Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:		11.04.2006
Source:
SecurityVulns ID:		5994
Type:		remote
Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected:		MONOGOSEARCH : mnogosearch 3.2
		DOKEOS : Dokeos 1.6
		PHPWEBGALLERY : Phpwebgallery 1.4
		PHPNEWSMANAGER : phpNewsManager 1.48
		SHOPXS : ShopXS 4.0
		VEGADNS : Vegands 0.99
		JBOOK : Jbook 1.3
		PHPMYFORUM : phpMyForum 4.0
		DNGUESTBOOK : dnGuestbook 2.0
		SWSOFT : Confixx 3.1

Original document		sn4k3.23_(at)_gmail.com, Confixx 3.1.2 <= Cross Site Scripting Vuln (11.04.2006)
		SECUNIA, [SA19589] Debian mnogosearch Insecure Password Storage Security Issue (11.04.2006)
		SECUNIA, [SA19601] dnGuestbook admin.php SQL Injection Vulnerability (11.04.2006)
		SECUNIA, [SA19563] MAXdev MD-Pro ADOdb "server.php" Insecure Test Script Security Issue (11.04.2006)
		zeus olimpusklan, [Full-disclosure] JetPhoto Multiple Cross-Site Scripting Vulnerabilitie (11.04.2006)
		Alvaro Olavarria, [Full-disclosure] Dokeos 1.6.4 SQL Injection Vulnerability (11.04.2006)
		root___(at)_linuxmail.org, PHPWebGallery Multiple Cross Site Scripting Vulnerabilities (11.04.2006)
		root___(at)_linuxmail.org, phpMyForum Cross Site Scripting & CRLF injection (11.04.2006)
		root___(at)_linuxmail.org, Jbook Cross Site Scripting (11.04.2006)
		Aliaksandr Hartsuyeu, [eVuln] phpNewsManager Multiple SQL Injections (11.04.2006)
		king_purba_(at)_yahoo.co.uk, Vegadns blind sql injection and cross site scripting (11.04.2006)
		r0t, ShopXS v4.0 XSS vuln. (11.04.2006)

Discuss:

Read or add your comments to this news (0 comments)