Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:29.03.2007
Source:
SecurityVulns ID:7506
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:MSXSTUDIOS : Advanced Login 0.7
 XOOPS : Friendfinder 3.3 Xoops Module
CVE:CVE-2007-1766 (PHP remote file inclusion vulnerability in login/engine/db/profiledit.php in Advanced Login 0.76 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root parameter.)
Original documentdocumentBithedz_(at)_gmail.com, Advanced Login <= 0.7 (root) Remote File Inclusion Vulnerability (29.03.2007)
Files:Xoops Module Friendfinder <= 3.3 (view.php id) BLIND SQL Injection Exploit

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod