Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:29.08.2006
Source:
SecurityVulns ID:6553
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:PMWIKI : PmWiki 2.1
 MYBB : MyBB 1.1
 CCEINTERACT : Cce-interact 2.2
 WEB3KING : Web3news 0.95
 E107 : e107 0.75
 AYSAD : Ay System Solutions CMS 2.6
 IZICONTENTS : iziContents RC6
 SUPERALBERT : AlberT-EasySite 1.0
 DUWARE : DUpoll 3.1
 HLSTATS : HLStats 1.34
Original documentdocumentSECUNIA, [SA21635] HLstats "q" Cross-Site Scripting Vulnerability (29.08.2006)
 documentSECUNIA, [SA21667] PmWiki Table Markups Script Insertion Vulnerability (29.08.2006)
 documentSECUNIA, [SA21645] MyBB Avatar / Attachment Script Insertion Vulnerability (29.08.2006)
 document...::BoZKuRTSeRDaR::..., DUpoll 3.1 security bug (29.08.2006)
 documentSHiKaA-_(at)_hotmail.com, Ay System Solutions CMS <= v2.6 (main.php) Remote File Inclusion Exploit (29.08.2006)
 documentSHiKaA-_(at)_hotmail.com, Web3news <= v0.95 (PHPSECURITYADMIN_PATH) Remote File Inclusion Exploit (29.08.2006)
 documentCarcaBotx_(at)_yahoo.com, JetBox cms (search_function.php) Remote File Include (29.08.2006)
 documentCarcaBotx_(at)_yahoo.com, interact <= 2.2 (CONFIG[BASE_PATH]) Remote File Include Vulnerability (29.08.2006)
Files:e107 <= 0.75 GLOBALS[] overwrite/Zend_Hash_Del_Key_Or_Index remote commands execution exploit
 CMS frogss <= 0.4 (podpis) SQL Injection Exploit [creat new admin]
 iziContents <= RC6 GLOBALS[] Remote Code Execution Exploit
 AES: AlberT-EasySite <= 1.0a5 Remote File Include Vulnerability

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod