Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published: 26.12.2006
Source:
SecurityVulns ID: 6973
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected: PHPLIVE : PHP Live! 3.2
CHATWM : chatwm 1.0
FISHYSHOOP : Fishyshoop 0.930
TIMBERWOLF : TimberWolf 1.2
CAHIERDETEXTES : Cahier de textes 2.0
PHPCMS : phpcms 1.1
PHPBBXTRA : PhpbbXtra 2.0
LOGAHEAD : logahead 1.0
CMSMADESIMPLE : CMS Made Simple 1.0
LUCKYBOT : LuckyBot 3

Original document SECUNIA, [SA23507] pnamazu Unspecified Cross-Site Scripting Vulnerability (26.12.2006)

i-k-t_(at)_hotmail.com, LuckyBot v3 Remote File Include (26.12.2006)

Curtis Zimmerman, XSS - CMS Made Simple v1.0.2 (26.12.2006)

nospam_(at)_google.com, HLStats Remote SQL Injection Exploit (26.12.2006)

document CorryL, [Full-disclosure] logahead UNU edition 1.0 Remote upload file & code execution (26.12.2006)

XORON, PhpbbXtra v2.0 (phpbb_root_path) Remote File Include Vulnerability (26.12.2006)

Zarloule04_(at)_gmail.com, phpcms <=- 1.1.7 Remote File Inclusion (26.12.2006)

Hackers Center Security Group, PHP Live! 3.2.2 Multiple Cross-Site Scripting Vulnerabilities (26.12.2006)

document ashraf1984_(at)_hotmail.com, XSS with Vbulletin (new idea !) (26.12.2006)

firewall1954_(at)_hotmail.com, Forum AnyBoard - Sql Inyection By Firewall (26.12.2006)

CorryL, TimberWolf 1.2.2 vulnerable to XSS (26.12.2006)

James Gray, Fishyshoop Security Vulnerability (26.12.2006)

document ShaFuq31_(at)_HoTMaiL.CoM, Chatwm V1.0 SqL Injection Vuln. (26.12.2006)

Files: Cahier de texte V2.2 Bypass general access protection exploit
Fishyshoop Proof of Concept
Discuss: Read or add your comments to this news (0 comments)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin