Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:		12.02.2008
Source:
SecurityVulns ID:		8660
Type:		remote
Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Power Phlogger: crossite scripting, information leakage.

Affected:		VWAR : VWar 1.5
		PPHLOGGER : Power Phlogger 2.2
		SANDBOX : sandbox 1.4
		SIMPLEMACHINES : Simple Machines Forum 1.16
		MERCURY : Mercury 1.1
		MYLITTLEFORUM : my little forum 2.0

Original document		hackturkiye.hackturkiye_(at)_gmail.com, joomla (k12.tr)(com_iomezun)SQL Injection (12.02.2008)
		hackturkiye.hackturkiye_(at)_gmail.com, joomll(k12.tr)(com_mezun)SQL Injection (12.02.2008)
		hackturkiye.hackturkiye_(at)_gmail.com, joomla (k12.tr)(com_iomezun)SQL Injection (12.02.2008)
		hackturkiye.hackturkiye_(at)_gmail.com, Kommentare zum Download script SQL Injection (12.02.2008)
		db_(at)_rawsecurity.org, my little forum XSS (12.02.2008)
		rxhr_(at)_hotmail.com, aliboard Beta Upload Shell From ControlPanel (12.02.2008)
		no-reply_(at)_aria-security.net, Mercury v1.1.5 Send Message Cross-Site Scripting (12.02.2008)
		enterth3dragon_(at)_gmail.com, Simple Machines Forum "SMF Shoutbox" Mod Persistent XSS (12.02.2008)
		f10_(at)_by-f10.com, hi (12.02.2008)
		staad1_(at)_gmail.com, Default Multiple Joomla! Component com_rapidrecipe "user_id=" Remote SQL Inj. (12.02.2008)
		p_s3rver_(at)_yahoo.com, Vwar 1.5.0 (12.02.2008)
		MustLive, Vulnerabilities in Power Phlogger (12.02.2008)

Discuss:

Read or add your comments to this news (0 comments)