Computer Security

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:15.05.2006
Source:
SecurityVulns ID:6144
Type:remote
Level:5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:RADLANCE : Radlance 7
CVE:CVE-2006-6978 (Cross-site scripting (XSS) vulnerability in the "Basic Toolbar Selection" in FCKEditor allows remote attackers to execute arbitrary JavaScript via the javascript: URI in the (1) href or (2) onmouseover attribute of the A HTML tag.)
 CVE-2006-6977 (Cross-site scripting (XSS) vulnerability in the "Basic Toolbar Selection" in FreeTextBox allows remote attackers to execute arbitrary JavaScript via the javascript: URI in the (1) href or (2) onmouseover attribute of the A HTML tag.)
Original documentdocumentsirdarckcat_(at)_gmail.com, 90% of programs made in PHP5 and prior Full Path Disclosure vuln. (15.05.2006)
 documentbonsite_(at)_hotmail.com, XSS in FreeTextBox and FCKEditor Basic Toolbar Selection (15.05.2006)
Files:Radlance directory traversal exploit
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
 


Рейтинг@Mail.ru