Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:06.07.2007
Source:
SecurityVulns ID:7899
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:WEBMIN : Webmin 1.340
 ASTERIDEX : AsteriDex 3.0
 ENVIVOSOFT : enVivo!CMS Classic v3.54
CVE:CVE-2007-3156 (Multiple cross-site scripting (XSS) vulnerabilities in pam_login.cgi in Webmin before 1.350 and Usermin before 1.280 allow remote attackers to inject arbitrary web script or HTML via the (1) cid, (2) message, or (3) question parameter. NOTE: some of these details are obtained from third party information.)
Original documentdocumentdurito, SQL-инъекция в enVivo!CMS (06.07.2007)
 documentCarl Livitt, AsteriDex (Asterisk / Trixbox) remote code execution (06.07.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod