Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:28.03.2006
Source:
SecurityVulns ID:5950
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:GREYMATTER : Greymatter 1.3
 PHPCOIN : phpCOIN 1.2
 MAMBO : AkoComment 2.0
 CONNECTDAILY : Connect Daily 3.2
 CONTROLZX : CONTROLzx 3.3
 ACTIVECAMPAIGN : SupportTrio 2.5
 FUSIONZONE : couponZONE 4.2
 FUSIONZONE : realestateZONE 4.2
 FUSIONZONE : classifiedZONE 1.2
 VWAR : VWar 1.5
 CONFTOOL : ConfTool 1.1
 DSLOGIN : DSLogin 1.0
 MAIANWEBLOG : Maian Weblog 2.0
 MUSICBOX : Music Box 2.3
 PHPLIVEHELPER : phplivehelper 1.8
 PHPCOLLAB : phpCollab 2.5
 NETOFFICE : NetOffice 2.6
 CALENDAREVENT : Calendar Event 3.0
 SSLINKS : ssLinks 1.22
Original documentdocumentCyber Lords, XSS in ssLinks v1.22 (28.03.2006)
 documentCyber Lords, XSS in Calendar Event 3.0 (28.03.2006)
 documentCyber Lords, XSS in PowerNews (28.03.2006)
 documentSECUNIA, [SA19392] Mambo AkoComment Module SQL Injection Vulnerabilities (28.03.2006)
 documentSECUNIA, [SA19423] Greymatter gm-upload.cgi File Upload Vulnerability (28.03.2006)
 documentstormhacker_(at)_hotmail.com, PHPLiveHelper 1.8 remote command execution (include) Xploit (perl) (28.03.2006)
 documentxx_hack_xx_2004_(at)_hotmail.com, XSS & SQL Injection in Music Box v2.3 (28.03.2006)
 documentD.Snezhkov, [DDSi-SA] XSS in Raindance Communications Web Conferencing Pro (28.03.2006)
 documentdabdoub_mosikar_(at)_forislam.com, Blog Pixel Motion<=1.xx Authentication Bypass Vulnerability & SQL injection (28.03.2006)
 documentAliaksandr Hartsuyeu, [eVuln] Maian Weblog Multiple SQL Injection Vulnerabilities (28.03.2006)
 documentAliaksandr Hartsuyeu, [eVuln] DSLogin Authentication Bypass Vulnerability (28.03.2006)
 documentbotan_(at)_linuxmail.org, CanfTool v1.1 Cross Site Scripting Attack (28.03.2006)
 documentuid0, VWar <= 1.5.0 R11 Remote Code Execution Exploit (28.03.2006)
 documentr0t, phpCOIN v1.2.2 XSS vuln. (28.03.2006)
 documentr0t, classifiedZONE v1.2 XSS vuln. (28.03.2006)
 documentr0t, realestateZONE 4.2 Multiple XSS vuln. (28.03.2006)
 documentr0t, couponZONE v.4.2 Multiple vuln. (28.03.2006)
 documentr0t, ActiveCampaign SupportTrio 2.5 vuln. (28.03.2006)
 documentr0t, CONTROLzx HMS - Hosting Management System vuln. (28.03.2006)
 documentr0t, Connect Daily Web Calendar Software Multiple XSS vuln. (28.03.2006)
Files:Greymatter exploit
 VWar <= 1.5.0 R11 Remote Code Execution Exploit
 PHPCollab v2.x / NetOffice v2.x sendpassword.php SQL Injection
 GREYMATTER Exploit

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod