|
| Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) | | Published: |  | 30.05.2006 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 6196 | | Type: |  | remote | | Level: |  | 5/10 | | Description: |  | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
| Affected: |  | PHPBB : UBBThreads 6.2 | | | | VCARD : vCard 2.9 | | | | ARBLOG : ar-blog 5.2 | | | | TIKIWIKI : tikiwiki 1.9 | | | | GEEKLOG : geeklog 1.4 | | | | CHERRYPY : cherrypy 2.1 | | | | SAPHPLESSON : SaphpLesson 2.0 | | | | DGNEWS : DGNews 1.5 | | | | EZSCRIPTS : EzUpload Pro 2.10 | | | | PHPBB : Blend Portal 1.2 | | | | ASPSITEM : ASPSitem 2.0 | | | | EGGBLOG : Eggblog 3.0 | | | | FACILE : Facile 0.8 | | | | ENIGMA : EnigmaASP 4.3 | | | | TINYBB : tinyBB 0.3 | | | | ASPBB : ASPBB 0.52 | | | | MININUKE : MiniNuke 2.3 | | | | PHOTOALBUMBW : Photoalbum B&W 1.3 | | | | NUKEDUT : Nukedit 4.9 | | | | WIKINI : WikiNi 0.4 |
| Original document |  | MILW0RM, CosmicShoppingCart (search.php) Remote SQL Injection Vulnerability (30.05.2006) |
| | | GENTOO, [Full-disclosure] [ GLSA 200605-16 ] CherryPy: Directory traversal vulnerability (30.05.2006) |
| | | blwood_(at)_skynet.be, [Full-disclosure] Multiple XSS Vulnerabilities in Tikiwiki 1.9.x (30.05.2006) |
| | | raphael.huck_(at)_free.fr, WikiNi Persistent Cross Site Scripting Vulnerability (30.05.2006) |
| | | black-cod3_(at)_hotmail.com, Multiple Xss exploits in Chipmunk Board (30.05.2006) |
| | | black-cod3_(at)_hotmail.com, RE: Multiple Xss exploits in coolphp magazine (30.05.2006) |
| | | black-cod3_(at)_hotmail.com, multiple Xss exploits in : vCard 2.9 (30.05.2006) |
| | | farhadkey_(at)_kapda.ir, [KAPDA::#46] - Nukedit Unauthorized Admin Add (30.05.2006) |
| | | alireza hassani, [KAPDA::#45] - geeklog multiple vulnerabilities (30.05.2006) |
| | | black-cod3_(at)_hotmail.com, Xss exploit in Photoalbum B&W v1.3 (30.05.2006) |
| | | CrAzY.CrAcKeR_(at)_hotmail.com, VARIOMAT(advanced cms tool)SQL injection/XSS (30.05.2006) |
| | | chris_(at)_splices.org, UBBThreads 5.x,6.x md5 hash disclosure (30.05.2006) |
| | | Mustafa Can Bjorn IPEKCI, Advisory: Blend Portal <= 1.2.0 for phpBB 2.x (blend_data/blend_common.php) File Inclusion Vulnerability (30.05.2006) |
| | | Mustafa Can Bjorn IPEKCI, Advisory: UBBThreads 5.x,6.x Multiple File Inclusion Vulnerabilities. (30.05.2006) |
| | | Mustafa Can Bjorn IPEKCI, Advisory: ASPSitem <= 2.0 Multiple Vulnerabilities. (30.05.2006) |
| | | Mustafa Can Bjorn IPEKCI, Advisory: phpBB 2.x (Activity MOD Plus) File Inclusion Vulnerability. (30.05.2006) |
| | | Mustafa Can Bjorn IPEKCI, Advisory: phpBB 2.x (admin/admin_hacks_list.php) Local Inclusion Vulnerability. (30.05.2006) |
| | | Mustafa Can Bjorn IPEKCI, Advisory: Eggblog <= 3.x Multiple Remote Vulnerabilities (30.05.2006) |
| | | Mustafa Can Bjorn IPEKCI, Advisory: F@cile Interactive Web <= 0.8x Multiple Remote Vulnerabilities. (30.05.2006) |
| | | Mustafa Can Bjorn IPEKCI, Advisory: Enigma Haber <= 4.3 Multiple Remote SQL Injection Vulnerabilities (30.05.2006) |
| | | Mustafa Can Bjorn IPEKCI, Advisory: tinyBB <= 0.3 Multiple Remote Vulnerabilities. (30.05.2006) |
| | | Mustafa Can Bjorn IPEKCI, Advisory: ASPBB <= 0.52 (perform_search.asp) XSS vulnerability (30.05.2006) |
| | | Mustafa Can Bjorn IPEKCI, Advisory: MiniNuke v2.x Multiple Remote Vulnerabilities (30.05.2006) |
| | | black-cod3_(at)_hotmail.com, multiple file include exploits in EzUpload Pro v2.10 (30.05.2006) |
| | | ajannhwt_(at)_hotmail.com, Speedy ASP Forum(profileupdate.asp) User Pass Change Exploit (30.05.2006) |
| | | black-cod3_(at)_hotmail.com, Multiple Xss exploits in ar-blog v 5.2 (30.05.2006) |
| | | black-cod3_(at)_hotmail.com, Critical sql injection in saphplesson 2.0 (30.05.2006) |
| | | r0t, DGNews v 1.5 File Upload Vuln. (30.05.2006) |
|
|
|
|
|
