Advisories

The advisories are published through bugtraq mailing list, and also mirrored by packetstormsecurity, secunia, osvdb, milw0rm, exploit-db, etc. This are the full "Public" Advisories that ive been release to the wild ( when im active doing it :) )

Advice, directions, instructions and script on All Echo Security Advisory are for educational purposes only, the writer nor http://echo.or.id does not accept responsibility for any damage or injury caused as a result of its use.

2009	Firefox 3.0.10	Denial Of Services
2007	Internal Range Openi CMS 1.0	Remote File Inclusion
2007	Cadre PHP Framework	Remote File Inclusion
2007	Upload Service 1.0	Remote File Inclusion
2006	Opera Web Browser 9.00	Denial Of Services
2006	Java Apache Mail Enterprise Server 2.2.0	Denial Of Services
2005	Vbulletin 3.0.7	BBCode IMG Tag Script Injection VUlnerability
2005	PunBB 1.2.6	BBCode IMG Tag Script Injection VUlnerability
2005	SphpBlog 0.4.0	Multiple Vulnerabilities
2005	Exponent CMS 0.95	Cross Site Scripting and Full Path Disclosures
2004	paFileDB 3.1	Multiple Vulnerabillities
2004	JAF CMS 3.0	Multiple Vulnerabillities
2004	AJ-Fork 167	Multiple Vulnerabillities
2004	BBS E-Market Professional	Remote Command Execution and Full Path Disclosures
2004	YaBB SE 1.5.1	Full path disclosures
2004	PHP-Fusion version 4.00	Full path disclosures and downloadable Database backup
2004	JetboxOne CMS version 2.0.8	Unencrypted password and also has a Remote Code Execution flaw
2004	eNdonesia CMS 8.3	Full Path Disclosure and cross site scripting flaws
2004	PHP nuke 7.3	Deleting God Admin in some version of PHP nuke