Phorum 3.3.2a has another bug for remote command execution

Target: Phorum 3.3.2a (maybee older) Description: Phorum 3.3.2a let's remote users execute arbitary code Found by: Markus Arndt<[EMAIL PROTECTED]> Vendor: http://www.phorum.org Notified Vendor: Yes, already fixed in 3.3.2b Details: Another bug for remote command execution. Thi

Phorum 3.3.2a remote command execution

Target: Phorum 3.3.2a (prior versions?) Description: In Phorum 3.3.2a (a bulletin board) there's a security flaw that lets remote users include external php scripts and execute arbitary code. Found by: Markus Arndt<[EMAIL PROTECTED]> Vendor: http://www.phorum.org Notified Vendor: Y

Possible Buffer Overflow in ACDSee 4.0

d i couldn't give any relative path to the gif.. :/ Otherwise the ais file will seem not to contain any pictures and you can't trigger the bug by selecting the pic's properties in the context menu. Maybee somebody finds out more.. Markus Arndt<[EMAIL PROTECTED]>

Philip Chinery's Guestbook 1.1 fails to filter out js/html

Target: Philip Chinery's Guestbook 1.1 (maybee older versions?) Vendor: http://www.sector7g.de.vu Notified Vendor: Sure Affected Systems: Webservers that run "Philip Chinery's Guestbook 1.1" Found by: Markus Arndt<[EMAIL PROTECTED]> Short Description: Phil