Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:		17.08.2006
Source:		BUGTRAQ
SecurityVulns ID:		6498
Type:		remote
Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected:		PHPAY : Phpay 2.02
		WIKIWEBWEAVER : WikiWebWeaver 1.0
		NETCOMMONS : NetCommons 1.0
		SPIDEYBLOG : Spidey Blog Script 1.5
		PHPROJEKT : PHProjekt 5.1
		ZENCART : Zen Cart 1.3
		OWL : Owl Intranet Knowledgebase 0.90
		DISCLOSER : Discloser 0.0

Original document		SECUNIA, [SA21517] OPT Max "CRM_inc" Parameter File Inclusion Vulnerability (17.08.2006)
		SECUNIA, [SA21519] Owl Intranet Engine Cross-Site Scripting and SQL Injection (17.08.2006)
		SECUNIA, [SA21454] phPay Open Mail Relay Vulnerability (17.08.2006)
		SECUNIA, [SA21484] Zen Cart SQL Injection and File Inclusion Vulnerabilities (17.08.2006)
		SECUNIA, [SA21526] PHProjekt "path_pre"/"lib_path" File Inclusion Vulnerabilities (17.08.2006)
		SECUNIA, [SA21482] Spidey Blog Script "pid" SQL Injection Vulnerability (17.08.2006)
		SECUNIA, [SA21445] NetCommons Unspecified Cross-Site Scripting Vulnerability (17.08.2006)
		crackers_child_(at)_sibersavascilar.com, HelpDesk.cgi Vulnerability (17.08.2006)
		crackers_child_(at)_sibersavascilar.com, WikiWebWeaver 1.0 beta 2 Upload Shell Vulnerability (17.08.2006)
		crackers_child_(at)_sibersavascilar.com, com_extcalendar(extcalendar.php) Remote File Include Vulnerabilities (17.08.2006)
		crackers_child_(at)_sibersavascilar.com, dwodp Mambo Component Remote File Include Vulnerabilities (17.08.2006)

Files:		Exploits discloser 0.0.4 Remote File Inclusion
Discuss:		Read or add your comments to this news (0 comments)