Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:
29.03.2007
Source:
BUGTRAQ
SecurityVulns ID:
7506
Type:
remote
Level:
5
/10
Description:
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:
MSXSTUDIOS
:
Advanced Login 0.7
XOOPS
:
Friendfinder 3.3 Xoops Module
CVE:
CVE-2007-1766
(PHP remote file inclusion vulnerability in login/engine/db/profiledit.php in Advanced Login 0.76 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root parameter.)
Original document
Bithedz_(at)_gmail.com
,
Advanced Login <= 0.7 (root) Remote File Inclusion Vulnerability
(
29.03.2007
)
Files:
Xoops Module Friendfinder <= 3.3 (view.php id) BLIND SQL Injection Exploit
Discuss:
Read or add your comments to this news (0 comments)
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Enter your search terms
Web
securityvulns.com
Submit search form
