Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:		16.06.2008
Source:
SecurityVulns ID:		9088
Type:		remote
Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Power Phlogger - information leak, crossite scripting. Simple Machines - crossite scripting.

Affected:		SIMPLEMACHINES : Simple Machines Forum 1.1
		PRENEWSMANAGER : Pre News Manager 1.0
		POWERPHLOGGER : Power Phlogger 2.2
		AZIMYT : Open Azimyt CMS 0.21
		AZIMYT : Open Azimyt CMS 0.22
		PREADSPORTAL : Pre Ads Portal 2.0

Original document		Jose Luis Góngora Fernández, E-SMART CART (productsofcat.asp) Remote SQL Injection Vulnerability (16.06.2008)
		Eduardo Jorge, Muitiple XSS - Glassfish Web Interface (Sun Java System Application Server 9.1_01 (build b09d-fcs) ) (16.06.2008)
		Jose Luis Góngora Fernández, PHP JOBWEBSITE PRO (JobSearch3.php) SQL Injection Vulnerability (16.06.2008)
		erdc_(at)_echo.or.id, [ECHO_ADV_98$2008] Pre Ads Portal <= 2.0 Sql Injection Vulnerability (16.06.2008)
		erdc_(at)_echo.or.id, [ECHO_ADV_97$2008] Pre News Manager <= 1.0 (index.php id) Sql Injection Vulnerability (16.06.2008)
		Digital Security Research Group [DSecRG], [DSECRG-08-026] LFI in Open Azimyt CMS 0.22 (16.06.2008)
		irancrash_(at)_gmail.com, VistaReseller Panel BETA Xss Vulnerability (16.06.2008)
		elektronic_(at)_antichat.ru, SMF <= 1.1.4 COOKIE[topic] SQL-Injection Exploit (16.06.2008)
		MustLive, Multiple new vulnerabilities in Power Phlogger (16.06.2008)

Files:		SMF <= 1.1.4 SQL Injection Exploit
Discuss:		Read or add your comments to this news (0 comments)