 |
|
|
|
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 21.12.2007 | | Published: |  | 24.12.2007 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 8482 | | Type: |  | remote | | Level: |  | 5/10 | | Description: |  | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
WordPress <= 2.0.9: crossite scripting. |
| Original document |  | malibu.r_(at)_hotmail.com, Logaholic Web Analytics Software (24.12.2007) |
| | | admin_(at)_bugreport.ir, Jupiter Cms Multiple Vulnerabilities (24.12.2007) |
| | | Janek Vind, [waraxe-2007-SA#060] - Sensitive info disclosure in CuteNews <= 1.4.5 (24.12.2007) |
| | | ISecAuditors Security Advisories, [ISecAuditors Security Advisories] Tikiwiki CMS is vulnerable to path traversal attack (24.12.2007) |
| | | mesut_(at)_h-labs.org, Tikiwiki 1.9.8.3 tiki-special_chars.php XSS Vulnerability (24.12.2007) |
| | | beenudel1986_(at)_gmail.com, My Blog Rfi (24.12.2007) |
| | | Hackers Center Security Group, [HSC] Dokeos Multiple Cross-Site Scripting Vulnerabilities (24.12.2007) |
| | | MustLive, Cross-Site Scripting vulnerabilities in WordPress (24.12.2007) |
| | | root_(at)_hanicker.it, Moodle SQL Injection (21.12.2007) |
| | | nbbn_(at)_gmx.net, Woltlab Burning Board 1.0.2 SQL-Injection Vulnerability (21.12.2007) |
| | | Jose Luis Góngora Fernández, PHP iCalendar <= 2.24 - Cross-Site Scripting Vulnerability (21.12.2007) |
| | | lolo lolo, SiteScape Forum TCL injection (21.12.2007) |
| | | The-0utl4w-noreply_(at)_aria-security.net, [Aria-Security.net] ABI Version 3.7.9.17 Remote SQL Injection (21.12.2007) |
| | | ahcrew_(at)_gmail.com, iSupport v1.8 Local file include vulnerability (21.12.2007) |
|
|
|
|
|
|
|
|
