Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:		09.03.2008
Source:
SecurityVulns ID:		8760
Type:		remote
Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Power Board: crossite scripting with flash files.

Affected:		HORDE : Horde 3.1
		WORDPRESS : WordPress 2.3

Original document		nbbn_(at)_gmx.net, WoltLab Burning Board Lite 2 Beta 1 Thread Delete CSRF Vulnerability (09.03.2008)
		nnposter_(at)_disclosed.not, Alkacon OpenCms logfileViewSettings.jsp XSS, file disclosure (09.03.2008)
		r080cy90r_(at)_gmail.com, PHP-Nuke KutubiSitte "kid" SQL Injection exploit code adding (09.03.2008)
		Hackers Center Security Group, Horde Webmail file inclusion proof of concept & patch. (09.03.2008)
		Hackers Center Security Group, WordPress Multiple Cross-Site Scripting Vulnerabilities (09.03.2008)
		lovebug_(at)_hotmail.it, PHP-Nuke KutubiSitte "kid" SQL Injection (09.03.2008)

Files:		PHP-NUKE KutubiSitte [kid] => SQL Injection
Discuss:		Read or add your comments to this news (0 comments)