Actualités
PHP et MySQL ne font l'objet d'aucune alerte de sécurité dans leurs versions courantes :
PHP 5.2.5 et 4.4.8; MySQL 5.0.51 (communauté) , 5.1.23-rc et 6.0.4.
Les mises à jour sont recommandées vers ces versions.
13 alertes de sécurité ont été émises cette semaine, concernant des applications suivantes :
DotClear, Drupal, Gallery, Horde, Invision Power Board, Joomla, PHP Nuke, PostNuke, WordPress, e107, ming, phpBB et phpMyAdmin
- DotClear "ecrire/images.php" File Upload Vulnerability
http://secunia.com/advisories/29819/ (4 visites)
Site : http://www.dotclear.net/ (1 visite) - Drupal Menu System Security Bypass Vulnerabilities
http://secunia.com/advisories/29762/ (2 visites)
Site : http://drupal.org/ (1 visite) - EncapsGallery Cross-Site Scripting and File Upload
http://www.secunia.com/advisories/29824/ (1 visite)
Site : http://gallery.sourceforge.net/ (0 visite) - Horde Webmail 'addevent.php' Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/28898 (2 visites)
Site : http://www.horde.org/ (1 visite) - Invision Power Board "Signature" iFrame Security
http://www.netsecurity.org/vuln.php?id=4950 (1 visite)
Site : http://www.invisionboard.com/ (0 visite) - Joomla! and Mambo Joomlearn LMS Component 'cat' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/28586 (1 visite)
Site : http://www.securityfocus.com/bid/28919 (1 visite) - PHP-Nuke DownloadsPlus Module Arbitrary File Upload Vuln...
http://www.securityfocus.com/bid/28931 (0 visite)
Site : http://www.postnuke.com/ (1 visite) - PostNuke PostSchedule Component 'eid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/28845 (4 visites)
Site : http://wordpress.org/ (1 visite) - WordPress 'cat' Parameter Directory Traversal Vulnerability
http://www.secunia.com/advisories/29870/q title=e107 Chat Module aquot;e107pathaquot; File Inclusion class=q (3 visites)
Site : http://e107.org/ (2 visites) - e107 Chat Module "e107path" File Inclusion
http://www.frsirt.com/english/advisories/2008/1138 (0 visite)
Site : http://sourceforge.net/projects/ming (0 visite) - My Gaming Ladder Combo System "ladderid" SQL Injection Vulnera...
http://www.frsirt.com/bulletins/14134 (5 visites)
Site : http://www.phpbb.com/ (3 visites) - phpBB Security Bypass and Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/28906 (11 visites)
Site : http://www.phpmyadmin.net/ (2 visites) - phpMyAdmin Shared Host Remote Information Disclosure Vulnerability
frsirt (2 visites)
Site : net-security (1 visite)
- phpsecure (6 visites)
- secunia (2 visites)
- securityfocus (3 visites)
| < Précédent | Suivant > |
|---|
Commentaires
Vous pouvez ajouter votre commentaire! |
Vous devez vous connecter pour commenter