|
| Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) | | Published: |  | 14.09.2006 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 6615 | | Type: |  | remote | | Level: |  | 5/10 | | Description: |  | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
| Affected: |  | SNITZ : Snitz Forums 3.4 | | | | ZOPE : zope 2.7 | | | | SOFTCOMPLEX : PHP Event Calendar 1.5 | | | | DOIKA : Doika guestbook 2.5 | | | | CITYFORFREE : indexcity 1.0 | | | | NEWSSCRIPT : Newsscript 0.5 | | | | TUALBLOG : TualBLOG 1.0 | | | | NX5 : NX5Linkx 1.0 | | | | CLOUDNINEINTERAC : Tag Board 3.0 | | | | CLOUDNINEINTERAC : Links Manager | | | | FORUMJBC : ForumJBC 4 | | | | VENTURENINE : Tagger LE | | | | DCPPORTAL : DCP-Portal SE 6.0 | | | | KNOWLEDGEBUILDER : knowledgeBuilder 2.2 | | | | MAGICNEWSPRO : Magic News Pro 1.0 | | | | MAMBO : com_serverstat Mambo component 0.4 | | | | PHPQUIZ : phpQuiz 0.01 | | | | EMUCMS : emuCMS 0.3 |
| Original document |  | SECUNIA, [SA21883] emuCMS "query" and "page" Cross-Site Scripting Vulnerabilities (14.09.2006) |
| | | chris_hasibuan_(at)_yahoo.com, phpQuiz v0.01 design and coding byJule Slootbeek (pagename) Remote File Inclusion (14.09.2006) |
| | | MILW0RM, Mambo com_serverstat Component <=0.4.4 Remote File Include Vulnerability (14.09.2006) |
| | | Saudi Hackrz, Magic News Pro => 1.0.3 (script_path) Remote File Inclusion Exploit (14.09.2006) |
| | | hamidreza_(at)_mineduc.gov.rw, KnowledgeBuilder.v2.2.PHP.NULL-WDYL Remote File Inclusion (14.09.2006) |
| | | daftrix_(at)_gmail.com, Newsscript <= 0.5 Remote and Local File Include Vulnerability (14.09.2006) |
| | | HACKERS PAL, DCP-Portal SE 6.0 multiple injections (14.09.2006) |
| | | HACKERS PAL, ADOdb Date Library Full path Bugs (14.09.2006) |
| | | SECUNIA, [Full-disclosure] Secunia Research: Tagger LE PHP "eval()" Injection Vulnerabilities (14.09.2006) |
| | | x17_(at)_hotmail.fr, # ForumJBC v4 < = Cross-Site Scripting - XSS Exploit ; (14.09.2006) |
| | | OS2A BTO, PHP Event Calendar Multiple Parameter Cross Site Scripting Vulnerability (14.09.2006) |
| | | ajannhwt_(at)_hotmail.com, Snitz Forums 2000 v3.4.06 (14.09.2006) |
| | | Aliaksandr Hartsuyeu, [eVuln] Doika guestbook 'page' XSS Vulnerability (14.09.2006) |
| | | Aliaksandr Hartsuyeu, [eVuln] indexcity SQL Injection and XSS Vulnerabilities (14.09.2006) |
| | | Aliaksandr Hartsuyeu, [eVuln] Links Manager Multiple XSS and SQL Injection Vulnerabilities (14.09.2006) |
| | | Aliaksandr Hartsuyeu, [eVuln] CJ Tag Board XSS Vulnerability (14.09.2006) |
| | | Aliaksandr Hartsuyeu, [eVuln] NX5Linkx Multiple Vulnerabilities (14.09.2006) |
| | | Dj_ReMix_20_(at)_hotmail.com, TualBLOG v 1.0 multiple sql injection (14.09.2006) |
| | | Moritz Muehlenhoff, [SECURITY] [DSA 1176-1] New zope2.7 packages fix information disclosure (14.09.2006) |
|
|
|
|
|
