Forum - Computer security: vulnerabilities and exploits database

[EN] securityvulns.ru
no-pyccku

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published: 30.04.2007
Source: MILW0RM
SecurityVulns ID: 7652
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected: MYBB : MyBB 1.2
ESFORUM : EsForum 3.0
IMAGEVIEW : Imageview 5.3
TCEXAM : TCExam 4.0
WORLDPRESS : myGallery 1.2 module for Worldpress
BURNSTONE : burnCMS 0.2
JULMAJANNE : JulmaCMS 1.4
USPFOSS : USP FOSS Distribution 1.01
PAGODE : Pagode 0.5
SUPASITE : Supasite 1.23
POSTNUKE : pnFlashGames 1.5 module for PostNuke
FIREFLY : firefly 1.1
YUIEXT : ext 1.0
PHPBANDMANAGER : phpBandManager 0.8
WAVEWOO : wavewoo 0.1
AWBS : Advanced Webhost Billing System 2.4
GPB : GPB bulletin board 2001.11
WEBINSTA : WebInsta FM 0.1
JCCORP : jchit counter 1.0
PHPRING : PHP-Ring Webring System 0.9

Original document Dj7xpl, PHP-Ring Webring System 0.9 Remote SQL Injection Vulnerability (30.04.2007)

Dj7xpl, Maran PHP Forum (forum_write.php) Remote Code Execution Vulnerability (30.04.2007)

Dj7xpl, JChit counter 1.0.0 (imgsrv.php ac) Remote File Disclosure Vulnerability (30.04.2007)

ThE TiGeR, GPB bulletin board Remote file include (30.04.2007)

document DamaR, AWBS v2.4.0 Remote file include[cart2.php] (30.04.2007)

koray, phpBandManager 0.8 (index.php pg) Remote File Inclusion Vulnerability (30.04.2007)

Alkomandoz Hacker, ext 1.0 alpha1 (feed-proxy.php) Remote File Disclosure (30.04.2007)

Alkomandoz Hacker, firefly 1.1.01 <= Remote File Include Vulnerablitiy (30.04.2007)

document Alkomandoz Hacker, phporacleview => (page_dir) Remote File Inclusion Exploit (30.04.2007)

ilkerKandemir_(at)_mynet.com, EsForum 3.0 (forum.php idsalon) Remote SQL Injection Vulnerability (30.04.2007)

XORON, PostNuke pnFlashGames Module v1.5 REmote SQL Injection (30.04.2007)

document GolD_M, Supasite v1.23b <= Multiple Remote File Include Vulnerablitiy (30.04.2007)

GolD_M, Pagode 0.5.8(navigator_ok.php asolute)Remote File Disclosure (30.04.2007)

GolD_M, USP FOSS Distribution 1.01(download.php dnld)Remote File Disclosure (30.04.2007)

GolD_M, JulmaCMS 1.4(file.php file)Remote File Disclosure (30.04.2007)

document GolD_M, burnCMS <= 0.2(root)Remote File Include Vulnerablities (30.04.2007)

GolD_M, myGallery 1.2.1(myPath)Remote File Include Vulnerablity (30.04.2007)

DNX, Imageview v5.3 (fileview.php) Local File Inclusion (30.04.2007)

Files: TCExam <= 4.0.011 $_COOKIE["SessionUserLang"] shell injection exploit
Alessandro Lulli wavewoo Remote File Include Exploit
MyBulletinBoard <= 1.2.5 Remote SQL Injection Exploit
WebInsta FM <= 0.1.4 Remote File Inclusion Vulnerability
Discuss: Read or add your comments to this news (0 comments)

Show		Threads
		Messages


Login:*		(Register)
Password:*
(private)	To:
(reply)	Subject:*
Text:

Main Forum (Eng) General security questions not appropriate for another forums.	3proxy Forum (Eng) All 3proxy question must be posted to this forum.	Bugs, Vulnerabilities, PoCs and Exploits (Eng) All vulnerability related questions, vulnerability digging and exploit creation.	Windows programming and administration (Eng) Administering Windows and application development.	Unix programming and administation (Eng) Administering Unix and application development.	Test forum Please post all test messages here. All test messages from different forums will be deteted.
Main Forum (Rus)	3proxy Forum (Rus)	Bugs, Vulnerabilities, PoCs and Exploits (Rus)	Windows programming and administration (Rus)	Unix programming and administation (Rus)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

test server