Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:14.07.2006
Source:
SecurityVulns ID:6378
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:FLIPPERPOLL : Flipper Poll 1.1
 FLATNUKE : Flatnuke 2.5
 JOOMLA : com_hashcash 1.2
 JOOMLA : HTMLArea3 1.3
 MAMBO : Sitemap 2.0
 PHOTOCYCLE : Photocycle 1.0
 SCOZNET : ScozNews Final-Php 1.1
 ORBITCODERS : Orbitmatrix PHP Script 1.0
 PHORUM : PHORUM 5
 PHPBB : phpBB 3.0
 JOOMLA : perForms 1.0
 CZARNEWS : CzarNews 1.20
Original documentdocumentSECUNIA, [SA21038] CzarNews "tpath" File Inclusion Vulnerability (14.07.2006)
 documentChironex Fleckeri, SubberZ[Lite] - Remote File Include (14.07.2006)
 documentendeneu_(at)_linuxmail.com, perForms <= 1.0 ([mosConfig_absolute_path]) Remote File Inclusion (14.07.2006)
 documentrgod_(at)_autistici.org, flatnuke <= 2.5.7 arbitrary php file upload (14.07.2006)
 documentx0r0n_(at)_hotmail.com, Flipper Poll <= 1.1.0 Remote File Inclusion Vulnerability (14.07.2006)
 documentluny_(at)_youfucktard.com, Orbitmatrix PHP Script v1.0 (14.07.2006)
 documentluny_(at)_youfucktard.com, Photocycle v1.0 - XSS (14.07.2006)
 documentx0r0n_(at)_hotmail.com, ScozNews Final-Php <=1.1 Remote File Inclusion Vulnerability (14.07.2006)
 documentmatdhule_(at)_gmail.com, [ECHO_ADV_38$2006] Multiple Mambo/Joomla Component Remote File Include Vulnerabilities (14.07.2006)
Files:PHORUM 5 arbitrary local inclusion exploit
 Exploits PhpBB 3 memberlist.php/'ip' argument SQL injection / admin credentials disclosure

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod