Computer Security
[EN] no-pyccku

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
SecurityVulns ID:8034
Threat Level:
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:JOOMLA : Joomla 1.0
 WORDPRESS : WordPress Classic 1.5
 LINKLISTE : Linkliste 1.2
 PHPDVD : phpDVD 1.0
 FCMS : Family Connections 0.1
 LIB2PHP : Lib2 PHP 0.2
 BEAUTIFIER : Beautifier 0.1
CVE:CVE-2007-4483 (Cross-site scripting (XSS) vulnerability in index.php in the WordPress Classic 1.5 theme in WordPress before 2.1.3 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO (PHP_SELF).)
Original documentdocumentilkerKandemir_(at), mcNews (skinfile) Remote File Include Vulnerability (13.08.2007)
 documentilkerKandemir_(at), Beautifier Version 0.1 Remote File Include Vulnerability // MefistoLabs.Com (13.08.2007)
 documentilkerKandemir_(at), Lib2 PHP v0.2 (DOCUMENT_ROOT) Remote File Inclusion Vulnerability (13.08.2007)
 documenttheoden_(at), SOTEeSKLEP Remote File Disclosure Vulnerability (13.08.2007)
 documentvasodipandora_(at), php-stats xss whois.php (13.08.2007)
 documentrouter_(at), Joomla 1.0.12 CMS - Session fixation Issue in backend Administration interface (13.08.2007)
 documentilkerKandemir_(at), FCMS (Family Connections) <= 0.1.1 Remote Command Execution Exploit // (13.08.2007)
 documentilkerKandemir_(at), phpDVD v1.0.4 (dvd_config_file) Remote File Include Exploit (13.08.2007)
 documentrizgar_(at), Best Top List Remote File Upload Vulnerability (13.08.2007)
 documentIvan Niiiil, 0day Linkliste Version 1.2 Remote File Include by iNs (13.08.2007)
 documentMustLive, Vulnerability in theme WordPress Classic 1.5 (13.08.2007)
Files:FCMS (Family Connections) <= 0.1.1 Remote Command Execution Exploit //
 phpDVD v1.0.4 (dvd_config_file) Remote File Include Exploit

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod