Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:12.04.2006
Source:
SecurityVulns ID:5999
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:PHPBB : phpBB 2.0
 TRITANIUM : Tritanium Bulletin Board 1.2
 INDEXU : INDEXU 5.0
 VNEWS : VNews 1.2
 SWSOFT : Confixx 3.1
 BLUR6EX : blur6ex 0.3
 SMARTISOFT : phpListPro 2.0
 VBOOK : [V]Book 2.0
 MANILA : Manila 9.5
 QLNEWS : QLnews 1.2
 SIMPLOG : simplog 0.9
 ZOPE : zope-cmfplone 2.0
 AZDGVOTE : AzDGVote 1.0
 MVBLOG : MvBlog 1.6
 CLANSYS : Clansys 1.1
Original documentdocumentSECUNIA, [SA19630] AzDGVote "int_path" File Inclusion Vulnerabilities (12.04.2006)
 documentDEBIAN, [SECURITY] [DSA 1032-1] New zope-cmfplone packages fix unprivileged data manipulation (12.04.2006)
 documentAliaksandr Hartsuyeu, [eVuln] QLnews XSS and PHP Code Insertion Vulnerabilities (12.04.2006)
 documentsecuriteam_(at)_datasec.no, SAXoPRESS - directory traversal (12.04.2006)
 documentselfar2002_(at)_hotmail.com, AzDGVote File inclusion (12.04.2006)
 documentAliaksandr Hartsuyeu, [eVuln] VNews Multiple Vulnerabilities (12.04.2006)
 documentd4igoro_(at)_gmail.com, Tritanium Bulletin Board 1.2.3 - XSS (12.04.2006)
 documentsn4k3.23_(at)_gmail.com, Confixx 3.1.2 <= SQL Injection (12.04.2006)
 documentd4igoro_(at)_gmail.com, Manila <= 9.5 - XSS Vulnerabilities (12.04.2006)
 documentAliaksandr Hartsuyeu, [eVuln] [V]Book Multiple Vulnerabilities (12.04.2006)
 documentAesthetico, phpListPro <= 2.0 - Remote File Include Vulnerability (12.04.2006)
 documentcrasher_(at)_kecoak.or.id, Multiple vulnerabilities in Blur6ex (12.04.2006)
 documentselfar2002_(at)_hotmail.com, INDEXU <= 5.0.1 (theme_path)and (base_path) Remote File Inclusion Exploit (12.04.2006)
Files:Simplog <= 0.9.2 "s" remote cmmnds xctn
 r57phpbba2e2.pl - phpBB admin 2 exec exploit
 Exploits clansys 1.1 remote sql injection

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod