Dark Reading - The Business of IT Security

Dark Reading Registration Ad - Top Left


DATE: June 18, 2008 LIVE EVENT: Broadband Wireless World More Information

Home > Feedback

Please send us your comments

NATO Members Form Cyber Defense Center
Third Wave of Web Attacks Not the Last
Laptop Thieves Outfoxed by Savvy Apple User
MORE KEYHOLE

ENTERPRISE VULNERABILITIES

Vulnerability: DeluxeBB DeluxeBB
Published: 2008-05-14
Severity: MEDIUM
Description: static code
injection vulnerability in
admincp.php in deluxebb 1.2
and earlier allows remote
authenticated administrators
to inject arbitrary php code
into logs/cp.php via the
uri.

Vulnerability: DeluxeBB DeluxeBB
Published: 2008-05-14
Severity: HIGH
Description: sql injection
vulnerability in forums.php
in deluxebb 1.2 and earlier
allows remote attackers to
execute arbitrary sql
commands via the sort
parameter.

Vulnerability: scorpnews scorpnews
Published: 2008-05-14
Severity: HIGH
Description: php remote
file inclusion vulnerability
in example.php in thomas
gossmann scorpnews 2.0
allows remote attackers to
execute arbitrary php code
via a url in the site
parameter.

Vulnerability: ITCMS ITCMS
Published: 2008-05-14
Severity: HIGH
Description: static code
injection vulnerability in
box/minichat/boxpop.php in
it!cms (aka itcms) 1.9
allows remote attackers to
inject arbitrary php code
into
box/minichat/data/shouts.php
via the shout parameter.

Vulnerability: PostNuke Software Foundation pnEncyclopedia
Published: 2008-05-14
Severity: MEDIUM
Description: sql injection
vulnerability in the
pnencyclopedia module 0.2.0
and earlier for postnuke
allows remote attackers to
execute arbitrary sql
commands via the id
parameter in a display_term
action to index.php.

POWERFUL INFORMATION
AT YOUR FINGERTIPS
(SPONSORED LINKS)

Application scanning | Application Security | Attacks / Exploits / Threats | Authentication | Botnets | Browser security | Computer crime | Consultants | DOS | Encryption | F-Secure | Hashing algorithms | Host Protection | Identity management | Industry Trends | Key management | Law enforcement | Legal & Regulatory Topics | Legislation | Malware | Market Research | McAfee | Messaging Security | Microsoft | Penetration testing | Penetration testing | Perimeter Security | Phishing | Policy management | Rootkits | RSA | Security Administration / Management | Security Industry | Security Services | Social engineering | Spam | SQL injection | Storage Security | Stored data losses | Symantec | Trojans | User privacy | Viruses | Vulnerabilities | Vulnerability assessment | Vulnerability management | Vulnerability Management | Web services security | WLANs | Worms

Dark Reader Weekly Newsletter
Dark Reading Daily Newsletter
MORE INFO

Copyright © 2008 United Business Media LLC - All rights reserved.

Privacy Policy | Terms of Use | Help | Back to Top

RSS FEED | ARCHIVE | FREE NEWSLETTER | ORDER REPRINTS | ADVERTISE WITH US | TECHWEB | CONTACT US | USER PREFERENCES | HELP

Companies

3Com (15), Aventail (7), CA (16), Check Point (29), Cisco (140), Enterasys (5), F-Secure (8), F5 (5), HP (16), IBM (122), Intel (6), ISS (35), Juniper (36), Alcatel-Lucent (2), McAfee (162), Microsoft (1129), NetIQ (2), Nokia (3), Nortel (6), Oracle (41), Qualys (2), RSA (62), Secure Computing (18), Sun (9), Symantec (277), Trend Micro (26), VeriSign (33)

Application and Perimeter Security

802.11x (46), Anomaly detection (74), Anti-spam (136), Application quality assurance (27), Application scanning (139), Auditing (27), AVDL (1), Buffer overflows (101), CERT (7), Consultants (205), Cross-site scripting (159), CVE (7), Database encryption (53), Digital vaults (8), DOS (188), EAP/LEAP (1), Email gateways (191), Encryption (125), Filtering (50), Firewalls (293), FIRST (1), HIPAA (101), Host-based IDS (45), Host/server configuration (16), Host/server encryption (9), IDS (14), IDS (164), IM (69), IPS (264), ISO 17799 (8), Key management (63), Least-privilege user (46), License management (30), Malware (1238), NAC (274), Network IDS (34), NIST (16), OWASP (14), OWASP (10), Patch management (288), PCI (185), Penetration testing (191), Phishing (617), PKI (44), Rootkits (104), SAML (2), Software metering (3), Source-code auditing (73), SOX (85), SSL (172), Systems integrators (8), VPNs (247), Vulnerability assessment (688), Web App Security Consortium (8), Web App Security Consortium (17), Web application firewall (84), Web services security (529), WLANs (343), Worms (269), WPA (15), XML (27)

Desktop Security

Anti-spam (136), Antivirus (339), Application Security (1006), Attacks / Exploits / Threats (2415), Authentication (834), Browser security (675), Digital certificates (58), Digital signatures (44), Disk encryption (54), DRM (51), Encryption (571), File/folder encryption (35), Identity management (320), IM (69), Malware (1238), Messaging Security (484), PGP (5), Phishing (617), Rootkits (104), S/MIME (2), Security Administration / Management (1574), Social engineering (324), Spam (649), Spyware (251), Tokens (67), Trojans (334), User privacy (1376), Viruses (356), VOIP security (113), Vulnerabilities (2749), Vulnerability Management (398), Worms (269)

Discovery and management

Anomaly detection (74), Application scanning (139), AVDL (1), Black Hat (108), COBIT (8), Consultants (205), Content filtering (162), CVE (7), End-user monitoring (239), Filtering (50), FISMA (19), HIPAA (101), Host intrusion prevention (105), Host-based IDS (45), IDS (14), IDS (164), IPS (264), ISACA (1), ISO 17799 (8), Log aggregation (51), Network IDS (34), OWASP (14), OWASP (10), PCI (185), Penetration testing (191), Penetration testing (177), SAML (2), SIM/SEM (194), Source-code auditing (73), SOX (85), Vulnerability assessment (688), Vulnerability management (773), Web App Security Consortium (8)

802.11x (46), Application quality assurance (27), Authentication (834), Backup security (64), Biometrics (152), Buffer overflows (101), Digital certificates (58), Disk encryption (54), Encryption (571), End-user monitoring (239), HIPAA (101), Host anti-spam (77), Host anti-spyware (100), Host antivirus (109), Host intrusion prevention (105), Host Protection (468), Host-based IDS (45), Host/server configuration (16), Host/server encryption (9), Host/server patching (10), IDS (14), IEEE (4), ISO 17799 (8), Least-privilege user (46), License management (30), NAC (274), P2P management (28), Patch management (288), PGP (14), Port control (12), Single sign-on (66), Smart cards (76), Software metering (3), SOX (85), Systems integrators (8), TCG (18), Tokens (67), User privacy (1376), Vulnerability Management (398), WPA (15)

Security services

Agency application (2), Application quality assurance (27), Application scanning (139), AVDL (1), COBIT (8), Consultants (205), FISMA (19), HIPAA (101), ISO 17799 (8), Managed services (293), PCI (185), Penetration testing (177), PKI (44), Policy management (440), SIM/SEM (194), Source-code auditing (73), SOX (85), Systems integrators (8)

Storage Security

AES (11), Backup security (64), COBIT (8), Database encryption (53), DES (3), Digital vaults (8), Disk encryption (54), Encryption (125), File/folder encryption (35), FIPS-140-2 (1), FISMA (19), Hashing algorithms (15), HIPAA (101), Host/server encryption (9), Identity management (101), ISO 17799 (8), Key management (63), Law enforcement (930), Legislation (290), Offsite backup (26), PCI (185), PKI (44), SOX (85), Stored data losses (308), Systems integrators (8), Triple DES (3), User privacy (1376)

Wireless Security

802.11x (46), AES (11), Auditing (27), COBIT (8), Credential service provider (8), DES (3), Digital certificates (58), Digital signatures (44), DOS (188), EAP/LEAP (1), FISMA (19), Hashing algorithms (15), HIPAA (101), Host/server encryption (9), IEEE (4), IETF (10), ISO 17799 (8), Key management (63), NAC (274), Network IDS (34), PCI (185), Penetration testing (177), PKI (44), Port control (12), Tokens (67), Triple DES (3), VPNs (247), Vulnerability assessment (688), WLANs (343), WPA (15)