eVuln Security Advisories
We are looking for new vulnerabilities in open source web applications to keep up to date and improve our skills in website security. The result of this work is displayed in the eVuln Security Advisories list. Currently our own advisories list has 175 security advisories including 209 CVE entries.
The list of security advisories published by eVuln.
- Multiple SQL Injection Vulnerabilities in DSPoll
2006.03.12
Version: 1.1
Status: Unpatched. No reply from developer(s)
Risk level: medium - Multiple XSS and SQL Injection in @1 File Store
2006.03.11
Version: 2006.03.07
Status: Unpatched. Vendor notyfied.
Risk level: medium - Auth Bypass in PHP SimpleNEWS, PHP SimpleNEWS MySQL
2006.03.10
Version: 1.0.0
Status: Unpatched. No reply from developer(s)
Risk level: medium - XSS and SQL Injection in NMDeluxe
2006.03.06
Version: 1.0.0 STABLE
Status: Patched
Risk level: medium - BBCode img XSS and SQL-inj in discussion-xhawk.net
2006.03.04
Version: 2.0 beta2
Status: Unpatched. No reply from developer(s)
Risk level: medium - SQL Injection Vulnerability in CyBoards PHP Lite
2006.03.03
Version: 1.25
Status: Unpatched. No reply from developer(s)
Risk level: medium - SQL Injection Vulnerability in Vegas Forum
2006.03.03
Version: 1.0
Status: Unpatched. No reply from developer(s)
Risk level: medium - PHP Code Execution and Multiple XSS in FreeForum
2006.02.27
Version: 1.2
Status: Patched
Risk level: high - img BBCode XSS and Cookie SQL Injection in EKINboard
2006.02.27
Version: 1.0.3
Status: Patched
Risk level: medium - PHP Code Execution and Multiple XSS in ShoutLIVE
2006.02.24
Version: 1.1.0
Status: Unpatched. No reply from developer(s)
Risk level: high