Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:24.04.2007
Source:
SecurityVulns ID:7630
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:LMS : lms 1.5
 ESFORUM : EsForum 3.0
 RIPECMS : Ripe Website Manager 0.8
 JOOMLA : Joomla 1.5
 BIBTEX : bibtex mase 2.0
 TOUTJAVASCRIPT : TJSChat 0.95
 ACVS : acvsws_php5 1.0
 PHPMYSPACE : phpMySpace Gold 8.10
 POSTREVOLUTION : Post Revolution 6.6
 POSTREVOLUTION : Post Revolution 7.0
 YABOOK : YA Book 0.98
Original documentdocumentomnipresent_(at)_email.it, YA Book Persistent XSS Bug (24.04.2007)
 documentInyeXion_(at)_gmail.com, Post Revolution Remote File Inclusion (24.04.2007)
 documentjohn_(at)_martinelli.com, phpMySpace Gold (v8.10) - Blind SQL/XPath Injection Exploit (24.04.2007)
 documentHACKERS PAL, DmCMS Shell Uploading (24.04.2007)
 documentMohandko_(at)_Gmail.com, acvsws_php5_v1.0 <= Multiple Remote File Include Vulnerablitiy (24.04.2007)
 documentthe_3dit0r_(at)_yahoo.com, TJSChat Version 0.95 Cross Site Scripting (24.04.2007)
 documentseko_(at)_se-ko.info, Big Blue Guestbook HTML Injection Vulnerabilities (24.04.2007)
 documentInyeXion_(at)_gmail.com, bibtex mase Remote File Inclusion (24.04.2007)
 documentOmid, Remote file inclusion in Joomla 1.5.0 Beta (24.04.2007)
 documentMohandko_(at)_Gmail.com, c-arbre <= Multiple Remote File Include Vulnerablitiy (24.04.2007)
 documentjohn_(at)_martinelli.com, Ripe Website Manager (<= 0.8.4) - SQL Injection Vulnerability and Cross-Site Scripting Exploit (24.04.2007)
 documentInyeXion_(at)_gmail.com, File117 Remote File Inclusion (24.04.2007)
 documentMohandko_(at)_Gmail.com, PHPMyBibli <= Multiple Remote File Include (24.04.2007)
 documentInyeXion_(at)_gmail.com, lms 1.5.3 Remote File Inclusion (24.04.2007)
 documentMohandko_(at)_Gmail.com, claroline <= Multiple Remote File Include Vulnerablitiy (24.04.2007)
 documentasdasd asdsadas, Allfaclassfieds (level2.php dir) remote file inclusion (24.04.2007)
Files:Ripe Website Manager (<= 0.8.4) - SQL Injection Vulnerability and Cross-Site Scripting Exploit
 DmCMS Shell Upload exploit
 phpMySpace Gold (v8.10) - Blind SQL/XPath Injection Exploit

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod