Forum - Computer security: vulnerabilities and exploits database

[EN] securityvulns.ru
no-pyccku

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published: 22.07.2008
Source:
SecurityVulns ID: 9165
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. PostNuke: crossite scripting, automation protection bypass.

Affected: POSTNUKE : PostNuke 0.7
MYBLOG : MyBlog 0.9
INTERACT : Interact 2.4
flip : Flip 3.0
EASYPUBLISH : EasyPublish 3.0
EASYCARDS : Easyecards 310
EASYBOKMARKER : Easybookmarker 40
EASYDYNAMICPAGES : Easydynamicpages 30
SOCIALENGINE : SocialEngine 2.82

Original document Peter Wiesen, E-Mail header Injection in HiFriend (22.07.2008)

tim.loshak_(at)_gmail.com, Vulnerability: SocialEngine (SocialEngine.net) high risk security flaw (22.07.2008)

Digital Security Research Group [DSecRG], [DSECRG-08-031] Local File Include Vulnerability in Interact 2.4.1 (22.07.2008)

document admin_(at)_bugreport.ir, MyBlog <=0.9.8 Multiple Vulnerabilities (22.07.2008)

Ghost hacker, EZWebAlbum (dlfilename) Remote File Disclosure Vulnerability (22.07.2008)

irancrash_(at)_gmail.com, Easydynamicpages 30tr Multipe Vulerabilities ( Xss / Sql Injection Exploit / File Disclosure Exploit ) (22.07.2008)

document irancrash_(at)_gmail.com, Maran PHP Blog Xss By Khashayar Fereidani (22.07.2008)

irancrash_(at)_gmail.com, Easybookmarker 40tr Xss Vulnerability By Khashayar Fereidani (22.07.2008)

irancrash_(at)_gmail.com, Easyecards 310a Multipe Vulerabilities ( Xss / Sql Injection Exploit / File Disclosure Exploit ) By Khashayar Fereidani (22.07.2008)

document irancrash_(at)_gmail.com, EasyPublish 3.0tr Multiple Vulnerabilities ( Xss / Sql Injection Exploit / File Disclosure Exploit ) (22.07.2008)

Cru3l.b0y_(at)_gmail.com, Flip V3.0 final (22.07.2008)

MustLive, Vulnerabilities in PostNuke (22.07.2008)

Files: EasyPublish 3.0tr Exploit
Easyecards 310a Exploit
Easydynamicpages 30tr Exploit
Discuss: Read or add your comments to this news (0 comments)

Show		Threads
		Messages


Login:*		(Register)
Password:*
(private)	To:
(reply)	Subject:*
Text:

Main Forum (Eng) General security questions not appropriate for another forums.	3proxy Forum (Eng) All 3proxy question must be posted to this forum.	Bugs, Vulnerabilities, PoCs and Exploits (Eng) All vulnerability related questions, vulnerability digging and exploit creation.	Windows programming and administration (Eng) Administering Windows and application development.	Unix programming and administation (Eng) Administering Unix and application development.	Test forum Please post all test messages here. All test messages from different forums will be deteted.
Main Forum (Rus)	3proxy Forum (Rus)	Bugs, Vulnerabilities, PoCs and Exploits (Rus)	Windows programming and administration (Rus)	Unix programming and administation (Rus)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin