Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:18.11.2006
Source:
SecurityVulns ID:6839
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:WORDPRESS : WordPress 2.0
 MGAPPLANIX : mg.applanix 1.3
 DOSEPA : DoSePa 1.0
 UPLOADTOOL : HTTP Upload Tool For PHP 1.0
 MINIOPENCMS : Mini Open CMS 1.0
 POWIE : Powie's PHP Forum 1.29
 POWIE : Powie's PHP MatchMaker 4.05
 MXBB : mxBB calsnails module 1.06
 ECCUBE : EC-CUBE 1.0
Original documentdocumentSECUNIA, [SA22925] EC-CUBE Unspecified Cross-Site Scripting Vulnerability (18.11.2006)
 documentbd0rk_(at)_hackermail.com, mxBB calsnails module 1.06 Remote File Inclusion Vulnerability (18.11.2006)
 documentSHiKaA-_(at)_hotmail.com, Powie's PHP MatchMaker <= v4.05 (matchdetail) Remote SQL Injection Exploit (18.11.2006)
 documentSHiKaA-_(at)_hotmail.com, Powie's PHP Forum <= v1.29a (editpoll) Remote SQL Injection Exploit (18.11.2006)
 documentCraig Heffner, HTTP Upload Tool (download.php) Information Disclosure Vulnerability (18.11.2006)
 documentCraig Heffner, DoSePa 1.0.4 (textview.php) Information Disclosure Vulnerability (18.11.2006)
 documentv1per-haCker, mg.applanix (RFI) (18.11.2006)
 documentlaurent gaffié, Dating Site [ login bypass & xss] (18.11.2006)
 documentlaurent gaffié, Infinitytechs Restaurants CM (18.11.2006)
 documentlaurent gaffié, 20/20 datashed [ multiples injection sql ] (18.11.2006)
 documentlaurent gaffié, Aspmforum [ multiples injection sql (get&post)] (18.11.2006)
 documentlaurent gaffié, 20/20 real estate [ multiples injection sql ] (18.11.2006)
 documentlaurent gaffié, 20/20 auto gallery [ multiples injection sql ] (18.11.2006)
 documentAdvisory_(at)_Aria-Security.net, [Aria-Security] CPanel Network Tools Cross Site Scripting [Advisory] (18.11.2006)
 documentGENTOO, [ GLSA 200611-10 ] WordPress: Multiple vulnerabilities (18.11.2006)
 documentlaurent gaffié, Active News Manager [ injection sql (post&get)] (18.11.2006)
Files:MosReporter Joomla Component Remote File Inclusion Exploit
 Mini Open CMS <= 1.0.0 Local File Include Exploit

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod