Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published: 16.04.2006
Source: BUGTRAQ
SecurityVulns ID: 6016
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected: COPPERMINE : Coppermine Photo Gallery 1.4
SNIPEGALLERY : Snipe Gallery 3.1
AWEBBB : aWebBB 1.2
MONSTERTOPLIST : MTL 1.4
TINYWEBGALLERY : Tiny Web Gallery 1.4
PGPGUESTBOOK : PhpGuestbook 1.0
MUSICBOX : MusicBox 2.3
FLEXBB : FlexBB 0.5
BOARDSOLUTION : Boardsolution 1.12
PHPALBUM : PHP Album 0.3
MYBB : MyBB 1.1
MANILLA : UserLand Frontier 9.0
CGI : sysinfo.cgi 1.21

Original document Aaron Kaplan, manila.userland cross site scriptable (16.04.2006)

imei, [KAPDA]MyBB1.1.0~global.php~ParameterExtracting (16.04.2006)

imei, [KAPDA]CopperminePhotoGallery1.4.4~ PluginInclusionSystem(index.php)~ RemoteFileInclusion attack (16.04.2006)

Aliaksandr Hartsuyeu, [eVuln] aWebBB Multiple XSS and SQL Injection Vulnerabilities (16.04.2006)

document qex_(at)_bsdmail.org, Snipe Gallery <= 3.1.4 Multiple XSS (16.04.2006)

botan_(at)_linuxmail.org, phpFaber TopSites Script Cross-Site Scripting (16.04.2006)

qex_(at)_bsdmail.org, Boardsolution <= 1.12 XSS (16.04.2006)

qex_(at)_bsdmail.org, FlexBB <= 0.5.7 BETA XSS (16.04.2006)

document r0t, Musicbox vuln. (16.04.2006)

qex_(at)_bsdmail.org, PhpGuestbook <= 1.0 XSS (16.04.2006)

r0t, MonsterTopList- Remote Code Execution bug (16.04.2006)

Files: sysinfo.cgi 1.21 remote cmmnds xctn
PHP Album <= 0.3.2.3 remote cmmnds xctn
Discuss: Read or add your comments to this news (0 comments)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod