Computer Security
[EN] no-pyccku

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 07.06.2006
SecurityVulns ID:6224
Threat Level:
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:COPPERMINE : Coppermine Photo Gallery 1.4
 XTREMEDOWNLOADS : Xtreme Downloads 1.0
 PARTICLESOFT : ParticleSoft Whois 1.0
 PARTICLESOFT : Particle Gallery 1.0
 PARTICLESOFT : Particle Links 1.2
 BLOGGIT : BloggIT 1.01
 TINYPHP : TinyPHP forum 3.6
 MIRAKSGALERIE : MiraksGalerie 2.62
CVE:CVE-2006-7014 (admin.php in BloggIT 1.01 and earlier does not properly establish a user session, which allows remote attackers to gain privileges via a direct request.)
Original documentdocumentCrAzY.CrAcKeR_(at), Calendar Express 2 SQL injection (08.06.2006)
 documentSECUNIA, [SA20465] Coppermine Photo Gallery usermgr.php Unspecified Vulnerability (07.06.2006)
 documentSECUNIA, [SA20475] MiraksGalerie Multiple File Inclusion Vulnerabilities (07.06.2006)
 documentSECUNIA, [SA20436] PyBlosxom Contributed Packages Cross-Site Scripting Vulnerability (07.06.2006)
 documentFederico Fazzi, BloggIT <= 1.01 (admin.php) Arbitrary code execution (07.06.2006)
 documentip.chat_(at), bug on showwich.asp (07.06.2006)
 documentluny_(at), GANTTy v1.0.3 (07.06.2006)
 documentluny_(at), ParticleSoft Whois v1.0.3 (07.06.2006)
 documentluny_(at), Partial Links v1.2.2 (07.06.2006)
 documentluny_(at), Particle Gallery v1.0.0 (07.06.2006)
 documentblack-cod3_(at), Multiple file include exploits in Xtreme Downloads v.1.0 (07.06.2006)
 documentgamr-14_(at), file include in Xtreme Downloads v.1.0 (07.06.2006)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod