Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:26.12.2006
Source:
SecurityVulns ID:6973
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:PHPLIVE : PHP Live! 3.2
 CHATWM : chatwm 1.0
 FISHYSHOOP : Fishyshoop 0.930
 TIMBERWOLF : TimberWolf 1.2
 CAHIERDETEXTES : Cahier de textes 2.0
 PHPCMS : phpcms 1.1
 PHPBBXTRA : PhpbbXtra 2.0
 LOGAHEAD : logahead 1.0
 CMSMADESIMPLE : CMS Made Simple 1.0
 LUCKYBOT : LuckyBot 3
Original documentdocumentSECUNIA, [SA23507] pnamazu Unspecified Cross-Site Scripting Vulnerability (26.12.2006)
 documenti-k-t_(at)_hotmail.com, LuckyBot v3 Remote File Include (26.12.2006)
 documentCurtis Zimmerman, XSS - CMS Made Simple v1.0.2 (26.12.2006)
 documentnospam_(at)_google.com, HLStats Remote SQL Injection Exploit (26.12.2006)
 documentCorryL, [Full-disclosure] logahead UNU edition 1.0 Remote upload file & code execution (26.12.2006)
 documentXORON, PhpbbXtra v2.0 (phpbb_root_path) Remote File Include Vulnerability (26.12.2006)
 documentZarloule04_(at)_gmail.com, phpcms <=- 1.1.7 Remote File Inclusion (26.12.2006)
 documentHackers Center Security Group, PHP Live! 3.2.2 Multiple Cross-Site Scripting Vulnerabilities (26.12.2006)
 documentashraf1984_(at)_hotmail.com, XSS with Vbulletin (new idea !) (26.12.2006)
 documentfirewall1954_(at)_hotmail.com, Forum AnyBoard - Sql Inyection By Firewall (26.12.2006)
 documentCorryL, TimberWolf 1.2.2 vulnerable to XSS (26.12.2006)
 documentJames Gray, Fishyshoop Security Vulnerability (26.12.2006)
 documentShaFuq31_(at)_HoTMaiL.CoM, Chatwm V1.0 SqL Injection Vuln. (26.12.2006)
Files:Fishyshoop Proof of Concept
 Cahier de texte V2.2 Bypass general access protection exploit

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod