Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:		16.10.2006
Source:		BUGTRAQ
SecurityVulns ID:		6722
Type:		remote
Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected:		BUGZILLA : Bugzilla 2.18
		DIGITALHIVE : DigitalHive 2.0
		BUGZILLA : Bugzilla 2.20
		WEBSPELL : Webspell 4.01
		BACKEND : Back-end 0.4
		WBB : WoltLab Burning Book 1.1
		ASBRUSOFT : HardCore Web Content Editor 6.0
		DEFBLOG : Def-Blog 1.0
		BUGZILLA : Bugzilla 2.22
		BUGZILLA : Bugzilla 2.23

Original document		BUGZILLA, Security Advisory for Bugzilla 2.18.5, 2.20.2, 2.22, and 2.23.2 (16.10.2006)
		SYMANTEC, SYMSA-2006-010: Directory Traversal in IronWebMail (16.10.2006)
		MILW0RM, webSPELL <= 4.01.01 (getsquad) Remote SQL Injection Exploit (16.10.2006)
		SHiKaA-_(at)_hotmail.com, DigitalHive <= v2.0 RC2 (page) Remote File Inclusion Exploit (16.10.2006)
		SHiKaA-_(at)_hotmail.com, Def-Blog <= v1.0.1 (article) Remote SQL Injection Exploit (16.10.2006)
		SHiKaA-_(at)_hotmail.com, Def-Blog <= v1.0.1 (article) Remote SQL Injection Exploit (16.10.2006)
		security_(at)_nruns.com, [Full-disclosure] Asbru HardCore Web Content Editor - Command Injection (16.10.2006)
		SHANKAR, многочисленные уязвимости в WoltLab Burning Book <=1.1.2 (16.10.2006)

Files:		vbulletin Exploit Tool Box
		Back-end => 0.4.5 Remote File Include Vulnerability
		Exploits bbsNew => 2.0.1 Remote File Include Vulnerability
		woltlab.de burning book <=1.1.2 SQL and PHP injection PoC
Discuss:		Read or add your comments to this news (0 comments)