues 2008-06-25
|
|
|
|
FrSIRT - PowerPHPBoard Multiple Parameter Local File Inclusion Vulnerabilities 2008-03-25
|
|
|
|
Banner Management Script (tr.php id) Remote SQL Injection Vulnerability Sat, 23 Aug 2008 16:22:24 +0200
|
|
|
|
CVE-2008-3179 (phpdatingclub)
|
|
|
|
Cross-site Scripting (XSS) / HTML injection on F5 FirePass 4100 SSL VPN 'my.activation.php3' server-side script 6-3-2008
|
|
|
|
CVE-2008-2051 (PHP)
|
|
|
|
FrSIRT - phpDatingClub "page" Parameter Local File Inclusion Vulnerability 2008-07-11
|
|
|
|
Vuln: Sava's Place Sava's Link Manager 'index.php' Local File Include Vulnerability 2008-04-01
|
|
|
|
123 Flash Chat Module for phpBB 6-3-2008
|
|
|
|
Vuln: phpcrs 'frame.php' Local File Include Vulnerability 2008-10-23
|
|
|
|
Smart Publisher "filedata" PHP Code Execution
|
|
|
|
Vuln: DCP-Portal 'index.php' SQL Injection Vulnerability 2008-01-08
|
|
|
|
PHParanoid Cross-Site Request Forgery and Security Bypass
|
|
|
|
CVE-2008-2488 (roomphplanning)
|
|
|
|
FrSIRT - phpMyAdmin REQUEST Superglobal Remote SQL Query Injection Issue 2008-03-03
|
|
|
|
Vuln: SePortal 'poll.php' SQL Injection Vulnerability 2008-06-28
|
|
|
|
Vuln: Simple Customer 'contact.php' SQL Injection Vulnerability 2008-10-22
|
|
|
|
phpMyRealty Two SQL Injection Vulnerabilities
|
|
|
|
Fastpublish "config[fsBase]" Parameter PHP File Inclusion Vulnerability 2007-12-13
|
|
|
|
myPHPNuke < 1.8.8_8rc2 (artid) SQL Injection Vulnerability Wed, 17 Sep 2008 11:40:19 +0200
|
|
|
|
Bugtraq: PHP-Nuke Module League (team&tid) XSS Vulnerability
|
|
|
|
CVE-2008-2501 (PHPhotoalbum)
|
|
|
|
Shadowed Portal File Inclusion and PHP Code Execution
|
|
|
|
Bugtraq: XSS and Data Manipulation attacks found in CMS PHPCart.
|
|
|
|
CVE-2008-0565 (PHP Links)
|
|
|
|
CVE-2008-0433 (phpAutoVideo)
|
|
|
|
phpMyRealty "price_max" SQL Injection Vulnerability
|
|
|
|
phpBB Private Message Deletion Cross-Site Request Forgery
|
|
|
|
CVE-2008-2335 (phpvid)
|
|
|
|
E-topbiz Dating 3 PHP Script (mail_id) Remote SQL Injection Vulnerability Fri, 08 Aug 2008 13:10:47 +0200
|
|
|
|
Vuln: Gregarius 'ajax.php' SQL Injection Vulnerability 2008-07-29
|
|
|
|
PHP Multiple Vulnerabilities
|
|
|
|
PHP Live Helper Multiple Vulnerabilities
|
|
|
|
Bugtraq: [USN-549-1] PHP vulnerabilities
|
|
|
|
PHP JOBWEBSITE PRO "JobSearch3.php" SQL Injection
|
|
|
|
CVE-2007-6578 (PHP_ZLink)
|
|
|
|
WebCMS Portal Edition (index.php id) Blind SQL Injection Exploit Sun, 28 Sep 2008 00:38:34 +0200
|
|
|
|
CVE-2008-4089 (myphpnuke)
|
|
|
|
CVE-2007-6615 (phpAutoVideo)
|
|
|
|
Vuln: PHP 5.2.4 and Prior Versions Multiple Vulnerabilities 2008-07-04
|
|
|
|
Vuln: Retired: Open-Realty 'adodb-perf-module.inc.php' Remote Code Execution Vulnerability 2008-02-09
|
|
|
|
Debian update for phpgedview
|
|
|
|
FrSIRT - H2O-CMS "SaveConfig" Remote PHP Code Injection Vulnerabilities 2008-10-30
|
|
|
|
CVE-2008-3456 (phpMyAdmin)
|
|
|
|
FrSIRT - Debian Security Update Fixes phpMyAdmin Security Bypass Issues 2008-04-28
|
|
|
|
CVE-2008-4332 (php_infoboard)
|
|
|
|
CVE-2008-3224 (phpBB)
|
|
|
|
Debian: New phpgedview packages fix privilege escalation Tue, 20 May 2008 07:55:00 +0000
|
|
|
|
CVE-2008-1539 (PHP_Nuke Platinum)
|
|
|
|
CVE-2008-3707 (cyboards_php_lite)
|
|
|
|
Fedora update for phpmyadmin
|
|
|
|
Bugtraq: Re: Remote File Disclosure in phpCMS 1.2.2
|
|
|
|
Vuln: phpMyAdmin DB_Create.PHP Multiple Input Validation Vulnerabilities 2007-11-21
|
|
|
|
PHPkrm Unspecified Script Insertion Vulnerability
|
|
|
|
Vuln: PHP Zip_Entry_Read() Integer Overflow Vulnerability 2008-07-04
|
|
|
|
Vuln: phpBP 'id' Parameter SQL Injection Vulnerability 2008-03-18
|
|
|
|
CVE-2007-6039 (PHP)
|
|
|
|
NEPT Image Uploader uploadp.php File Upload Vulnerability
|
|
|
|
Vuln: PHP Helpdesk Index.PHP Local File Include Vulnerability 2007-11-06
|
|
|
|
CVE-2007-6471 (phPay)
|
|
|
|
FrSIRT - Debian Security Update Fixes PhpGedView Cross Site Scripting 2008-04-28
|
|
|
|
PHP Shop "admin_username" SQL Injection Vulnerability
|
|
|
|
FrSIRT - Fedora Security Update Fixes phpMyAdmin Data Disclosure Vulnerability 2008-04-02
|
|
|
|
CVE-2008-0566 (PHP Links)
|
|
|
|
CVE-2008-4351 (phpsmartcom)
|
|
|
|
Vuln: HockeySTATS Online 'index.php' Multiple SQL Injection Vulnerabilities 2008-07-17
|
|
|
|
BbZL.PhP 0.92 Insecure Cookie Handling Vulnerability Sun, 26 Oct 2008 13:39:43 +0100
|
|
|
|
Vuln: common solutions csphonebook 'index.php' Cross Site Scripting Vulnerability 2008-09-27
|
|
|
|
MySpace Content Zone "uploadgames.php" File Upload Vulnerability
|
|
|
|
freePHPgallery "lang" Local File Inclusion
|
|
|
|
CVE-2008-2064 (phpGedView)
|
|
|
|
FrSIRT - MyPHP CMS "pid" Parameter Remote SQL Injection Vulnerability 2008-06-27
|
|
|
|
Slackware: php Thu, 14 Feb 2008 23:12:00 +0000
|
|
|
|
CVE-2008-2524 (BlogPHP)
|
|
|
|
CVE-2008-0645 (Portail Web Php)
|
|
|
|
Slackware: php Wed, 03 Sep 2008 23:39:00 +0000
|
|
|
|
Wysi Wiki Wyg 1.0 (index.php c) Local File Inclusion Vulnerability Fri, 18 Jul 2008 22:25:24 +0200
|
|
|
|
CVE-2008-1492 (phpAddressBook)
|
|
|
|
PHP-Fusion Forum Rank System Local File Inclusion
|
|
|
|
Agares PhpAutoVideo 2.21(XSS/RFI) Multiple Remote Vulnerabilities 23-1-2008
|
|
|
|
CVE-2008-2960 (phpMyAdmin)
|
|
|
|
