Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published: 20.05.2006
Source: BUGTRAQ
SecurityVulns ID: 6163
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected: ACTUALSCRIPTS : ActualAnalyzer Server 8.23
CODEAVALANCHE : CodeAvalanche 1.2
NEWSWRITER2005 : Newswriter 1.0
JEMSCRIPTS : Download Control 1.0
PHPBAZAR : phpBazar 2.1
RACEEVENTMANAGER : RaceEventManagement 0.7
XTREMESCRIPTS : Topsites 1.1

Original document luny_(at)_youfucktard.com, Xtremescripts Topsites v1.1 (20.05.2006)

Mster-X_(at)_hotmail.com, RaceEventManagement <--v0.7.6 SQL injection & XSS (20.05.2006)

i6d_(at)_hotmail.com, ActualAnalyzer Server <=8.23 - Remote File Include Vulnerability (20.05.2006)

i6d_(at)_hotmail.com, phpBazar <= 2.1.0 Multiple vulnerabilites (20.05.2006)

document luny_(at)_youfucktard.com, Jemscripts Download Control v1.0 (20.05.2006)

luny_(at)_youfucktard.com, Yourfreeworld Styleish Text Ads Script (20.05.2006)

luny_(at)_youfucktard.com, Yourfreeworld.com Short Url & Url Tracker Script (20.05.2006)

omnipresent_(at)_email.it, Newswriter v1.0 Remote XSS Exploit (20.05.2006)

document omnipresent_(at)_email.it, CANews Remote Multiple Vulnerability (20.05.2006)

omnipresent_(at)_email.it, Dayfox Blog Insecure Password Storage (20.05.2006)

omnipresent_(at)_email.it, Dayfox Blog Insecure Password Storage (20.05.2006)

Discuss: Read or add your comments to this news (0 comments)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin