eVuln Security Advisories
We are looking for new vulnerabilities in open source web applications to keep up to date and improve our skills in website security. The result of this work is displayed in the eVuln Security Advisories list. Currently our own advisories list has 175 security advisories including 209 CVE entries.
The list of security advisories published by eVuln.
- Guestex Shell Command Execution Vulnerability
2006.02.11
Version: 1.0
Status: Unpatched. No reply from developer(s)
Risk level: high - SQL Injection Vulnerability in Teca Diary PE
2006.02.11
Version: 1.0
Status: Unpatched. No reply from developer(s)
Risk level: medium - SQL Injection Vulnerability in BirthSys
2006.02.10
Version: 3.1
Status: Unpatched. No reply from developer(s)
Risk level: medium - Unauthorized Data Modification in Magic Downloads
2006.02.09
Version: 1.1.3
Status: Unpatched. No reply from developer(s)
Risk level: medium - PHP Exec and Data Modification in Magic News Lite
2006.02.09
Version: 1.2.3
Status: Unpatched. No reply from developer(s)
Risk level: high - Authentication Bypass in Magic Calendar Lite
2006.02.09
Version: 1.02
Status: Unpatched. No reply from developer(s)
Risk level: medium - File Inclusion Vulnerability in PHP iCalendar
2006.02.09
Version: 2.0.1 2.1 2.2
Status: Patched
Risk level: high - Multiple Vulnerabilities in Time Tracking Software
2006.02.08
Version: 3.0
Status: Unpatched. No reply from developer(s)
Risk level: medium - Authentication Bypass Vulnerability in CALimba
2006.02.07
Version: 0.99.2, 0.99.1 and earlier
Status: Unpatched. Vendor notyfied.
Risk level: medium - Multiple SQL Injection in PHP/MYSQL Timesheet
2006.02.07
Version: V1, V2
Status: Unpatched. No reply from developer(s)
Risk level: medium