Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:27.05.2006
Source:
SecurityVulns ID:6194
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:TIKIWIKI : tikiwiki 1.9
 PLUMECMS : Plume CMS 1.0
 VWEBMAIL : V-Webmail 1.6
 TOASTFORUMS : Toast Forums 1.6
 EVAWEB : EVA-Web 2.1
 DOCEBO : Docebo LMS 2.05
 MONSTERTOPLIST : Monster Top List 1.4
 EASYCONTENT : Easy-Content Forums 1.0
 SOCKETMAIL : Socketmail 2.2
 TAMBER : Tamber Forum 1.9
 PHPRESIDENCE : PHPResidence 0.6
 AGTC : PHP AGTC-Membership system 1.1
 BYTEHOARD : bytehoard 2.1
 ASSETMAN : AssetMan 2.4
 PHPSIMPLECHOOSE : PHPSimple Choose 0.3
 SUPERLINKEXCHANG : Super Link Exchange 1.0
 VACATIONRETAL : Vacation Retal Script 1.0
 PRETTYGUESTBOOK : Pretty Guestbook 1
 SMILEGUESTBOOK : Smile Guestbook 1
 MORRISGUESTBOOK : Morris Guestbook 1
CVE:CVE-2006-7016 (phpjobboard allows remote attackers to bypass authentication and gain administrator privileges via a direct request to admin.php with adminop=job-edit.)
Original documentdocumentVympel, [Full-disclosure] ZH2006-20 SA: CosmicShoppingCart Multiple Vulnerabilities (27.05.2006)
 documentluny_(at)_youfucktard.com, Morris Guestbook v1 (27.05.2006)
 documentluny_(at)_youfucktard.com, Smile Guestbook v1 (27.05.2006)
 documentluny_(at)_youfucktard.com, Pretty Guestbook v1 (27.05.2006)
 documentluny_(at)_youfucktard.com, Vacation Retal Script v1.0 (27.05.2006)
 documentluny_(at)_youfucktard.com, Super Link Exchange Script v1.0 (27.05.2006)
 documentluny_(at)_youfucktard.com, PHPSimple Choose v0.3 (27.05.2006)
 documentluny_(at)_youfucktard.com, iBoutique.MALL - Directory Traversal (27.05.2006)
 documentmail_(at)_yunusemreyilmaz.com, Seditio Cross Site Scripting Vulnerability (27.05.2006)
 documentajannhwt_(at)_hotmail.com, Easy-Content Forums 1.0 Multiple [SQL/XSS] Vulnerabilities (27.05.2006)
 documentzerogue_(at)_gmail.com, Assetman <= 2.4a XSS (27.05.2006)
 documentzerogue_(at)_gmail.com, ByteHoard <= 2.1 multiple vulnerabilities (27.05.2006)
 documentzerogue_(at)_gmail.com, PHP AGTC-Membership system <= v1.1a XSS (27.05.2006)
 documentzerogue_(at)_gmail.com, PHPResidence <= 0.6 XSS (27.05.2006)
 documentbeford, Plume CMS Remote File Include (27.05.2006)
 documentblwood_(at)_skynet.be, Multiple XSS Vulnerabilities in Tikiwiki 1.9.x (27.05.2006)
 documentajannhwt_(at)_hotmail.com, Tamber Forum <= 1.9.13 Multiple SQL Injection Vulnerabilities (27.05.2006)
 documentAesthetico, [MajorSecurity #6]Socketmail <= 2.2.6 - Remote File Include Vulnerability (27.05.2006)
 documentajannhwt_(at)_hotmail.com, qjForum(member.asp) SQL Injection Vulnerability (27.05.2006)
 documentalp_eren_(at)_ayyildiz.org, phpjobboard Authecnical admin byPass (27.05.2006)
 documentajannhwt_(at)_hotmail.com, Toasts Forums 1.6.44 in Xss (27.05.2006)
 documentajannhwt_(at)_hotmail.com, Easy-Content Forums 1.0 Multiple SQL/XSS Vulnerabilities (27.05.2006)
 documentV8f3_(at)_hotmail.com, XSS in Monster Top List | MTL 1.4 (27.05.2006)
 documentbeford, Docebo LMS 2.05 Remote File Include (27.05.2006)
 documentSome One, XSS in Omegasoft's Insel (27.05.2006)
 documentbeford, V-Webmail 1.6.4 Remote File Include (27.05.2006)
 documentr0t, EVA-Web <=2.1.2 vuln. (27.05.2006)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod