|
| Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) | | Published: |  | 04.07.2006 | | Source: |  | | | SecurityVulns ID: |  | 6334 | | Type: |  | remote | | Level: |  | 5/10 | | Description: |  | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
| Affected: |  | INVISION : Invision Power Board 1.3 | | | | INVISION : Invision Power Board 2.1 | | | | WORDPRESS : WordPress 2.0 | | | | PLUMECMS : Plume CMS 1.0 | | | | GLOSSAIRE : Glossaire 1.7 | | | | JMBSOFT : AutoRank Pro 5.01 | | | | JMBSOFT : AutoRank PHP 3.02 | | | | FREEQBOARD : Free QBoard v1.1 | | | | PERLFORUMS : Pearl Forums 2.4 | | | | PEARLFORUMS : Ngoc Biec 1.4 | | | | PEARLFORUMS : Pearl For Biz 2.4 | | | | PEARLFORUMS : Pearl For Mambo 1.6 | | | | QTOFILEMANAGER : QTOFileManager 1.0 | | | | MP3NETBOX : Mp3netbox Beta 1 | | | | EFONE : efone 20000723 | | | | KAMIKAZEQSCM : Kamikaze-QSCM 0.1 | | | | BBNEWS : Blueboy 1.0.3 | | | | FOROS : Foros 1.0 | | | | TBE : The Banner Engine 4.0 | | | | WEPPOS : ASP Stats Generator 2.1 | | | | MKPORTAL : MKPortal 1.0 | | | | VINCENT : LECLERCQ News 5.5 | | | | GALLERIA : galleria 1.0 |
| Original document |  | ineal_(at)_gmail.com, galleria <= 1.0 Remote File Inclusion Vulnerability (04.07.2006) |
| | | SECUNIA, [SA20936] Vincent LECLERCQ News Cross-Site Scripting and SQL Injection (04.07.2006) |
| | | SECUNIA, [SA20901] FineShop Cross-Site Scripting and SQL Injection (04.07.2006) |
| | | SECUNIA, [SA20884] MKPortal "ind" Local File Inclusion Vulnerability (04.07.2006) |
| | | SECUNIA, [SA20930] Invision Power Board Cross-Site Scripting and Security Bypass (04.07.2006) |
| | | SECURITEAM, [NT] ASP Stats Generator Multiple Vulnerabilities (SQL Injection, Code Execution) (04.07.2006) |
| | | Marc Ruef, [Full-disclosure] [scip_Advisory 2351] Kyberna AG ky2help various form fields SQL Injection (04.07.2006) |
| | | securityconnection_(at)_gmail.com, TBE 4.0 XSS (04.07.2006) |
| | | gmdarkfig_(at)_gmail.com, 5 php scripts remote database password disclosure (04.07.2006) |
| | | Breeeeh_(at)_hotmail.com, Invision Power Board v1.3 Final SQL Injection (04.07.2006) |
| | | securityconnection_(at)_gmail.com, QTOFileManager 1.0 (04.07.2006) |
| | | BoNy-m_(at)_hotmail.com, popup Vacation Rentals[calendar_year.php] SQL Injection (04.07.2006) |
| | | xzerox_(at)_linuxmail.org, Pearl Products Multiple Remote File Inclusion (04.07.2006) |
| | | KARKOR23_(at)_hotmail.com, free QBoard v1.1 Multiple Remote File include (04.07.2006) |
| | | KARKOR23_(at)_hotmail.com, plume-cms v1.0.4 Multiple Remote File include (04.07.2006) |
| | | Aesthetico, WordPress 2.0.3 SQL Error and Full Path Disclosure (04.07.2006) |
| | | Aesthetico, [MajorSecurity #19] AutoRank <= 5.01 - Multiple XSS and cookie disclosure (04.07.2006) |
| | | CrAzY.CrAcKeR_(at)_hotmail.com, Glossaire<<--v1.7 Remote File Include (04.07.2006) |
| | | zeberus__(at)_hotmail.com, Php-Fusion (Xss) With Avatar Upload (04.07.2006) |
|
|
|
|
|
