Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:15.10.2007
Source:
SecurityVulns ID:8253
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:AMPACHE : ampache 3.3
 EXTREMAIL : eXtremail 2.1
 PHPFILESADMIN : PHP File Sharing System 1.5
CVE:CVE-2008-3929 (gather-messages.sh in Ampache 3.4.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/filelist temporary file.)
Original documentdocumentFabio N Sarmento [ Gmail ], [Full-disclosure] 0day Orkut XSS [ NEW! ] (15.10.2007)
 documentjonasthambert_(at)_hush.ai, [Full-disclosure] PHP File Sharing System 1.5.1 (15.10.2007)
 documentmu-b, [Full-disclosure] eXtremail(ly easy) remote roots (15.10.2007)
 documentMustLive, Vulnerability in CMS SiteEdit (15.10.2007)
 documentPierre-Yves Rofes, [ GLSA 200710-13 ] Ampache: Multiple vulnerabilities (15.10.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod