Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:		11.09.2007
Source:		BUGTRAQ
SecurityVulns ID:		8131
Type:		remote
Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected:		DIRECTADMIN : DirectAdmin 1.30
		OLATE : Olate Download 3.4
		ROIREVOLUTION : Urchin 5.6
		INTERSPIRE : ActiveKB NX 2.5
		CARE2X : CARE2X 2.2
		TOMS : Toms Gastebuch 1.0
		NETJUKE : Netjuke 1.0
		PHPMYQUOTE : phpMyQuote 0.20
		HUSREV : Husrev Forums 2.0
		PROXYANKET : Proxy Anket 3.0
		NUCLEARBB : NuclearBB Alpha 2

Original document		Advisory_(at)_Aria-Security.net, [Aria-Security Team] social-networkin SQL Injection (11.09.2007)
		b14ck1c3_(at)_hotmail.com, NuclearBB Alpha 2 Remote File Inclusion (11.09.2007)
		yollubunlar_(at)_yollubunlar.org, Husrev Forums v2.0.1:PoWerBoard Sql (11.09.2007)
		yollubunlar_(at)_yollubunlar.org, Proxy Anket v3.0.1 Sql injection Vulnerable (11.09.2007)
		yollubunlar_(at)_yollubunlar.org, phpMyQuote 0.20 Version Multiple Sql And Xss Vulnerabilities (11.09.2007)
		cod3in_(at)_gmail.com, Netjuke 1.0-rc2 - sql injection & XSS (11.09.2007)
		cod3in_(at)_gmail.com, Toms Gstebuch 1.00 - XSS (11.09.2007)
		imei, Olate Download 3.4.2~uploads folder ~ directory traversal (11.09.2007)
		imei, Olate Download 3.4.2 ~ userupload.php ~ Upload Executable Files (11.09.2007)
		home_edition2001_(at)_irc.mildnet.org, SolpotCrew Advisory #15 (home_edition2001) - Weblogicnet (files_dir) Remote File Inclusion (11.09.2007)
		Ivan Niiiil, CARE2X php Integ Hospital Info System 2G Deployment 2.2 Multi Remote File Include (11.09.2007)
		Ivan Niiiil, CRS Manager ($DOCUMENT_ROOT) Multi Remote File Include (11.09.2007)
		r0t, DirectAdmin <= v1.30.2 XSS vuln. (11.09.2007)
		noname indexed, XSS UMI CMS (11.09.2007)
		durito, XXS в ActiveKB NX 2.5.4 (11.09.2007)
		r0t, Urchin Multiple XSS vuln. (11.09.2007)

Discuss:

Read or add your comments to this news (0 comments)