Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:		26.05.2006
Source:
SecurityVulns ID:		6190
Type:		remote
Threat Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected:		PHPWEBSITE : phpWebSite 0.8
		WORDPRESS : WordPress 2.0
		IFLANCE : iFlance 1.1
		PRENEWSMANAGER : Pre News Manager 1.0
		PREPROJECTS : Pre Shopping Mall 1.0
		CMSMUNDO : CMS Mundo 1.0
		GUESTBOOKXL : GuestbookXL 1.3
		ELITEBOARD : Elite-Board 1.1
		IFDATE : iFdate 1.2
		CHATPAT : ChatPat 1.0

Original document		mx_(at)_hackmx.net, phpFoX All Version Login Exploit (26.05.2006)
		luny_(at)_youfucktard.com, AZ Photo Album Script Pro (26.05.2006)
		luny_(at)_youfucktard.com, ChatPat v1.0 (26.05.2006)
		luny_(at)_youfucktard.com, iFdate v1.2 (26.05.2006)
		luny_(at)_youfucktard.com, Realty Pro One Property Listing Script (26.05.2006)
		luny_(at)_youfucktard.com, Bulletin Board Elite-Board v.1.1 (26.05.2006)
		luny_(at)_youfucktard.com, GuestbookXL 1.3 (26.05.2006)
		luny_(at)_youfucktard.com, CMS Mundo V1.0 (26.05.2006)
		luny_(at)_youfucktard.com, Pre Shopping Mall v1.0 (26.05.2006)
		farhad koosha, [KAPDA::#44] - NewsCMSLite Login ByPass by Cookie (26.05.2006)
		luny_(at)_youfucktard.com, Pre News Manager v1.0 (26.05.2006)
		luny_(at)_youfucktard.com, iFlance v1.1 (26.05.2006)

Files: