Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:05.10.2006
Source:
SecurityVulns ID:6683
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:INVISION : Invision Gallery 2.0
 INVISION : Invision Power Board 2.1
 TASKJITSU : Taskjitsu 2.0
 JAFCMS : JAF CMS 4.0
 WIKYBLOG : WikyBlog 1.4
 PHPMYTEAM : phpMyTeam 2.0
 PHPCLASSIFIEDS : Php Classifieds 7.1
 PHPBB : phpBB Static Topics 1.0
 PHPBB : phpBB Admin Topic Action Logging Mod 0.95
 KLINZA : Klinza Professional CMS 5.0
 PHPMYPROFILER : phpMyProfiler 0.9
 OPENBIBLIO : OpenBiblio 0.5
 HAMWEATHER : HAMweather 3.9
 DRUPAL : IMCE 4.7 drupal module
 BBACE : BBaCE 5
CVE:CVE-2007-1261 (Unspecified vulnerability in the reports system in OpenBiblio before 0.6.0 allows attackers to gain privileges via unspecified vectors.)
Original documentdocumentSECUNIA, [SA22137] BBaCE "phpbb_root_path" File Inclusion (05.10.2006)
 documentSECUNIA, [SA22261] Drupal IMCE Module Multiple Vulnerabilities (05.10.2006)
 documentSECUNIA, [SA22242] HAMweather "do_parse_code" Command Injection Vulnerability (05.10.2006)
 documentSECUNIA, [SA22238] OpenBiblio Local File Inclusion and SQL Injection (05.10.2006)
 documentSECUNIA, [SA22257] Taskjitsu "key" SQL Injection Vulnerability (05.10.2006)
 documentmozi, phpMyProfiler Remote File Inclusion Vulnerability (05.10.2006)
 documentThE TiGeR, JAF CMS Remote file include (website) (05.10.2006)
 documentMILW0RM, phpBB Admin Topic Action Logging Mod <= 0.94b File Include Vuln (05.10.2006)
 documentmozi, phpGreetz Remote File Inclusion Vulnerability (05.10.2006)
 documentKw3rLn, phpBB Static Topics <= 1.0 [phpbb_root_path] Remote File Include Vulnerability (05.10.2006)
 documentKzar, PHP Classifieds 7.1 (index.php) Remote SQL Injection Vulnerability (05.10.2006)
 documentMILW0RM, phpMyTeam <= 2.0 (smileys_dir) Remote File Include Vulnerability (05.10.2006)
 documentxp1o_(at)_msn.com, WikyBlog <= v1.4 (WN_BASEDIR) Remote File Inclusion Exploit (05.10.2006)
 documentRapigator, Invision Power Board Multiple Vulnerabilities (05.10.2006)
Files:Klinza Professional CMS <= 5.0.1 (show_hlp.php) Remote File Include Exploit
 Invision Gallery => 2.0.7 ReadFile() & SQL injection exploit
 Travelsized CMS <= 0.4 (frontpage.php) Remote File Include Exploit

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod