Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published: 05.10.2006
Source:
SecurityVulns ID: 6683
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected: INVISION : Invision Gallery 2.0
INVISION : Invision Power Board 2.1
TASKJITSU : Taskjitsu 2.0
JAF : JAF CMS 4.0
WIKYBLOG : WikyBlog 1.4
PHPMYTEAM : phpMyTeam 2.0
PHPCLASSIFIEDS : Php Classifieds 7.1
PHPBB : phpBB Static Topics 1.0
PHPBB : phpBB Admin Topic Action Logging Mod 0.95
KLINZA : Klinza Professional CMS 5.0
PHPMYPROFILER : phpMyProfiler 0.9
OPENBIBLIO : OpenBiblio 0.5
HAMWEATHER : HAMweather 3.9
DRUPAL : IMCE 4.7 drupal module
BBACE : BBaCE 5
CVE: CVE-2007-1261 (Unspecified vulnerability in the reports system in OpenBiblio before 0.6.0 allows attackers to gain privileges via unspecified vectors.)

Original document SECUNIA, [SA22137] BBaCE "phpbb_root_path" File Inclusion (05.10.2006)

SECUNIA, [SA22261] Drupal IMCE Module Multiple Vulnerabilities (05.10.2006)

SECUNIA, [SA22242] HAMweather "do_parse_code" Command Injection Vulnerability (05.10.2006)

SECUNIA, [SA22238] OpenBiblio Local File Inclusion and SQL Injection (05.10.2006)

document SECUNIA, [SA22257] Taskjitsu "key" SQL Injection Vulnerability (05.10.2006)

mozi, phpMyProfiler Remote File Inclusion Vulnerability (05.10.2006)

ThE TiGeR, JAF CMS Remote file include (website) (05.10.2006)

MILW0RM, phpBB Admin Topic Action Logging Mod <= 0.94b File Include Vuln (05.10.2006)

document mozi, phpGreetz Remote File Inclusion Vulnerability (05.10.2006)

Kw3rLn, phpBB Static Topics <= 1.0 [phpbb_root_path] Remote File Include Vulnerability (05.10.2006)

Kzar, PHP Classifieds 7.1 (index.php) Remote SQL Injection Vulnerability (05.10.2006)

MILW0RM, phpMyTeam <= 2.0 (smileys_dir) Remote File Include Vulnerability (05.10.2006)

document xp1o_(at)_msn.com, WikyBlog <= v1.4 (WN_BASEDIR) Remote File Inclusion Exploit (05.10.2006)

Rapigator, Invision Power Board Multiple Vulnerabilities (05.10.2006)

Files: Klinza Professional CMS <= 5.0.1 (show_hlp.php) Remote File Include Exploit
Invision Gallery => 2.0.7 ReadFile() & SQL injection exploit
Travelsized CMS <= 0.4 (frontpage.php) Remote File Include Exploit
Discuss: Read or add your comments to this news (0 comments)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin