Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published: 01.12.2006
Source:
SecurityVulns ID: 6879
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected: WOLTLAB : Woltlab Burning Board 2.3
INVISION : Invision Gallery 2.0
SEDITIO : Seditio 1.10
ALEXGUESTBOOK : @lex Guestbook 4.0
INVISION : Invision Community Blog Mod 1.2
LIFETYPE : Lifetype 1.1
CLANPORTAL : Clanportal 1.3

Original document Tim Weber, [Full-disclosure] deV!L`z Clanportal - Arbitrary File Upload [061124b] (01.12.2006)

Tonu Samuel, [Full-disclosure] phpmyfaq exploit using PHP bug, CVE-2006-1490 (01.12.2006)

infection_(at)_mail.kz, Invision Gallery 2.0.7 SQL Injection Vulnerability (01.12.2006)

document Jesper Jurcenoks, LifeType version 1.1.2 Multiple Path Disclosure Vulnerabilities (01.12.2006)

blueshisha_(at)_safe-mail.net, Woltlab Burning Board 2.3.X XSS Vulnerability (0-Day) FIXED VERSION (01.12.2006)

ajannhwt_(at)_hotmail.com, LDU <= 8.x (polls.php) Remote SQL Injection Vulnerability (01.12.2006)

document capt.nem0_(at)_gmx.de, contentserv 4.x (01.12.2006)

infection_(at)_mail.kz, Invision Community Blog Mod 1.2.4 .PHP SQL Injection Vulnerability (01.12.2006)

ajannhwt_(at)_hotmail.com, Seditio <= 1.10 (pollid) Remote SQL Injection Vulnerability (01.12.2006)

Mr_KaLiMaN, @lex Guestbook 4.0.1 : Full Path Disclosure & XSS (01.12.2006)

document Mr_KaLiMaN, @lex Guestbook 4.0.1 : Full Path Disclosure & XSS (01.12.2006)

Discuss: Read or add your comments to this news (0 comments)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

Links
download free fetish movies

test server