Computer Security
[EN] no-pyccku

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
SecurityVulns ID:8441
Threat Level:
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Rotabanner: crossite scripting
Affected:MKPORTAL : MKPortal 1.1
 WORDPRESS : WordPress 2.3
 BRAINHEAD : Brainhead 4.01
 SQUIRELMAIL : SquirrelMail GPG plugin 2.0
 SQUIRELMAIL : SquirrelMail GPG plugin 2.1
 ROUNDCUBE : RoundCube 0.1
 BITWEAVER : Bitweaver 2.0
 FALT4 : Falt4Extreme CMS RC4
 KAYAKO : Kayako SupportSuite
 HTDIG : htdig 3.2
CVE:CVE-2007-6110 (Cross-site scripting (XSS) vulnerability in htsearch in htdig 3.2.0b6 allows remote attackers to inject arbitrary web script or HTML via the sort parameter.)
Original documentdocumentSw33t.h4cK3r_(at), SQL MKPortal M1.1 Rc1 (13.12.2007)
 documentimei, SupportSuite 3.11.01~ Multiple file ~ PHP SELF XSS (13.12.2007)
 documentAbel Cheung, WordPress Charset SQL injection vulnerability (re-resend) (13.12.2007)
 documentLiquidmatrix Security Digest, Advisory: Websense XSS Vulnerability (13.12.2007)
 documentbebe_(at), SQL injection - GestDownV1.00Beta (13.12.2007)
 documentmesut_(at), Falt4 CMS Security Report/Advisory (13.12.2007)
 documentnoreply_(at), bttlxeForum Multiple SQL Injection And Cross Site Scripting (13.12.2007)
 documentHackers Center Security Group, Bitweaver XSS & SQL Injection Vulnerability (13.12.2007)
 documentkingoftheworld92_(at), Flat PHP Board <= 1.2 Multiple Vulnerabilities (13.12.2007)
 documentTomas Kuliavas, Unsanitized scripting in RoundCube webmail (13.12.2007)
 documentTomas Kuliavas, Two vulnerabilities in SquirrelMail GPG plugin (13.12.2007)
 documentbrainheadbrainhead_(at), webSPELL 4.01.02 (calendar.php, usergallery.php) XSS Vulnerability (13.12.2007)
 documentMustLive, Vulnerabilities in RotaBanner (13.12.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod