Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published: 20.11.2006
Source: BUGTRAQ
SecurityVulns ID: 6845
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected: ACART : A-Cart 2.0
ADVANCEDPOLL : Advanced Poll 2.0
GPHOTOS : GPhotos 1.5
BLOGCMS : BLOG:CMS 4.1
VIKINGBOARD : Vikingboard 0.1
TRAVELSIZEDCMS : travelsized cms 0.4
OXYGEN : Oxygen 1.1
ASPNUKE : ASPNuke 0.80
PHPQUICKGALLERY : PHPQuickGallery 1.9
PHPWEBTHINGS : phpWebThings 1.5
PHPEASYDOWNLOAD : PHP Easy Download 1.5

Original document beks beks beks, Advanced Poll 2.0.7 Remote File Include Vulnerability (20.11.2006)

nuffsaid, phpWebThings 1.5.2 (editor.php) Remote File Include Vulnerability (20.11.2006)

Al7ejaz Hacker, PHPQuickGallery <= 1.9 (textFile) Remote File Include Vulnerability (20.11.2006)

ajannhwt_(at)_hotmail.com, ASPNuke <= 0.80 (register.asp) Remote SQL Injection Vulnerability (20.11.2006)

document Advisory_(at)_Aria-Security.net, A-Cart 2.0 SQL Injection (20.11.2006)

Advisory_(at)_Aria-Security.net, [Aria-Security's Research Team] Texas Rank'em SQL Injection Vulnerabilite (20.11.2006)

bluespy.ok_(at)_gmail.com, PhpBB Module Dimension Remote File Include (20.11.2006)

document Advisory_(at)_Aria-Security.net, [Aria-Security's Research Team] ActiveNews Manager SQL Injection Vulnerabilite (20.11.2006)

katatafish_(at)_hush.com, BLOG:CMS <= 4.1.3 XSS (20.11.2006)

laurent gaffié, Vikingboard (0.1.2) [ multiples vulnerability ] (20.11.2006)

pagvacito, Sage cross-context scripting -> LOCAL-CONTEXT SCRIPTING (20.11.2006)

document Advisory_(at)_Aria-Security.net, A-Cart PRO SQL Injection (20.11.2006)

Aesthetico, [MajorSecurity Advisory #36]dev4u CMS - Multiple SQL Injection and Cross Site Scripting Issues (20.11.2006)

Aesthetico, [MajorSecurity Advisory #35]Travelsized CMS - Multiple Cross Site Scripting Issues (20.11.2006)

Files: PhpQuickGallery <= 1.9 Remote File Inclusion Exploit
Exploits PHP Easy Download <= 1.5 Remote Code Execution Vulnerability
Exploits Oxygen <= 1.1.3 (O2PHP Bulletin Board) SQL Injection
Discuss: Read or add your comments to this news (0 comments)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin