Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:		10.08.2006
Source:
SecurityVulns ID:		6478
Type:		remote
Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected:		THATWARE : Thatware 0.4
		SAVEWEBPORTAL : SaveWebPortal 3.4
		PHPWCMS : phpwcms 1.2
		PGMARKET : PgMarket 2.2
		CIVICSPACE : CivicSpace 0.8
		BLOGHOSTER : BlogHoster 2.2
		CWFM : Cwfm 0.9
		SPAMINATOR : Spaminator 1.7
		DRUPAL : Bibliography 4.5
		RUBYONRAILS : Ruby on Rails 1.1
		HITWEB : hitweb 4.2

Original document		SECUNIA, [SA21430] hitweb "REP_INC" File Inclusion Vulnerability (10.08.2006)
		SECUNIA, [SA21424] Ruby on Rails Unspecified Vulnerability (10.08.2006)
		SECUNIA, [SA21435] Drupal Bibliography Module Cross-Site Scripting and SQL Injection (10.08.2006)
		SECUNIA, [SA21438] MojoGallery "admin.cgi" Cross-Site Scripting Vulnerabilities (10.08.2006)
		x0rax, SaveWebPortal <= 3.4(page) Remote File Inclusion Vulnerability (10.08.2006)
		MILW0RM, Thatware 0.4.6 (root_path) Remote File Inclusion (10.08.2006)
		MILW0RM, Spaminator 1.7. ($page) Remote File Include (10.08.2006)
		MORGAN, PhpwCMS 1.2.6 <= Multiple Remote file inclusion vulnerabilities (10.08.2006)
		Vicente Perez, [Full-disclosure] Latinchat Denial Of Service (10.08.2006)
		philipp.niedziela_(at)_gmx.de, Cwfm <= 0.9.1 (Language) Remote File Inclusion Vulnerability (10.08.2006)
		piiiiiii pppiiiiiiii, BlogHoster v2.2 Post Comment Html Injection (10.08.2006)
		piiiiiii pppiiiiiiii, CivicSpace Version 0.8.5 HTML injection (10.08.2006)
		x0r0n_(at)_hotmail.com, PgMarket 2.2.3 (CFG[libdir]) Remote File Inclusion Vulnerabilities (10.08.2006)

Discuss:

Read or add your comments to this news (0 comments)