Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published: 14.09.2006
Source: BUGTRAQ
SecurityVulns ID: 6615
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected: SNITZ : Snitz Forums 3.4
ZOPE : zope 2.7
SOFTCOMPLEX : PHP Event Calendar 1.5
DOIKA : Doika guestbook 2.5
CITYFORFREE : indexcity 1.0
NEWSSCRIPT : Newsscript 0.5
TUALBLOG : TualBLOG 1.0
NX5 : NX5Linkx 1.0
CLOUDNINEINTERAC : Tag Board 3.0
CLOUDNINEINTERAC : Links Manager
FORUMJBC : ForumJBC 4
VENTURENINE : Tagger LE
DCPPORTAL : DCP-Portal SE 6.0
KNOWLEDGEBUILDER : knowledgeBuilder 2.2
MAGICNEWSPRO : Magic News Pro 1.0
MAMBO : com_serverstat Mambo component 0.4
PHPQUIZ : phpQuiz 0.01
EMUCMS : emuCMS 0.3

Original document SECUNIA, [SA21883] emuCMS "query" and "page" Cross-Site Scripting Vulnerabilities (14.09.2006)

chris_hasibuan_(at)_yahoo.com, phpQuiz v0.01 design and coding byJule Slootbeek (pagename) Remote File Inclusion (14.09.2006)

MILW0RM, Mambo com_serverstat Component <=0.4.4 Remote File Include Vulnerability (14.09.2006)

document Saudi Hackrz, Magic News Pro => 1.0.3 (script_path) Remote File Inclusion Exploit (14.09.2006)

hamidreza_(at)_mineduc.gov.rw, KnowledgeBuilder.v2.2.PHP.NULL-WDYL Remote File Inclusion (14.09.2006)

daftrix_(at)_gmail.com, Newsscript <= 0.5 Remote and Local File Include Vulnerability (14.09.2006)

document HACKERS PAL, DCP-Portal SE 6.0 multiple injections (14.09.2006)

HACKERS PAL, ADOdb Date Library Full path Bugs (14.09.2006)

SECUNIA, [Full-disclosure] Secunia Research: Tagger LE PHP "eval()" Injection Vulnerabilities (14.09.2006)

x17_(at)_hotmail.fr, # ForumJBC v4 < = Cross-Site Scripting - XSS Exploit ; (14.09.2006)

document OS2A BTO, PHP Event Calendar Multiple Parameter Cross Site Scripting Vulnerability (14.09.2006)

ajannhwt_(at)_hotmail.com, Snitz Forums 2000 v3.4.06 (14.09.2006)

Aliaksandr Hartsuyeu, [eVuln] Doika guestbook 'page' XSS Vulnerability (14.09.2006)

Aliaksandr Hartsuyeu, [eVuln] indexcity SQL Injection and XSS Vulnerabilities (14.09.2006)

document Aliaksandr Hartsuyeu, [eVuln] Links Manager Multiple XSS and SQL Injection Vulnerabilities (14.09.2006)

Aliaksandr Hartsuyeu, [eVuln] CJ Tag Board XSS Vulnerability (14.09.2006)

Aliaksandr Hartsuyeu, [eVuln] NX5Linkx Multiple Vulnerabilities (14.09.2006)

Dj_ReMix_20_(at)_hotmail.com, TualBLOG v 1.0 multiple sql injection (14.09.2006)

document Moritz Muehlenhoff, [SECURITY] [DSA 1176-1] New zope2.7 packages fix information disclosure (14.09.2006)

Discuss: Read or add your comments to this news (0 comments)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

test server