Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:11.06.2007
Source:
SecurityVulns ID:7789
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:MYBLOGGIE : myBloggie 2.1
 WORDPRESS : WordPress 2.0
 PHPWEBTHINGS : phpWebThings 1.5
 WORDPRESS : WordPress 2.2
 LIGHTBLOG : Light Blog 4.1
 W1L3D4 : W1L3D4 WEBmarket 0.1
 ATOMPHOTOBLOG : Atom Photoblog 1.0
 WEBMASTER : Wms-CMS 2.0
 VSUPPORT : vSupport Integrated Ticket System 3.0
 CYNUX : PHPMyDesk 1.0
 ZENHELPDESK : Zen Help Desk 2.1
 AMERICANFINANCIN : Link Request Contact Form 3.4
 JFFNMS : jffnms 0.8
Original documentdocumentJohn Smith, [Full-disclosure] Wordpress default theme XSS (admin) and other problems (11.06.2007)
 documenttitanichacker titanichacker, phpWebThings ==>1.5.2 RFI (11.06.2007)
 documenttitanichacker titanichacker, Zen Help Desk ==> Version 2.1 Bypass/ (11.06.2007)
 documenttitanichacker titanichacker, PHPMyDesk Beta Release 1.0b ==> RFI (11.06.2007)
 documentJohn Smith, Wordpress default theme XSS (admin) and other problems (11.06.2007)
 documentstormhacker_(at)_hotmail.com, vSupport Integrated Ticket System 3.*.* SQL injection (11.06.2007)
 documentyaser_(at)_gencturk.net, myBloggie 2.1.5 Remote File Include (11.06.2007)
 documentls_(at)_calima.serapis.net, Atom PhotoBlog v1.0.9 XSS vulnerability (11.06.2007)
 documentglafkos_(at)_infosec.org.uk, WmsCMS < = 2.0 Multiple XSS Vulnerabilities (11.06.2007)
 documentDj_ReMix_20_(at)_hotmail.com, W1L3D4 WEBmarket Remote SQL İnjection (11.06.2007)
 documentDj_ReMix_20_(at)_hotmail.com, Hnkaray Duyuru Script Remote SQL İnjection (11.06.2007)
 documentDaniel Cid, Remote log injection on DenyHosts, Fail2ban and BlockHosts (11.06.2007)
 documenthack2prison_(at)_yahoo.com, ASP Folder Gallery Vulnerabilities (11.06.2007)
 documentls_(at)_calima.serapis.net, Light Blog 4.1 XSS Vulnerability (11.06.2007)
 documents0cratex_(at)_hotmail.com, Comicsense SQL Injection Advisory/Exploit (11.06.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod