Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:		20.02.2006
Source:
SecurityVulns ID:		5799
Type:		remote
Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected:		EXBB : ExBB 1.9
		E107 : e107 0.7
		COPPERMINE : Coppermine Photo Gallery 1.4
		RCBLOG : RCBlog 1.0
		ADODB : ADOdb 4.71
		PHPNUKE : phpNuke 7.9
		WEBPAGECITY : WPC.easy
		BXCP : BXCP 0.2
		ADMBOOK : Admbook 1.2
		REAMDAYSOFT : Magic Calendar Lite 1.02

Original document		Aliaksandr Hartsuyeu, [eVuln] Magic Calendar Lite Authentication Bypass (20.02.2006)
		Алексей Кулаев, Уязвимость в форуме ExBB (20.02.2006)
		SECUNIA, [SA18930] Admbook "X-Forwarded-For" PHP Code Injection (20.02.2006)
		SECUNIA, [SA18945] WPCeasy Admin Logon SQL Injection Vulnerability (20.02.2006)
		SECUNIA, [SA18929] BXCP "tid" SQL Injection Vulnerability (20.02.2006)
		botan_(at)_linuxmail.org, Tasarim Rehberi Index.PHP Remote Command Exucetion (20.02.2006)
		ssteam.pl_(at)_gmail.com, e107 CMS 0.7.2 Chatbox plugin XSS vulnerability (20.02.2006)
		rgod_(at)_autistici.org, Coppermine Photo Gallery <=1.4.3 remote code execution (20.02.2006)
		murfie_(at)_gmail.com, SLQ Injection vulnerability in WPCeasy (20.02.2006)
		Janek Vind, [waraxe-2006-SA#045] - Bypassing CAPTCHA in phpNuke 6.x-7.9 (20.02.2006)
		JeiAr, ADOdb Library Cross Site Scripting (20.02.2006)
		Hessam Salehi, RCblog exploit [fun] (20.02.2006)

Files:		RCBlog 1.0.3 / 1.0.2 exploit
Discuss:		Read or add your comments to this news (0 comments)