|
| Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) | | Published: |  | 16.10.2006 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 6722 | | Type: |  | remote | | Level: |  | 5/10 | | Description: |  | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
| Affected: |  | BUGZILLA : Bugzilla 2.18 | | | | DIGITALHIVE : DigitalHive 2.0 | | | | BUGZILLA : Bugzilla 2.20 | | | | WEBSPELL : Webspell 4.01 | | | | BACKEND : Back-end 0.4 | | | | WBB : WoltLab Burning Book 1.1 | | | | ASBRUSOFT : HardCore Web Content Editor 6.0 | | | | DEFBLOG : Def-Blog 1.0 | | | | BUGZILLA : Bugzilla 2.22 | | | | BUGZILLA : Bugzilla 2.23 |
| Original document |  | BUGZILLA, Security Advisory for Bugzilla 2.18.5, 2.20.2, 2.22, and 2.23.2 (16.10.2006) |
| | | SYMANTEC, SYMSA-2006-010: Directory Traversal in IronWebMail (16.10.2006) |
| | | MILW0RM, webSPELL <= 4.01.01 (getsquad) Remote SQL Injection Exploit (16.10.2006) |
| | | SHiKaA-_(at)_hotmail.com, DigitalHive <= v2.0 RC2 (page) Remote File Inclusion Exploit (16.10.2006) |
| | | SHiKaA-_(at)_hotmail.com, Def-Blog <= v1.0.1 (article) Remote SQL Injection Exploit (16.10.2006) |
| | | SHiKaA-_(at)_hotmail.com, Def-Blog <= v1.0.1 (article) Remote SQL Injection Exploit (16.10.2006) |
| | | security_(at)_nruns.com, [Full-disclosure] Asbru HardCore Web Content Editor - Command Injection (16.10.2006) |
| | | SHANKAR, многочисленные уязвимости в WoltLab Burning Book <=1.1.2 (16.10.2006) |
|
|
|
|
|
