Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:01.12.2006
Source:
SecurityVulns ID:6879
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:WOLTLAB : Woltlab Burning Board 2.3
 INVISION : Invision Gallery 2.0
 SEDITIO : Seditio 1.10
 ALEXGUESTBOOK : @lex Guestbook 4.0
 INVISION : Invision Community Blog Mod 1.2
 LIFETYPE : Lifetype 1.1
 CLANPORTAL : Clanportal 1.3
Original documentdocumentTim Weber, [Full-disclosure] deV!L`z Clanportal - Arbitrary File Upload [061124b] (01.12.2006)
 documentTonu Samuel, [Full-disclosure] phpmyfaq exploit using PHP bug, CVE-2006-1490 (01.12.2006)
 documentinfection_(at)_mail.kz, Invision Gallery 2.0.7 SQL Injection Vulnerability (01.12.2006)
 documentJesper Jurcenoks, LifeType version 1.1.2 Multiple Path Disclosure Vulnerabilities (01.12.2006)
 documentblueshisha_(at)_safe-mail.net, Woltlab Burning Board 2.3.X XSS Vulnerability (0-Day) FIXED VERSION (01.12.2006)
 documentajannhwt_(at)_hotmail.com, LDU <= 8.x (polls.php) Remote SQL Injection Vulnerability (01.12.2006)
 documentcapt.nem0_(at)_gmx.de, contentserv 4.x (01.12.2006)
 documentinfection_(at)_mail.kz, Invision Community Blog Mod 1.2.4 .PHP SQL Injection Vulnerability (01.12.2006)
 documentajannhwt_(at)_hotmail.com, Seditio <= 1.10 (pollid) Remote SQL Injection Vulnerability (01.12.2006)
 documentMr_KaLiMaN, @lex Guestbook 4.0.1 : Full Path Disclosure & XSS (01.12.2006)
 documentMr_KaLiMaN, @lex Guestbook 4.0.1 : Full Path Disclosure & XSS (01.12.2006)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod