Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 02.10.2006
Published: 02.10.2006
Source:
SecurityVulns ID: 6667
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected: BASILIX : BasiliX 1.1
PHPMYADMIN : phpmyadmin 2.9
PHPBB : phpBB XS 0.58
OLATE : OlateDownload 3.4
GOOGLE : Google Mini Search Appliance 4.4
DELUXEBB : DeluxeBB 1.09
WWWTHREADS : WWWthreads 5.4

Original document David Matousek, Kerio Multiple insufficient argument validation of hooked SSDT function Vulnerability (03.10.2006)

MILW0RM, VAMP Webmail <= 2.0beta1 (yesno.phtml) Remote Include Vulnerability (02.10.2006)

las_kid_(at)_yahoo.com, EasyBannerFree (functions.php) Remote File Include Exploit (02.10.2006)

document SECUNIA, [SA22211] WWWthreads "Cat" Cross-Site Scripting Vulnerabilities (02.10.2006)

SECUNIA, [SA22176] DeluxeBB "templatefolder" File Inclusion Vulnerability (02.10.2006)

SECUNIA, [SA22059] Google Mini Search Appliance Path Disclosure Weakness (02.10.2006)

Stefan Esser, [Full-disclosure] Advisory 07/2006: phpMyAdmin Multiple CSRF Vulnerabilities (02.10.2006)

document x0r0n_(at)_hotmail.com, phpBB XS <= 0.58 (phpbb_root_path) Remote File Include Vulnerability(2) (02.10.2006)

h4ck3riran_(at)_yahoo.com, Yblog => Cross Site Scripting (02.10.2006)

Hessam Salehi, OlateDownload 3.4.0 Multiple Vulnerabilities (02.10.2006)

Files: local cPanel <= 10.8.x cpwrap root exploit via mysqladmin
BasiliX <= 1.1.1 Remote File Include Exploit
Discuss: Read or add your comments to this news (0 comments)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

test server