phpVID "query" Cross-Site Scripting Vulnerability
|
|
|
|
A4Desk PHP Event Calendar "v" File Inclusion Vulnerability
|
|
|
|
PHP-Nuke Hadith Module "cat" SQL Injection
|
|
|
|
CVE-2008-4716 (php-lance)
|
|
|
|
mask PHP File Manager Configuration Disclosure
|
|
|
|
Drupal Magic Tabs Module Arbitrary PHP Code Execution
|
|
|
|
phplist "connector.php" File Extension Validation Vulnerability
|
|
|
|
phpBB 2.0.22 Remote PM Delete XSRF Vulnerability 29-1-2008
|
|
|
|
FrSIRT - KwsPHP "action" Parameter Handling Local File Inclusion Vulnerability 2008-04-16
|
|
|
|
FrSIRT - Slackware Security Update Fixes PHP Code Execution Vulnerabilities 2008-02-15
|
|
|
|
PHP Realtor "v_cat" SQL Injection Vulnerability
|
|
|
|
Vuln: Quick and Dirty Blog Categories.PHP Local File Include Vulnerability 2007-11-06
|
|
|
|
CVE-2008-3582 (php-mysql, php-mysql_news_script)
|
|
|
|
Vuln: Aprox CMS Engine 'index.php' SQL Injection Vulnerability 2008-07-19
|
|
|
|
PHPEasyData 1.5.4 Multiple Vulnerabilities Sat, 05 Jul 2008 14:16:54 +0200
|
|
|
|
CVE-2008-1504 (phpMyChat)
|
|
|
|
Vuln: BlogMe PHP 'comments.php' SQL Injection Vulnerability 2008-05-03
|
|
|
|
CVE-2008-3239 (phpizabi)
|
|
|
|
FrSIRT - HP-UX Apache and Tomcat PHP Remote Code Execution Vulnerability 2008-06-11
|
|
|
|
Mambo "includes/Cache/Lite/Output.php" File Inclusion
|
|
|
|
CVE-2007-6376 (PHP-Nuke)
|
|
|
|
Vuln: Limbo CMS 'open.php' SQL Injection Vulnerability 2008-10-21
|
|
|
|
PHP, Python, Samba Get Security Tick of Approval Fri, 30 May 2008 08:14:32 +0000
|
|
|
|
CVE-2008-4775 (phpmyadmin)
|
|
|
|
CVE-2007-5900 (PHP)
|
|
|
|
CVE-2008-0219 (php webquest)
|
|
|
|
CVE-2008-1350 (Fully Modded phpBB)
|
|
|
|
rPath Linux Security Update Fixes PHP Multiple Function Vulnerabilities 2007-11-20
|
|
|
|
Vbulletin 3.7.0 Gold >> Sql injection on faq.php Tue, 27 May 2008 22:05:00 +0200
|
|
|
|
webSPELL 4.01.02 (calendar.php, usergallery.php) XSS Vulnerability 11-12-2007
|
|
|
|
FrSIRT - TYPO3 phpMyAdmin Extension Code Injection Vulnerability 2008-09-19
|
|
|
|
CVE-2008-2018 (phpizabi)
|
|
|
|
Vuln: MiaCMS 'mod_socialbits.php' SQL Injection Vulnerability 2008-08-30
|
|
|
|
Sciurus Hosting Panel Security Bypass and PHP Code Execution
|
|
|
|
CVE-2008-4757 (phpdaily)
|
|
|
|
CVE-2008-2108 (PHP)
|
|
|
|
ad.php windows popup
|
|
|
|
Red Hat update for php
|
|
|
|
Vuln: easyGB Index.PHP Local File Include Vulnerability 2007-11-16
|
|
|
|
CVE-2008-4334 (php_infoboard)
|
|
|
|
Basic Analysis and Security Engine "base_qry_main.php" Cross-Site Scripting
|
|
|
|
Vuln: ADOdb Lite AdodB-Perf-Module.Inc.PHP Remote Code Execution Vulnerability 2008-02-09
|