Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:27.11.2007
Source:
SecurityVulns ID:8380
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Anti Spam Image wordpress plugin: CAPTCHA protection bypass.
Affected:DELUXEBB : DeluxeBB 1.09
 SIMPLEGALLERY : SimpleGallery 0.1
 PHPNUKE : NSN Script Depository module for PHP-Nuke 1.0
Original documentdocumentJose Luis Góngora Fernández, FIGIS (FILogin.do) Bypass SQL Injection Vulnerability (27.11.2007)
 documentJose Luis Góngora Fernández, JLMForo System (modificarPerfil.php) Cross-Site Scripting Vulnerability (27.11.2007)
 documentkingoftheworld92_(at)_fastwebnet.it, Re: PHP-Nuke NSN Script Depository module <= 1.0.3 Remote Source / DB Credentials Disclosure (27.11.2007)
 documentkingoftheworld92_(at)_fastwebnet.it, PHP-Nuke NSN Script Depository module <= 1.0.3 Remote Source / DB Credentials Disclosure (27.11.2007)
 documentkingoftheworld92_(at)_fastwebnet.it, Tilde CMS <= v. 4.x "aarstal" parameter of "yeardetail" SQL Injection (27.11.2007)
 documentJose Luis Góngora Fernández, SimpleGallery v0.1.3 (index.php) Cross-Site Scripting Vulnerability (27.11.2007)
 documentJose Luis Góngora Fernández, FMDeluxe (index.php) Cross-Site Scripting Vulnerability (27.11.2007)
 documentMustLive, MoBiC-25: Anti Spam Image CAPTCHA bypass (27.11.2007)
Files:DeluxeBB <= 1.09 Remote Admin's/User's Email Change
 Exploits PHP-Nuke NSN Script Depository module <= 1.0.3 Remote Source / DB Credentials Disclosure

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod