Computer Security

Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)
Published:16.12.2005
Source:
SecurityVulns ID:5530
Type:remote
Level:5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:EZ : ezUpload 2.2
 PHPNUKE : PHP-Nuke 7.9
 EZDATABASE : ezDatabase 2.1
 SMARTCHOICES : PDEstore 1.8
 NIGHTMEDIA : The CITY Shop 1.3
 CLICKCARTPRO : ClickCartPro 5.1
 STATICSTORE : StaticStore 1.189
 ZAYGO : HostingCart 2.0
 ZAYGO : DomainCart 2.0
 PLEXUM : PlexCart X3
 PAYPALSHOPPINGCA : PPCal Shopping Cart 3.3
 ECTOOLS : ECTOOLS 1.0
 SOFT4E : ECW-Cart 2.03
 EDATCART : eDatCat 3.0
 COMMERCESQL : CommerceSQL 1.0
 ATLANTPRO : AtlantForum 4.0
 ATLANTPRO : Atlant Pro 8.09
 ALMONDSOFT : Almond Classifieds 5.02
 ALMONDSOFT : Almond Personals 4.05
 DCSCRIPTS : DCForum 6.25
 BBBOARD : bbBoard 2.56
 FOCALMEDIA : SiteNet BBS 2.0
 BINARYCONCEPTS : Binary Board System 0.2
 SCARECROW : ScareCrow 2.13
 PHPXPLORER : phpXplorer 0.9
 PAFILEDB : paFileDB Extreme Edition
 LIMBOCMS : LIMBO CMS 1,0
 OPENCMS : OpenCms 6.0
Original documentdocumentMarc Ruef, [Full-disclosure] [scip_Advisory 1910] Alkacon OpenCms 6.0.2 login Cross Site Scripting (16.12.2005)
 documenthackeriri_(at)_yahoo.com, Bug in HC (16.12.2005)
 documentB3g0k_(at)_hackermail.com, Bypass XSS filter in PHPNUKE 7.9=>x (16.12.2005)
 documentB3g0k_(at)_hackermail.com, MarmaraWeb E-commerce Remote Command Exucetion (16.12.2005)
 documentB3g0k_(at)_hackermail.com, MarmaraWeb E-commerce Script Cross Site Scripting (16.12.2005)
 documentretrogod_(at)_aliceposta.it, LIMBO CMS <= v1.0.4.2 _SERVER[] array overwrite / remote code execution (16.12.2005)
 documentr0t, PDEstore XSS vuln. (16.12.2005)
 documentr0t, The CITY Shop XSS vuln. (16.12.2005)
 documentr0t, ClickCartPro (CCP) XSS vuln. (16.12.2005)
 documentr0t, StaticStore Search Engine Friendly E-Commerce XSS (16.12.2005)
 documentr0t, HostingCart XSS (16.12.2005)
 documentr0t, DomainCart XSS (16.12.2005)
 documentr0t, PlexCart X3 SQL inj. vuln. (16.12.2005)
 documentr0t, PPCal Shopping Cart XSS (16.12.2005)
 documentr0t, ECTOOLS - Onlineshop XSS (16.12.2005)
 documentr0t, ECW-Cart XSS vuln. (16.12.2005)
 documentr0t, eDatCat XSS vuln. (16.12.2005)
 documentr0t, CommerceSQL XSS vuln. (16.12.2005)
 documentr0t, AtlantForum XSS vuln. (16.12.2005)
 documentr0t, Atlant Pro XSS vuln. (16.12.2005)
 documentr0t, AlmondSoft Products SQL inj. (16.12.2005)
 documentr0t, DCForum XSS vuln. (16.12.2005)
 documentr0t, bbBoard v2 XSS vuln. (16.12.2005)
 documentr0t, SiteNet BBS XSS vuln (16.12.2005)
 documentr0t, Binary Board System XSS vuln. (16.12.2005)
 documentr0t, ScareCrow Message Board XSS vuln. (16.12.2005)
 documentr0t, phpXplorer XSS vuln. (16.12.2005)
 documentr0t, paFileDB Extreme Edition SQL inj (16.12.2005)
 documentr0t, ezUpload Pro vuln (16.12.2005)
 documentr0t, ezDatabase vuln. (16.12.2005)
Files:imbo <= 1.0.4.2 _SERVER[REMOTE_ADDR] overwrite/ remote cmmnds xctn
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
 


Рейтинг@Mail.ru