Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:31.07.2007
Source:
SecurityVulns ID:7993
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:DRUPAL : Drupal 4.7
 JOOMLA : Joomla 1.0
 VBULLETIN : vBulletin 3.6
 FRIENDSCRIPT : Friend Script 2.5
 ITCMS : itcms 0.2
 DRUPAL : drupal 5.2
 PHPWEBFILEMANAGE : phpWebFileManager 0.5
 MADOAPOLL : Madoa Poll 1.1
 PHORUM : Phorm 3.0
 PHPVOTER : phpVoter 0.6
 DORAELMAK : Dora Emlak 1.0
Original documentdocumentilkerKandemir_(at)_mynet.com, BellaBook Admin Bypass/Remote Code Execution (31.07.2007)
 documentilkerKandemir_(at)_mynet.com, BellaBiblio Admin Login Bypass (31.07.2007)
 documentRaeD Hasadya, RFI ====> vBulletin v3.6.5 (31.07.2007)
 documentilkerKandemir_(at)_mynet.com, Dora Emlak Script v1.0 (tr) Admin Login ByPass (31.07.2007)
 documentilkerKandemir_(at)_mynet.com, phpVoter v0.6 Remote File Include Vulnerability (31.07.2007)
 documentilkerKandemir_(at)_mynet.com, Phorm v3.0 Remote File Upload Vulnerability (31.07.2007)
 documentilkerKandemir_(at)_mynet.com, Madoa Poll v1.1 Remote File Include Vulnerabilities (31.07.2007)
 documentilkerKandemir_(at)_mynet.com, phpWebFileManager v0.5 (PN_PathPrefix) Remote File Include Vulnerability (31.07.2007)
 documentilkerKandemir_(at)_mynet.com, RIG Image Gallery (dir_abs_src) Remote File Include Vulnerability (31.07.2007)
 documentDRUPAL, [DRUPAL-SA-2007-017] Drupal 5.2 fixes multiple CSRF vulnerabilities (31.07.2007)
 documentDRUPAL, [DRUPAL-SA-2007-018] Drupal 4.7.7 and 5.2 fix multiple cross site scripting vulnerabilities (31.07.2007)
 documentk1tk4t_(at)_newhack.org, wolioCMS SQL Injection (31.07.2007)
 documentHACKERS PAL, Joomla multiple vulerabilities (31.07.2007)
 documenth4ck3riran_(at)_yahoo.com, [Aria-security] community Cross-site Scripting (XSS) (31.07.2007)
 documentAdvisory_(at)_Aria-Security.net, E-commerceScripts ALL Apps (Auction Script, Shopping Cart Script and Multi-Vendor E-Shop Script) admin.aspx SQL (31.07.2007)
 documenth4ck3riran_(at)_yahoo.com, [Aria-security] itcms 0.2 Cross-site Scripting (XSS) (31.07.2007)
 documentyollubunlar_(at)_yollubunlar.org, Friend Script 2.5 - 2.4 Remote File İnclude (31.07.2007)
Files:BellaBook Admin Bypass/Remote Code Execution

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod