Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 20.04.2006
Published:26.05.2006
Source:
SecurityVulns ID:6028
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:RECHNUNGSZENTRAL : RechnungsZentrale 2
 PHPSURVEYOR : PHPSurveyor 0.995
 AWSTATS : AWStats 6.5
 PORTALPACK : Portal Pack 6.0
 AASIMEDIA : Net Clubs Pro 4.0
 GREENMINUTE : Green Minute 1.0
 MDNEWS : MD News 1.0
 NT : N.T. 1.1
 PCPIN : PCPIN Chat 5.0
 ASPSITEM : ASPSitem 1.83
 WWWTHREAD : WWWThread RC 3
 MANICWEB : MWGuest 2.1
 INVISION : Invision Power Board 2.1
Original documentdocumentMarko Seppänen, Article suggestion: "wannabe security group members" doing harm to software developers (26.05.2006)
 documentAliaksandr Hartsuyeu, [eVuln] MWGuest XSS Vulnerability (20.04.2006)
 documentr0t, AWStats 6.5.x multiple vuln. (20.04.2006)
 documentSECUNIA, [SA19717] W2B Online Banking "SID" Cross-Site Scripting Vulnerability (20.04.2006)
 documentSECUNIA, [SA19684] I-Rater Platinum "include_path" Parameter File Inclusion Vulnerability (20.04.2006)
 documentbotan_(at)_linuxmail.org, ContentBoxx Login.php Cross-Site Scripting (20.04.2006)
 documento.y.6_(at)_hotmail.com, WWWThread RC 3 MultBugs (20.04.2006)
 documentn0m3rcy_(at)_bsdmail.org, Shbablek Mail Vulnerablitiy - Cross-Site Scripting (20.04.2006)
 documentqex_(at)_bsdmail.org, ThWboard <= 3 Beta 2.84 SQL Injection (20.04.2006)
 documentinfo_(at)_g-0.org, RechnungsZentrale V2 - SQL injection and Remote PHP inclusion vulnerabilities (20.04.2006)
 documentMustafa Can Bjorn IPEKCI, ASPSitem <= 1.83 Remote SQL Injection Vulnerability (20.04.2006)
 documentAliaksandr Hartsuyeu, [eVuln] N.T. Version 1.1.0 XSS and PHP Code Insertion Vulnerabilities (20.04.2006)
 documentAliaksandr Hartsuyeu, [eVuln] MD News Authentication Bypass and SQL Injection Vulnerabilities (20.04.2006)
 documentbotan_(at)_linuxmail.org, EasyGallery Cross-Site Scripting (20.04.2006)
 documentr0t, W2B Online Banking vuln. (20.04.2006)
 documentr0t, Green Minute SQL inj. vuln. (20.04.2006)
 documentr0t, Net Clubs Pro XSS vuln (20.04.2006)
 documentr0t, Portal Pack 6 XSS vuln. (20.04.2006)
 documentr0t, IPB <= 2.1.5 SQL inj. vuln. (20.04.2006)
Files:PCPIN Chat <= 5.0.4 "login/language" remote cmmnds xctn
 ASPSitem <= 1.83 Remote SQL Injection Exploit
 PHPSurveyor <= 0.995 'save.php/surveyid' remote cmmnds xctn

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod