eVuln Security Advisories
We are looking for new vulnerabilities in open source web applications to keep up to date and improve our skills in website security. The result of this work is displayed in the eVuln Security Advisories list. Currently our own advisories list has 175 security advisories including 209 CVE entries.
The list of security advisories published by eVuln.
- Multiple XSS and SQL Injection in Links Manager
2006.08.21
Version: 2006-06-12
Status: Unpatched. No reply from developer(s)
Risk level: medium - SQL Injection and XSS Vulnerabilities in indexcity
2006.08.21
Version: 1.0
Status: Unpatched. No reply from developer(s)
Risk level: medium - page XSS Vulnerability in Doika guestbook
2006.08.21
Version: 2.5
Status: Unpatched. No reply from developer(s)
Risk level: low - SQL Injection Vulnerability in Newsadmin
2006.05.04
Version: 1.1
Status: Unpatched. No reply from developer(s)
Risk level: medium - Avatar URL XSS Vulnerability in MyBB
2006.07.22
Version: 1.1.6 and earlier
Status: Unpatched. No reply from developer(s)
Risk level: medium - Unauthorized Data Modification in Advanced Poll
2006.05.01
Version: 2.0.4
Status: Unpatched. No reply from developer(s)
Risk level: medium - SQL Injection and PHP Code Insertion in Pro Publish
2006.04.30
Version: 2.0
Status: Unpatched. No reply from developer(s)
Risk level: high - SQL Injection Vulnerability in PHP Newsfeed
2006.04.30
Version: 2004/07/23
Status: Unpatched. No reply from developer(s)
Risk level: medium - SQL Injection Vulnerability in Ruperts News Script
2006.04.29
Version: 2004/10/14
Status: Unpatched. No reply from developer(s)
Risk level: medium - Multiple XSS and SQL Injection in HB-NS
2006.04.29
Version: 1.1.6
Status: Unpatched. No reply from developer(s)
Risk level: medium