Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published: 14.11.2007
Source:
SecurityVulns ID: 8337
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. PHP-Nuke: CAPTCHA protection bypass. Peter’s Random Anti-Spam Image: CAPTACHA protection bypass and crossite scripting.

Affected: PHPNUKE : PHP-Nuke 8.1
AUTOINDEX : AutoIndex 2.2
PETERSRANDOMANTI : Peter’s Random Anti-Spam Image 0.2
AURACMS : AURA CMS 2.1

Original document no-reply_(at)_aria-security.net, Free Forums "search" Sql Injection (14.11.2007)

no-reply_(at)_aria-security.net, Aria-Security.Net: MetaCart SQL Injection (14.11.2007)

no-reply_(at)_aria-security.net, DocuSafe "Search" SQL Injection (14.11.2007)

ULTRA.HAQRS.4.ALL ULTRA.HAQRS.4.ALL, [Full-disclosure] 0day0day0day0day AURACMS XSS!! LATEST VERSION!!! 0day0day0day0day (14.11.2007)

document Elazar Broad, [Full-disclosure] WebEx GPCContainer Memory Access Violation (14.11.2007)

MustLive, Vulnerabilities in Peter’s Random Anti-Spam Image (14.11.2007)

joseph.giron13_(at)_gmail.com, ExoPHPdesk user profile XSS / profile SQL injection (14.11.2007)

ISecAuditors Security Advisories, [ISecAuditors Security Advisories] VTLS.web.gateway cgi is vulnerable to XSS (14.11.2007)

document L4teral, AutoIndex <= 2.2.2 Cross Site Scripting and Denial of Service (14.11.2007)

MustLive, Another vulnerability in PHP-Nuke captcha (14.11.2007)

Discuss: Read or add your comments to this news (0 comments)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin