Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:		28.04.2007
Source:
SecurityVulns ID:		7642
Type:		remote
Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected:		BROTHERSOFT : Shop-Script 2.0
		NUCLEUSCMS : nucleus 3.22
		PHPMYTGP : phpMYTGP 1.4
		SUNSHOP : sunshop 4
		CAFELOG : B2 Weblog and News Publishing 0.6
		COMUS : comus 2.0
		BUILT2GO : PHP Link Portal 1.79
		BLOGSYSTEM : blogsystem 1.4
		DOWNLOADENGINE : download engine 1.4
		VIRTUANEWS : VirtuaNews Pro 1.0
		MODBUILD : modbuild 4.1
		SINECMS : SineCMS 2.3
		BURAKYILMAZ : Burak Yilmaz Blog 1.0

Original document		Dj_ReMix_20_(at)_hotmail.com, Burak Yılmaz Blog (tr) v1.0 SQL injection vulnerability (28.04.2007)
		nexus_(at)_playhack.net, SineCMS (28.04.2007)
		s433d_only_linux_(at)_yahoo.de, modbuild >> 4.1 Remote File Inclusion (28.04.2007)
		alijsb_(at)_yahoo.com, :doruk100net >> RFI (28.04.2007)
		s433d_only_linux_(at)_yahoo.de, VirtuaNews.Pro.v1.0.3.Retail.+All.Plugins Remote file Include (28.04.2007)
		s433d_only_linux_(at)_yahoo.de, Remote File Inclusion (28.04.2007)
		alijsb_(at)_yahoo.com, download engine V1.4.1 >> RFI (local) (28.04.2007)
		alijsb_(at)_yahoo.com, nucleus 3.22 >> RFI (28.04.2007)
		info_(at)_hackerz.ir, blogsystem 1.4 >> local & remote = -rfi & lfi & -xss (28.04.2007)
		alijsb_(at)_yahoo.com, Built2Go_PHP_Link_Portal_v1.79 >> RFI (28.04.2007)
		alijsb_(at)_yahoo.com, Searchactivity >> RFI (28.04.2007)
		alijsb_(at)_yahoo.com, comus 2.0 Final >> RFI (28.04.2007)
		alijsb_(at)_yahoo.com, B2 Weblog and News Publishing Tool v0.6.1 >> RFI (28.04.2007)
		alijsb_(at)_yahoo.com, adrevenue script (CyKuH.com)>> RFI (28.04.2007)
		alijsb_(at)_yahoo.com, sunshop v4 >> RFI (28.04.2007)
		alijsb_(at)_yahoo.com, Shop-Script v 2.0 >> RFI (28.04.2007)
		alijsb_(at)_yahoo.com, phpMYTGP v v1.4b >> RFI (28.04.2007)

Discuss:

Read or add your comments to this news (0 comments)