Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) updated since 05.12.2007
Published:		05.12.2007
Source:
SecurityVulns ID:		8403
Type:		remote
Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected:		PHPMYCHAT : phpMyChat 0.14
		JOOMLA : Joomla 1.5
		WORDPRESS : WordPress 2.3
		BEEHIVEFORUM : Beehive Forum 0.7
		SNITZ : snitz 2000
		XIGLA : Absolute News Manager.NET 5.1
		JOOMLA : rsgallery 2.0 component for Joomla
CVE:		CVE-2007-6014

Original document		beenudel1986_(at)_gmail.com, Blind Sql-Injection in Joomla 1.5 RC3 (05.12.2007)
		erdc_(at)_echo.or.id, [ECHO_ADV_86$2007] Mambo/Joomla Component rsgallery <= 2.0 beta 5 (catid) Remote SQL Injection Vulnerability (05.12.2007)
		beenudel1986_(at)_gmail.com, Sql Injection in wordpress 2.3.1 (05.12.2007)
		beenudel1986_(at)_gmail.com, RFI and Multiple XSS in PhpMyChat (05.12.2007)
		admin_(at)_bugreport.ir, Snitz2000 SQL Injection: A user can gain admin level (05.12.2007)
		ProCheckUp Research, PR07-39: Multiple vulnerabilities on Absolute News Manager.NET 5.1 including file retrieval and SQL injection (05.12.2007)
		SYMANTEC, SYMSA-2007-014: SQL Injection Vulnerability in Beehive Forum Software (05.12.2007)

Discuss:

Read or add your comments to this news (0 comments)