Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:04.07.2006
Source:
SecurityVulns ID:6334
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:INVISION : Invision Power Board 1.3
 INVISION : Invision Power Board 2.1
 WORDPRESS : WordPress 2.0
 PLUMECMS : Plume CMS 1.0
 GLOSSAIRE : Glossaire 1.7
 JMBSOFT : AutoRank Pro 5.01
 JMBSOFT : AutoRank PHP 3.02
 FREEQBOARD : Free QBoard v1.1
 PERLFORUMS : Pearl Forums 2.4
 PEARLFORUMS : Ngoc Biec 1.4
 PEARLFORUMS : Pearl For Biz 2.4
 PEARLFORUMS : Pearl For Mambo 1.6
 QTOFILEMANAGER : QTOFileManager 1.0
 MP3NETBOX : Mp3netbox Beta 1
 EFONE : efone 20000723
 KAMIKAZEQSCM : Kamikaze-QSCM 0.1
 BBNEWS : Blueboy 1.0.3
 FOROS : Foros 1.0
 TBE : The Banner Engine 4.0
 WEPPOS : ASP Stats Generator 2.1
 MKPORTAL : MKPortal 1.0
 VINCENT : LECLERCQ News 5.5
 GALLERIA : galleria 1.0
Original documentdocumentineal_(at)_gmail.com, galleria <= 1.0 Remote File Inclusion Vulnerability (04.07.2006)
 documentSECUNIA, [SA20936] Vincent LECLERCQ News Cross-Site Scripting and SQL Injection (04.07.2006)
 documentSECUNIA, [SA20901] FineShop Cross-Site Scripting and SQL Injection (04.07.2006)
 documentSECUNIA, [SA20884] MKPortal "ind" Local File Inclusion Vulnerability (04.07.2006)
 documentSECUNIA, [SA20930] Invision Power Board Cross-Site Scripting and Security Bypass (04.07.2006)
 documentSECURITEAM, [NT] ASP Stats Generator Multiple Vulnerabilities (SQL Injection, Code Execution) (04.07.2006)
 documentMarc Ruef, [Full-disclosure] [scip_Advisory 2351] Kyberna AG ky2help various form fields SQL Injection (04.07.2006)
 documentsecurityconnection_(at)_gmail.com, TBE 4.0 XSS (04.07.2006)
 documentgmdarkfig_(at)_gmail.com, 5 php scripts remote database password disclosure (04.07.2006)
 documentBreeeeh_(at)_hotmail.com, Invision Power Board v1.3 Final SQL Injection (04.07.2006)
 documentsecurityconnection_(at)_gmail.com, QTOFileManager 1.0 (04.07.2006)
 documentBoNy-m_(at)_hotmail.com, popup Vacation Rentals[calendar_year.php] SQL Injection (04.07.2006)
 documentxzerox_(at)_linuxmail.org, Pearl Products Multiple Remote File Inclusion (04.07.2006)
 documentKARKOR23_(at)_hotmail.com, free QBoard v1.1 Multiple Remote File include (04.07.2006)
 documentKARKOR23_(at)_hotmail.com, plume-cms v1.0.4 Multiple Remote File include (04.07.2006)
 documentAesthetico, WordPress 2.0.3 SQL Error and Full Path Disclosure (04.07.2006)
 documentAesthetico, [MajorSecurity #19] AutoRank <= 5.01 - Multiple XSS and cookie disclosure (04.07.2006)
 documentCrAzY.CrAcKeR_(at)_hotmail.com, Glossaire<<--v1.7 Remote File Include (04.07.2006)
 documentzeberus__(at)_hotmail.com, Php-Fusion (Xss) With Avatar Upload (04.07.2006)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod