what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 4 of 4

Files Date: 2004-03-20

phpBB207a.txt

Posted Mar 20, 2004

Authored by James Bercegay | Site gulftech.org

phpBB versions 2.0.7a and below are susceptible to cross site scripting, SQL injection, and remote command execution attacks.

tags | advisory, remote, xss, sql injection

SHA-256 | 815693b4ce058c8188efae85234c700b507656011ddae5cb4beb547eb9a22005

Download | Favorite | View

phpbbprofile.txt

Posted Mar 20, 2004

Authored by Cheng Peng Su

phpBB 2.0.6d suffers from a cross site scripting vulnerability.

tags | advisory, xss

SHA-256 | 1253cde0d7b076a44a8d71949704b1821424924eea3d66f2ceef5e96497afdd7

Download | Favorite | View

xinebug.txt

Posted Mar 20, 2004

Authored by Shaun Colley aka shaun2k2

xine-bugreport suffers from insecure file creation in /tmp that can lead to a symlink attack.

tags | exploit

SHA-256 | 4fcbc54a6a9efec0d6e0816d90e344ec790ee578689ee2db652db4331f3b7d11

Download | Favorite | View

moddiskcache.txt

Posted Mar 20, 2004

Authored by Andreas Steinmetz

mod_disk_cache, for versions of Apache 2.0.49 and below, stores all client authentication credentials for cached objects on disk. This means proxy authentication credentials and possibly in certain RFC2616 defined cases, standard authentication credentials.

tags | advisory

SHA-256 | 33e8126715a7862594819b683f4ef3dee79a08ceed7484268d1fde2303ba2210

Download | Favorite | View