Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:16.02.2006
Source:
SecurityVulns ID:5780
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:MYBB : MyBB 1.0
 XMBFORUM : XMB Forum 1.9
 GALLERY : Gallery 1.5
 PHPNUKE : phpNuke 7.8
 ATMAIL : @Mail 4.3
 2200NET : 2200net Calendar system 1.2
 CLEVERCOPY : Clever Copy 3.0
 MYBLOG : My Blog 1.63
 B10M : HTML::BBCode 1.03
 B10M : HTML::BBCode 1.04
 SQUISHDOT : Squishdot 1.5
 PLUMECMS : Plume CMS 1.0
 CGIWARP : CGIWarp 3.10
 WEBSPELL : Webspell 4.01
 TECA : Teca Diary Personal Edition 1.0
Original documentdocumentsp3x_(at)_securityreason.com, [Full-disclosure] Critical SQL Injection PHPNuke <= 7.8 - Your_Account module (16.02.2006)
 documentSECUNIA, [SA18874] @Mail Webmail Image Tag Script Insertion Vulnerability (16.02.2006)
 documentSECUNIA, [SA18873] Clever Copy Private Message "Subject" Script Insertion Vulnerability (16.02.2006)
 documentSECUNIA, [SA18876] Teca Diary Personal Edition SQL Injection Vulnerability (16.02.2006)
 documentSECUNIA, [SA18885] webSPELL "search.php" SQL Injection Vulnerability (16.02.2006)
 documentSECUNIA, [SA18797] CGIWrap Error Message System Information Disclosure (16.02.2006)
 documentSECUNIA, [SA18883] Plume CMS prepend.php File Inclusion Vulnerability (16.02.2006)
 documentSECUNIA, [SA18868] Squishdot Mail Header Injection Vulnerability (16.02.2006)
 documentScott Dewey, [Full-disclosure] Wimpy MP3 Player - Text file overwrite vulnerability (16.02.2006)
 documentScott Dewey, [Full-disclosure] HostAdmin - Remote Command Execution Vulnerability (16.02.2006)
 documentScott Dewey, [Full-disclosure] Web Calendar Pro - Denial of Service SQL Injection Vulnerability (16.02.2006)
 documentScott Dewey, [Full-disclosure] iUser Ecommerce - Remote Command Execution Vulnerability (16.02.2006)
 documentimei, [myimei]MyBB 1.0.3~private.php~multiple SqlInjection (16.02.2006)
 documentimei, MyBB1.0.3~managegroup.php~Multiple SqlInjection & XSS (16.02.2006)
 documentimei, [myimei]MyBB1.0.3~managegroup.php~Multiple SqlInjection & XSS (16.02.2006)
 documentAliaksandr Hartsuyeu, [eVuln] M. Blom HTML::BBCode perl module XSS Vulnerabilities (16.02.2006)
 documentAliaksandr Hartsuyeu, [eVuln] 2200net Calendar system SQL Injection and Authentication Bypass Vulnerabilities (16.02.2006)
 documentAliaksandr Hartsuyeu, [eVuln] My Blog BBCode XSS Vulnerabilities (16.02.2006)
 documentJeiAr, XMB Forums Multiple Vulnerabilities (16.02.2006)
 documentinfo_(at)_digitalarmaments.com, Digital Armaments Security Advisory 02.14.2006: Gallery web-based photo gallery remote file execution (16.02.2006)
Files:iUser Remote File Inclusion Exploit
 HostAdmin Remote File Inclusion Exploit

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod