Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 15.11.2007
Published:
17.11.2007
Source:
SecurityVulns ID:
8347
Type:
remote
Level:
5
/10
Description:
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:
RUBY
:
Ruby on Rails 1.2
LIFERAY
:
Liferay Portal Enterprise 4.1
CVE:
CVE-2007-5380
CVE-2007-3227
(Cross-site scripting (XSS) vulnerability in the to_json function in Ruby on Rails before edge 9606 allows remote attackers to inject arbitrary web script via the input values.)
Original document
thetaung_(at)_gmail.com
,
Javamail login username and password same email problem
(
17.11.2007
)
research_(at)_procheckup.com
,
PR07-02: XSS on Liferay Portal Enterprise 4.1.1 login page ('login' parameter)
(
17.11.2007
)
MC Iglo
,
Aida-Web Information Exposure
(
17.11.2007
)
admin_(at)_biyofrm.com
,
Sciurus Hosting Panel Code İnjection
(
17.11.2007
)
GENTOO
,
[ GLSA 200711-17 ] Ruby on Rails: Multiple vulnerabilities
(
15.11.2007
)
Files:
Exploits Sciurus Hosting Panel Code injection
Discuss:
Read or add your comments to this news (0 comments)
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Enter your search terms
Web
securityvulns.com
Submit search form
