Computer Security

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:16.05.2006
Source:
SecurityVulns ID:6145
Type:remote
Level:5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:PHPMYADMIN : phpmyadmin 2.8
 SWSOFT : Confixx 3.1
 SUGARCRM : Sugar Suite Open Source 4.2
 AZBOARD : Azboard 1.0
 YAPBB : YapBB 1.2
 DELUXEBB : DeluxeBB 1.06
 PHPREMOTEVIEW : phpRemoteView 2003-10-23
 PHPODP : phpODP 1.5
 PHPBLUEDRAGON : Php Blue Dragon CMS 2.8
 JAX : Jax Guestbook 3.50
 POPPHOTO : PopPhoto 3.5
 TRNEWSPORTAL : TR Newsportal 0.36
 SQUIRRELCART : Squirrelcart PHP Shopping Cart 2.2
 DUWARE : DUbanner 3.1
 EZUSERMANAGER : ezUserManager 1.6
Original documentdocumentSECUNIA, [SA20103] ezUserManager "ezUserManager_Path" File Inclusion Vulnerability (16.05.2006)
 documentSECUNIA, [SA20102] DUbanner Insecure File Upload Vulnerability (16.05.2006)
 documentSECUNIA, [SA20121] Squirrelcart "cart_isp_root" File Inclusion Vulnerability (16.05.2006)
 documentSECUNIA, [SA20119] TR Newsportal "file_newsportal" Parameter File Inclusion Vulnerability (16.05.2006)
 documentSECUNIA, [SA20118] Directory Listing Script "dir" Cross-Site Scripting Vulnerability (16.05.2006)
 documentSECUNIA, [SA20110] Jax Guestbook "guestbook.admin.php" Cross-Site Scripting (16.05.2006)
 documentSECUNIA, [SA20087] PopPhoto "cfg[popphoto_base_path]" File Inclusion Vulnerability (16.05.2006)
 documentSECUNIA, [SA20115] Php Blue Dragon CMS "vsDragonRootPath" File Inclusion (16.05.2006)
 documentSECUNIA, [SA20111] phpODP "browse" Cross-Site Scripting Vulnerability (16.05.2006)
 documentSECUNIA, [SA20113] phpMyAdmin "theme" and "db" Cross-Site Scripting Vulnerabilities (16.05.2006)
 documentgeinblues_(at)_gmail.com, YapBB <= 1.2 Beta2 'find.php' SQL Injection Vulnerability (16.05.2006)
 documentSnake_23_(at)_LoK-Crew.de.tk, Confixx 3.1.2 <= Code Injection (16.05.2006)
 documentgeinblues_(at)_gmail.com, Azboard <= 1.0 Multiple Sql Injections (16.05.2006)
 documentrgod_(at)_autistici.org, Sugar Suite Open Source <= 4.2 "OptimisticLock!" arbitrary remote inclusion exploit (16.05.2006)
 documentsoot hackers, PhpRemoteView Multiple Xss Vulnerabilities (16.05.2006)
 documentsoot hackers, Sphider Multiple Xss Vulnerabilities (16.05.2006)
Files:Sugar Suite Open Source <= 4.2 "OptimisticLock!" arbitrary remote inclusion exploit
 DeluxeBB 1.06 Remote SQL Injection Exploit
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
 


Рейтинг@Mail.ru