Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:16.01.2006
Source:
SecurityVulns ID:5636
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:LWCAL : Light Weight Calendar 1.0
 123FLASHCHAT : 123flaschat server 5.1
 123FLASHCHAT : 123flaschat server 5.0
 ALBATROSS : albatross 1.20
 REDKERNEL : RedKernel Referrer Tracker 1.1
 WIDEXL : Widexl Download Tracker 1.06
 GTP : GTP iCommerce
 APACHE : Apache Geronimo 1.0
 NETBULA : Netbula Anyboard 9.0
 WORDPRESS : WP-Stats 2.0
Original documentdocumentSECUNIA, [SA18471] WP-Stats WordPress Plug-in "author" SQL Injection Vulnerability (16.01.2006)
 documentSECUNIA, [SA18469] Netbula Anyboard "tK" Cross-Site Scripting Vulnerability (16.01.2006)
 documentSECUNIA, [SA18470] GTP iCommerce Cross-Site Scripting Vulnerabilities (16.01.2006)
 documentSECUNIA, [SA18472] Widexl Download Tracker "ID" Parameter Cross-Site Scripting (16.01.2006)
 documentSECUNIA, [SA18473] RedKernel Referrer Tracker "rkrt_stats.php" Cross-Site Scripting (16.01.2006)
 documentSECUNIA, [SA18464] Bit 5 Blog Script Insertion and SQL Injection Vulnerabilities (16.01.2006)
 documentDEBIAN, [Full-disclosure] [SECURITY] [DSA 942-1] New albatross packages fix arbitrary code execution (16.01.2006)
 documentISecAuditors Security Advisories, [ISecAuditors Advisories] Arbitrary remote file creation in 123flashchat server (16.01.2006)
 documentkhc_(at)_bsdmail.org, DDSN CMS Admin Panel SQL Injection Vulnerability (16.01.2006)
 documentAliaksandr Hartsuyeu, [eVuln] Light Weight Calendar PHP Code Execution (16.01.2006)
 documentnight_warrior771_(at)_hotmail.com, AlstraSoft Template Seller Pro Cross-Site Scripting Vulnerability (16.01.2006)
 documentnight_warrior771_(at)_hotmail.com, DCP Portal Cross-Site Scripting Vulnerability (16.01.2006)
 document:) :), WHITEAlbum Sql Injection (16.01.2006)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod