Forum - Computer security: vulnerabilities and exploits database

[EN] securityvulns.ru
no-pyccku

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published: 13.08.2007
Source: BUGTRAQ
SecurityVulns ID: 8034
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected: JOOMLA : Joomla 1.0
WORDPRESS : WordPress Classic 1.5
LINKLISTE : Linkliste 1.2
PHPDVD : phpDVD 1.0
FCMS : Family Connections 0.1
SOTE : SOTEeSKLEP 3.1
SOTE : SOTEeSKLEP 3.5
LIB2PHP : Lib2 PHP 0.2
BEAUTIFIER : Beautifier 0.1
CVE: CVE-2007-4483 (Cross-site scripting (XSS) vulnerability in index.php in the WordPress Classic 1.5 theme in WordPress before 2.1.3 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO (PHP_SELF).)

Original document ilkerKandemir_(at)_mynet.com, mcNews (skinfile) Remote File Include Vulnerability (13.08.2007)

ilkerKandemir_(at)_mynet.com, Beautifier Version 0.1 Remote File Include Vulnerability // MefistoLabs.Com (13.08.2007)

ilkerKandemir_(at)_mynet.com, Lib2 PHP v0.2 (DOCUMENT_ROOT) Remote File Inclusion Vulnerability (13.08.2007)

theoden_(at)_interia.pl, SOTEeSKLEP Remote File Disclosure Vulnerability (13.08.2007)

vasodipandora_(at)_gmail.com, php-stats xss whois.php (13.08.2007)

router_(at)_email.si, Joomla 1.0.12 CMS - Session fixation Issue in backend Administration interface (13.08.2007)

document ilkerKandemir_(at)_mynet.com, FCMS (Family Connections) <= 0.1.1 Remote Command Execution Exploit // www.MefistoLabs.com (13.08.2007)

ilkerKandemir_(at)_mynet.com, phpDVD v1.0.4 (dvd_config_file) Remote File Include Exploit (13.08.2007)

rizgar_(at)_linuxmail.org, Best Top List Remote File Upload Vulnerability (13.08.2007)

document Ivan Niiiil, 0day Linkliste Version 1.2 Remote File Include by iNs (13.08.2007)

MustLive, Vulnerability in theme WordPress Classic 1.5 (13.08.2007)

Files: phpDVD v1.0.4 (dvd_config_file) Remote File Include Exploit
FCMS (Family Connections) <= 0.1.1 Remote Command Execution Exploit // www.MefistoLabs.com
Discuss: Read or add your comments to this news (0 comments)

Show		Threads
		Messages


Login:*		(Register)
Password:*
(private)	To:
(reply)	Subject:*
Text:

Main Forum (Eng) General security questions not appropriate for another forums.	3proxy Forum (Eng) All 3proxy question must be posted to this forum.	Bugs, Vulnerabilities, PoCs and Exploits (Eng) All vulnerability related questions, vulnerability digging and exploit creation.	Windows programming and administration (Eng) Administering Windows and application development.	Unix programming and administation (Eng) Administering Unix and application development.	Test forum Please post all test messages here. All test messages from different forums will be deteted.
Main Forum (Rus)	3proxy Forum (Rus)	Bugs, Vulnerabilities, PoCs and Exploits (Rus)	Windows programming and administration (Rus)	Unix programming and administation (Rus)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin