Computer Security
[EN] no-pyccku

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
SecurityVulns ID:7506
Threat Level:
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:MSXSTUDIOS : Advanced Login 0.7
 XOOPS : Friendfinder 3.3 Xoops Module
CVE:CVE-2007-1766 (PHP remote file inclusion vulnerability in login/engine/db/profiledit.php in Advanced Login 0.76 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root parameter.)
Original documentdocumentBithedz_(at), Advanced Login <= 0.7 (root) Remote File Inclusion Vulnerability (29.03.2007)
Files:Xoops Module Friendfinder <= 3.3 (view.php id) BLIND SQL Injection Exploit

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod