Computer Security

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:14.11.2006
Source:
SecurityVulns ID:6818
Type:remote
Level:5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:SHOPSYSTEMS : ShopSystems 4.0
 NUSCHOOL : NuSchool 1.0
 PHPMANTA : phpManta - Mdoc 1.0
 ASPIRED2POLL : AspPired2 Poll 1.0
 PHPDEBUG : Phpdebug 1.1
 MUNCHPRO : Munch Pro 1.0
 NETQUERY : Netquery 4.0
 PHPWCMS : phpwcms 1.2
 EXOSCRIPTS : ExoPHPDesk 1.2
 AMPACHE : ampache 3.3
 ELOG : ELOG 2.6
 PHPKIT : PHPKIT 1.6
 CPANEL : CPanel 10
 TOPSTORY : TOPSTORY BASIC 1.0
 USTORE : UStore 1.0
 NUCOMMUNITY : NuCommunity 1.0
 NUREMS : NuRems 1.0
 VBULLETIN : vBulletin 3.6
 PHPJOBSCHEDULER : phpjobscheduler 3.0
 ULTRASITE : UltraSite 1.0
 ASPSCRIPTER : ASP Scripter Easy Portal 1.4
 ASPSCRIPTER : ASP Scripter Live Support 1.3
 RAMACMS : Rama CMS 0.68
 PHPWIND : PHPWind 5.0
 STORYSTREAM : Storystream 4.0
 CONTENTNOW : ContentNow 1.30
 VALLHERU : Vallheru 1.0
 PHPPEANUTS 1.1 : Phppeanuts 1.1
 PROPERTYPRO : Property Pro 1.0
 ASPPORTAL : ASPPortal 4.0
 MYSTATS : MyStats 1.0
 MAMBO : shambo2 Mambo component 4.5
 UPUBLISHER : UPublisher 1.0
 DIRECTADMIN : DirectAdmin 1.28
 ONLINEEVENTREGIS : Online Event Registration 2.0
 OPENSOLUTIONS : Quick.Cart 2.0
 DOTDEB : Dotdeb PHP 5.2
 ESTATEAGENTMANAG : Estate Agent Manager 1.3
 MINIBB : MiniBB 2
CVE:CVE-2007-0179 (SQL injection vulnerability in comment.php in PHPKIT 1.6.1 R2 allows remote attackers to execute arbitrary SQL commands via the subid parameter.)
 CVE-2006-7185 (PHP remote file inclusion vulnerability in includes/user_standard.php in CMSmelborp Beta allows remote attackers to execute arbitrary PHP code via a URL in the relative_root parameter.)
 CVE-2006-7020 (CRLF injection vulnerability in (1) include/inc_act/act_formmailer.php and possibly (2) sample_ext_php/mail_file_form.php in phpwcms 1.2.5-DEV and earlier, and 1.1 before RC4, allows remote attackers to modify HTTP headers and send spam e-mail via a spoofed HTTP Referer (HTTP_REFERER).)
 CVE-2006-7019 (phpwcms 1.2.5-DEV and earlier, and 1.1 before RC4, allows remote attackers to execute arbitrary code via crafted arguments to the (1) text_evento and (2) email_eventonome_evento parameters to phpwcms_code_snippets/mail_file_form.php and sample_ext_php/mail_file_form.php, which is processed by the render_PHPcode function. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.)
 CVE-2006-7018 (phpwcms 1.2.5-DEV and earlier, and 1.1 before RC4, allows remote attackers to execute arbitrary code via a crafted argument to the nome_evento parameter to phpwcms_code_snippets/mail_file_form.php and (2) sample_ext_php/mail_file_form.php, which is processed by the render_PHPcode function.)
Original documentdocumentAdvisory_(at)_Aria-Security.net, SiteXpress SQL Injection (14.11.2006)
 documentAdvisory_(at)_Aria-Security.net, SiteXpress SQL Injection (14.11.2006)
 documentStefan Esser, [Full-disclosure] Advisory 14/2006: Dotdeb PHP Email Header Injection Vulnerability (14.11.2006)
 documentAdvisory_(at)_Aria-Security.net, ASPintranet SQL Injection (14.11.2006)
 documentSECUNIA, [SA22842] Ampache Unauthorized Guest Access (14.11.2006)
 documentSECUNIA, [SA22864] Netquery "User-Agent" HTTP Header Script Insertion (14.11.2006)
 documentHidayat Sagita, Phppeanuts 1.1 Remote File Include (14.11.2006)
 documentnavairum_(at)_gmail.com, ContentNow Directory Traversal(upload.php) (14.11.2006)
 documenttimq_(at)_hackernetwork.com, ContentNow Directory Traversal(upload.php) (14.11.2006)
 documentSECUNIA, [SA22812] Vallheru mail.php SQL Injection Vulnerabilities (14.11.2006)
 documentwrit3r_(at)_gmail.com, StoryStream 4.0 (baseDir) Remote File Include Vulnerabilities (14.11.2006)
 documentv1per-haCker, StoryStream 4.0 (baseDir) Remote File Include Vulnerabilities (14.11.2006)
 documentphilip anselmo, New Bug MiniBB Forum <= 2 Remote File Include (index.php) (14.11.2006)
 documentAdvisory_(at)_Aria-Security.net, DirectAdmin Multiple Cross Site Scription (14.11.2006)
 documentajannhwt_(at)_hotmail.com, Estate Agent Manager <= v1.3 (default.asp) Remote Login ByPass SQL Injection Vulnerability (14.11.2006)
 documentajannhwt_(at)_hotmail.com, UPublisher 1.0 (viewarticle.asp) Remote SQL Injection Vulnerability (14.11.2006)
 documentajannhwt_(at)_hotmail.com, Property Pro v1.0 (vir_Login.asp) Remote Login ByPass SQL Injection Vulnerability (14.11.2006)
 documentAdvisory_(at)_Aria-Security.net, CPanel Multiple Cross Site Scription (14.11.2006)
 documentajannhwt_(at)_hotmail.com, Asp Scripter Products (cpLogin.asp) Remote SQL ByPass Injection Vulnerability (14.11.2006)
 documentajannhwt_(at)_hotmail.com, Asp Scripter Products (cpLogin.asp) Remote SQL ByPass Injection Vulnerability (14.11.2006)
 documentajannhwt_(at)_hotmail.com, UltraSite 1.0 (update.asp) Remote SQL Injection Vulnerability (14.11.2006)
 documentOS2A BTO, ELOG Web Logbook Remote Denial of Service Vulnerability (14.11.2006)
 documentfirewall1954_(at)_hotmail.com, Phpdebug 1.1.0 - Remote File Include by Firewall (14.11.2006)
 documentfirewall1954_(at)_hotmail.com, Phpjobscheduler 3.0 - Multiple Remote File Include (14.11.2006)
 documentnavairum_(at)_gmail.com, Aigaion Web Interface remote file inclusion (14.11.2006)
 documentlaurent gaffié, infinicart [ multiples injection sql & xss (post) ] (14.11.2006)
 documentajannhwt_(at)_hotmail.com, NuStore 1.0 (Products.asp) Remote SQL Injection Vulnerability (14.11.2006)
 documentajannhwt_(at)_hotmail.com, NuRems 1.0 Remote XSS/SQL Injection Exploit (14.11.2006)
 documentajannhwt_(at)_hotmail.com, UStore 1.0 (detail.asp) Remote SQL Injection Vulnerability (14.11.2006)
 documentlaurent gaffié, Mega Mall [ multiples injection sql & full path disclosure ] (14.11.2006)
 documentbenjilenoob_(at)_hotmail.com, MyStats <=1.0.8 [injection sql, multiples xss, array & full path disclosure] (14.11.2006)
 documentAesthetico, TOPSTORY BASIC Version 1.0 => Remote File Include Vulnerability (14.11.2006)
 documentAesthetico, [MajorSecurity Advisory #33]ShopSystems - SQL Injection Issue (14.11.2006)
 documentvannovax_(at)_gmail.com, Wordpress File Inclusion (14.11.2006)
 documentfirewall1954_(at)_hotmail.com, Exophpdesk V1.2 - Remote File Include (14.11.2006)
 documentphilipp.niedziela_(at)_gmx.de, PHPKit 1.6.1 RC2 (faq/faq.php) Remote SQL Injection Exploit (14.11.2006)
Files:phpManta - Mdoc 1.0
 AspPired2 Poll 1.0
 NuCommunity 1.0 (cl_CatListing.asp) Remote SQL Injection Exploit
 NuSchool 1.0 (CampusNewsDetails.asp) Remote SQL Injection Exploit
 shambo2 Component For Mambo 4.5 Remote File Inclusion Exploit
 phpwcms <= 1.2.6 (Cookie: wcs_user_lang) Local File Include Exploit
 Script Name: Munch Pro 1.0 (switch.asp) Remote SQL Injection Exploit
 NuRems 1.0 (propertysdetails.asp) Remote SQL Injection Exploit
 VBulletin DoS Exploit
 Rama CMS <= 0.68 (Cookie: lang) Local File Include Exploit
 PHPWind <= 5.0.1 "AdminUser" blind SQL injection exploit
 CMSmelborp(user_standard.php) Remote File Inclusion Exploit
 Quick.Cart <= 2.0 Remote Code Execution Exploit
 AspPortal Password Decrypter
 Online Event Registration <= v2.0 (save_profile.asp) Remote User Pass Change Exploit
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
 


Рейтинг@Mail.ru