Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:16.11.2006
Source:
SecurityVulns ID:6830
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:FUNKYASP : FunkyASP Glossary 1.0
 BLOGME : Blogme 3
 FUTURETEC : E-Calendar Pro 3.0
 BLOO : Bloo 1.00
 TORRENTFLUX : TorrentFlux 2.2
 TORRENTFLUXB4RT : torrentflux-b4rt 2.1
Original documentdocumentAdvisory_(at)_Aria-Security.net, Xtreme ASP Photo Gallery Cross Site Scripting And SQL Injection (16.11.2006)
 documentlaurent gaffié, MetaCart e-Shop [multiples injection sql (get & post)] (16.11.2006)
 documentlaurent gaffié, E-commerce Kit 1 PayPal Edition [ injection sql ] (16.11.2006)
 documentwrit3r_(at)_gmail.com, TorrentFlux 2.2 Arbitrary File Creation/Overwrite/Deletion & Command Execution Vulnerablities (16.11.2006)
 documentthe_3dit0r_(at)_yahoo.com, Bloo => 1.00 Cross Site Scripting (16.11.2006)
 documentZDI, [Full-disclosure] ZDI-06-042: Verity Ultraseek Request Proxying Vulnerability (16.11.2006)
 documentlaurent gaffié, E-Calendar Pro 3.0 [ login bypass & injection sql (post)] (16.11.2006)
 documentlaurent gaffié, MultiCalendars [ multiples injection sql ] (16.11.2006)
 documentlaurent gaffié, Dragon calendar [ login bypass & injection sql ] (16.11.2006)
 documentlaurent gaffié, hpecs shopping cart[login bypass & injection sql (post)] (16.11.2006)
 documentlaurent gaffié, A-Cart pro[ injection sql (post&get)] (16.11.2006)
 documentlaurent gaffié, Property Site Manager [login bypass ,multiples injection sql & xss (get)] (16.11.2006)
 documentlaurent gaffié, A+ Store E-Commerce[ injection sql & xss (post) ] (16.11.2006)
 documentlaurent gaffié, Blogme v3 [admin login bypass & xss (post)] (16.11.2006)
 documentlaurent gaffié, FunkyASP Glossary v1.0 [injection sql] (16.11.2006)
 documentlaurent gaffié, Evolve Merchant[ injection sql ] (16.11.2006)
 documentlaurent gaffié, Car Site Manager [injection sql & xss (get)] (16.11.2006)
 documentlaurent gaffié, Inventory Manager [injection sql & xss (get)] (16.11.2006)
 documentAdvisory_(at)_Aria-Security.net, BPG Content Management System SQL Injection (16.11.2006)
 documentAdvisory_(at)_Aria-Security.net, Engine Manager SQL Injection (16.11.2006)
 documentAdvisory_(at)_Aria-Security.net, ECommerce Store Shop Builder (16.11.2006)
 documentAdvisory_(at)_Aria-Security.net, eShopping SQL Injection (16.11.2006)
 documentAdvisory_(at)_Aria-Security.net, Ustore SQL Injection (16.11.2006)
 documentAdvisory_(at)_Aria-Security.net, WWWeb Cocepts SQL Injection (16.11.2006)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod