Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 07.06.2006
Published:07.06.2006
Source:
SecurityVulns ID:6224
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:COPPERMINE : Coppermine Photo Gallery 1.4
 XTREMEDOWNLOADS : Xtreme Downloads 1.0
 PARTICLESOFT : ParticleSoft Whois 1.0
 PARTICLESOFT : Particle Gallery 1.0
 PARTICLESOFT : Particle Links 1.2
 GANTTY : GANTTy 1.0
 BLOGGIT : BloggIT 1.01
 TINYPHP : TinyPHP forum 3.6
 MIRAKSGALERIE : MiraksGalerie 2.62
CVE:CVE-2006-7014 (admin.php in BloggIT 1.01 and earlier does not properly establish a user session, which allows remote attackers to gain privileges via a direct request.)
Original documentdocumentCrAzY.CrAcKeR_(at)_hotmail.com, Calendar Express 2 SQL injection (08.06.2006)
 documentSECUNIA, [SA20465] Coppermine Photo Gallery usermgr.php Unspecified Vulnerability (07.06.2006)
 documentSECUNIA, [SA20475] MiraksGalerie Multiple File Inclusion Vulnerabilities (07.06.2006)
 documentSECUNIA, [SA20436] PyBlosxom Contributed Packages Cross-Site Scripting Vulnerability (07.06.2006)
 documentFederico Fazzi, BloggIT <= 1.01 (admin.php) Arbitrary code execution (07.06.2006)
 documentip.chat_(at)_yahoo.com, bug on showwich.asp (07.06.2006)
 documentluny_(at)_youfucktard.com, GANTTy v1.0.3 (07.06.2006)
 documentluny_(at)_youfucktard.com, ParticleSoft Whois v1.0.3 (07.06.2006)
 documentluny_(at)_youfucktard.com, Partial Links v1.2.2 (07.06.2006)
 documentluny_(at)_youfucktard.com, Particle Gallery v1.0.0 (07.06.2006)
 documentblack-cod3_(at)_hotmail.com, Multiple file include exploits in Xtreme Downloads v.1.0 (07.06.2006)
 documentgamr-14_(at)_hotmail.com, file include in Xtreme Downloads v.1.0 (07.06.2006)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod