eVuln Security Advisories
We are looking for new vulnerabilities in open source web applications to keep up to date and improve our skills in website security. The result of this work is displayed in the eVuln Security Advisories list. Currently our own advisories list has 175 security advisories including 209 CVE entries.
The list of security advisories published by eVuln.
- HTTP Response Splitting in WWWThreads (php version)
2010.11.27
Version: 2006.11.25
Status: Unpatched. WWWThreads notified. No reply from developer(s).
Risk level: low - XSS vulnerability in WWWThreads (php version)
2010.11.26
Version: 2006.11.25
Status: Unpatched. WWWThreads notified. No reply from developer(s).
Risk level: low - SQL Injection vulnerability in Alguest
2010.11.22
Version: 1.1c-patched
Status: Unpatched. vendor notified. No reply from developer(s).
Risk level: medium - PHP Code Execution in Alguest
2010.11.21
Version: 1.1c-patched
Status: Unpatched. vendor notified. No reply from developer(s).
Risk level: high - Cookie authentication bypass in Alguest
2010.11.20
Version: 1.1c-patched
Status: Unpatched. vendor notified. No reply from developer(s).
Risk level: high - Multiple XSS in Alguest
2010.11.19
Version: 1.1c-patched
Status: Unpatched. vendor notified. No reply from developer(s).
Risk level: low - Multiple XSS inj in Wernhart Guestbook
2010.11.18
Version: 2001.03.28
Status: Unpatched. Carl A. Wernhart notified. No reply from developer(s).
Risk level: low - Multiple SQL inj in Wernhart Guestbook
2010.11.17
Version: 2001.03.28
Status: Unpatched. Carl A. Wernhart notified. No reply from developer(s).
Risk level: low - URL XSS in Easy Banner Free
2010.11.16
Version: 2009.05.18
Status: Patched. PHP Web Scripts has updated Easy Banner Free.
Risk level: low - SQL injection Auth Bypass in Easy Banner Free
2010.11.15
Version: 2009.05.18
Status: Unpatched. PHP Web Scripts notified. No reply from developer(s)
Risk level: medium