Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published: 05.11.2006
Source:
SecurityVulns ID: 6782
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected: PHPKIT : PHPKIT 1.6
E107 : e107 0.7
SIMPLOG : simplog 0.9
ADMINTOOL : admin.tool CMS 3
DRAKECMS : Drake CMS 0.2
SAZCART : SazCart 1.5
ARIADNE : Ariadne 2.4
MDPRO : MDPro 1.0
PHPDYNASITE : phpDynaSite 3.2

Original document Dr.Pantagon, phpDynaSite <= 3.2.2 (racine) Remote File Include Vulnerabilities (05.11.2006)

cw.cybersecurity_(at)_gmail.com, Ariadne v2.4 (store_config[code]) Remote File Include Vuln (05.11.2006)

cw.cybersecurity_(at)_gmail.com, Ariadne v2.4 (store_config[code]) Remote File Include Vuln (05.11.2006)

document IbnuSina, SazCart <= 1.5 (cart.php) Remote File Include Vulnerability (05.11.2006)

CorryL, [Full-disclosure] [x0n3-h4ck.org] Bug on Drake CMS v0.2 (05.11.2006)

laurent gaffié, IF-CMS multiples XSS vunerabilities (05.11.2006)

Aesthetico, [MajorSecurity Advisory #30]admin.tool 3 CMS - Multiple Cross Site Scripting Issues (05.11.2006)

document hack2prison_(at)_yahoo.com, Web Directory Pro bypass Vulnerabilities (05.11.2006)

Aesthetico, MajorSecurity Advisory #31]Xenis.creator CMS - Multiple Cross Site Scripting and SQL Injection Issues (05.11.2006)

m-0-t_(at)_hotmail.com, XSS in script Mobile (05.11.2006)

laurent gaffié, SIMPLOG 0.9.3 injection sql & multiple xss (05.11.2006)

Files: MDPro <= 1.0.76 (PNSVlang) Remote Code Execution Exploit
e107 <= 0.7.5 Remote Code Execution Exploit
PHPKit 1.6.1 exploit
Discuss: Read or add your comments to this news (0 comments)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

test server