Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:		09.03.2006
Source:
SecurityVulns ID:		5877
Type:		remote
Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected:		GALLERY : Gallery 2.0
		MYBLOGGIE : myBloggie 2.1
		NOAH : Classifieds 1.3
		ADPFORUM : ADP Forum 2.0
		HITHOST : HitHost 1.0
		MPHORUM : m-phorum 0.2
		D2KSOFT : d2kBlog 1.0
		REDBLOG : RedBloG 0.5
		CILEMHABER : Cilem Haber 1.1
		ZOPH : zoph 0.3
		DCPPORTAL : DCP Portal 6.1
		TXTFORUM : txtForum 1.0
		NODEZ : Nodez 4.6

Original document		enji_(at)_seclab.tuwien.ac.at, txtForum: Script Injection Vulnerability (09.03.2006)
		SECUNIA, [SA19165] Nodez "op" File Inclusion and Cross-Site Scripting (09.03.2006)
		enji_(at)_seclab.tuwien.ac.at, txtForum: Multiple XSS Vulnerabilities (09.03.2006)
		enji_(at)_seclab.tuwien.ac.at, MyBloggie: Multiple XSS Vulnerabilities (09.03.2006)
		enji_(at)_seclab.tuwien.ac.at, DCP Portal: Multiple XSS Vulnerabilities (09.03.2006)
		DEBIAN, [Full-disclosure] [SECURITY] [DSA 989-1] New zoph packages fix SQL injection (09.03.2006)
		SECUNIA, [SA19155] HitHost Cross-Site Scripting and Directory Deletion (09.03.2006)
		SECUNIA, [SA19157] Cilem Haber "haber_id" SQL Injection Vulnerability (09.03.2006)
		SECUNIA, [SA19156] manas tungare Site Membership Script Cross-Site Scripting and SQL Injection (09.03.2006)
		SECUNIA, [SA19175] Gallery "stepOrder[]" Local File Inclusion Vulnerability (09.03.2006)
		SECUNIA, [SA19181] RedBLoG "cat_id" SQL Injection Vulnerability (09.03.2006)
		zeus olimpusklan, [Full-disclosure] Noah's Classifieds Multiple Cross-Site Scripting Vulnerabilities (09.03.2006)
		:) :), ADP Forum 2.0,* script İnjection (09.03.2006)
		okan alp, M-Phorum Cross Site Scripting (09.03.2006)

Discuss:

Read or add your comments to this news (0 comments)