Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:		29.01.2008
Source:
SecurityVulns ID:		8614
Type:		remote
Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected:		PHPCMS : phpCMS 1.2
		MAMBO : Mambo 4.6
		ETICKET : eTicket 1.5
		PHPIP : phpIP 4.3
		CLANSPHERE : ClanSphere 2007.4
		WBB : WoltLab Burning Board 30
		SUNGUARDHE : Banner -- Student 7.2
		NUCLEUSCMS : Nucleus CMS 3.31

Original document		Digital Security Research Group [DSecRG], Nucleus 3.31 XSS in path (29.01.2008)
		Digital Security Research Group [DSecRG], Remote File Disclosure in phpCMS 1.2.2 (29.01.2008)
		banner_(at)_ch4n.org, CSRF/XSS in Sungard Banner (29.01.2008)
		Sw33t.h4cK3r_(at)_hotmail.com, VB Marketing "tseekdir.cgi" Local File Inclusion (29.01.2008)
		nbbn_(at)_gmx.net, WoltLab Burning Board 3.x.x Private Message Delete XSRF Vulnerability (29.01.2008)
		milad_sa2007_(at)_yahoo.com, ASPired2Protect bypass (29.01.2008)
		Alessandro Tanasi, eTicket 'index.php' Cross Site Scripting Path Vulnerability (29.01.2008)
		p4imi0, ClanSphere 2007.4.4 Remote File Disclosure Vulnerability. (29.01.2008)
		admin_(at)_bugreport.ir, Mambo 4.6.3 Path Disclosure, XSS , XSRF, DOS (29.01.2008)
		Charles Hooper, phpIP 4.3.2 - Numerous SQL Injection Vulnerablities (29.01.2008)

Discuss:

Read or add your comments to this news (0 comments)