On Tue, 2005-11-01 at 20:52 +0100, Thijs Kinkhorst wrote:
Packages for 2.0.18 for sid are nearly ready, we only need some code to
add a new database table. Jeroen is working on this, and will upload as
soon as this is fixed.
Packages for sid have been uploaded. CVE-names were not present
On Wed, November 30, 2005 18:02, Thijs Kinkhorst wrote:
CVE-2005-3418: Multiple cross-site scripting (XSS) vulnerabilities
- 1. error_msg parameter to usercp_register.php
- 2. forward_page parameter to login.php
- 3. list_cat parameter to search.php
- Only relevant when register_globals is On
On Mon, 2005-10-31 at 12:06 +0100, Florian Weimer wrote:
A new round of security issues in phpBB has been disclosed.
Hello people,
Here's an update on the current state of affairs of the issues fixed in
2.0.18.
UNSTABLE
Packages for 2.0.18 for sid are nearly ready, we only need some code to
Package: phpbb2
Tags: security
Severity: grave
A new round of security issues in phpBB has been disclosed.
| After these weaknesses were found and disclosed to the vendor
| nearly 80 days ago, several problems with unitialised variables
| were discovered that allow XSS, SQL injection and even
On Mon, 2005-10-31 at 12:06 +0100, Florian Weimer wrote:
| After these weaknesses were found and disclosed to the vendor
| nearly 80 days ago, several problems with unitialised variables
| were discovered that allow XSS, SQL injection and even remote
| execution of arbitrary PHP code, when
5 matches
Mail list logo