Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:16.12.2007
Source:
SecurityVulns ID:8453
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. WordPress: information leakage
Affected:PHPAY : Phpay 2.02
 HOSTINGCONTROLLE : Hosting Controller 6.1
 WORDPRESS : WordPress 2.2
 WORDPRESS : WordPress 2.3
 TRIVIANTIS : CourseMill 4.1
 BANEX : Banner Exchange 2.2
 MERETHIS : Centreon 1.4
 OREON : Oreon 1.4
 PHPRPG : PHP RPG 0.8
 ANONPROXYSERVER : Anon Proxy Server 0.100
CVE:CVE-2007-6338 (SQL injection vulnerability in userlogin.jsp in Trivantis CourseMill Enterprise Learning Management System 4.1 SP4 allows remote attackers to execute arbitrary SQL commands via the user parameter (username field). NOTE: some of these details are obtained from third party information.)
Original documentdocumentadmin_(at)_biyofrm.com, Adult Script Unauthorized Administrative Access Exploit (16.12.2007)
 documentMustLive, Information disclosure vulnerabilities in WordPress (16.12.2007)
 documentth3.r00k_(at)_gmail.com, Anon Proxy Server - Remote Code Execution (16.12.2007)
 documentth3.r00k_(at)_gmail.com, Wordpress - Broken Access Control (16.12.2007)
 documentth3.r00k_(at)_gmail.com, PHP RPG - Sql Injection and Session Information Disclosure. (16.12.2007)
 documentth3.r00k_(at)_gmail.com, Oreon/Centreon - Multiple Remote File Inclusion (16.12.2007)
 documentth3.r00k_(at)_gmail.com, Phpay - Local File Inclusion (16.12.2007)
 documentarsalan1991_(at)_gmail.com, PHP MySQL Banner Exchange 2.2.1 remote mysql database bug (16.12.2007)
 documentswhite_(at)_securestate.com, + Trivantis CourseMill Enterprise Learning Management System - SQL Injection - CVE-2007-6338 (16.12.2007)
 documentadmin_(at)_bugreport.ir, Hosting Controller - Multiple Security Bugs (Extremely Critical) (16.12.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod