Computer Security

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:30.04.2007
Source:MILW0RM
SecurityVulns ID:7652
Type:remote
Level:5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:MYBB : MyBB 1.2
 ESFORUM : EsForum 3.0
 IMAGEVIEW : Imageview 5.3
 TCEXAM : TCExam 4.0
 WORLDPRESS : myGallery 1.2 module for Worldpress
 BURNSTONE : burnCMS 0.2
 JULMAJANNE : JulmaCMS 1.4
 USPFOSS : USP FOSS Distribution 1.01
 PAGODE : Pagode 0.5
 SUPASITE : Supasite 1.23
 POSTNUKE : pnFlashGames 1.5 module for PostNuke
 FIREFLY : firefly 1.1
 YUIEXT : ext 1.0
 PHPBANDMANAGER : phpBandManager 0.8
 WAVEWOO : wavewoo 0.1
 AWBS : Advanced Webhost Billing System 2.4
 GPB : GPB bulletin board 2001.11
 WEBINSTA : WebInsta FM 0.1
 JCCORP : jchit counter 1.0
 PHPRING : PHP-Ring Webring System 0.9
Original documentdocumentDj7xpl, PHP-Ring Webring System 0.9 Remote SQL Injection Vulnerability (30.04.2007)
 documentDj7xpl, Maran PHP Forum (forum_write.php) Remote Code Execution Vulnerability (30.04.2007)
 documentDj7xpl, JChit counter 1.0.0 (imgsrv.php ac) Remote File Disclosure Vulnerability (30.04.2007)
 documentThE TiGeR, GPB bulletin board Remote file include (30.04.2007)
 documentDamaR, AWBS v2.4.0 Remote file include[cart2.php] (30.04.2007)
 documentkoray, phpBandManager 0.8 (index.php pg) Remote File Inclusion Vulnerability (30.04.2007)
 documentAlkomandoz Hacker, ext 1.0 alpha1 (feed-proxy.php) Remote File Disclosure (30.04.2007)
 documentAlkomandoz Hacker, firefly 1.1.01 <= Remote File Include Vulnerablitiy (30.04.2007)
 documentAlkomandoz Hacker, phporacleview => (page_dir) Remote File Inclusion Exploit (30.04.2007)
 documentilkerKandemir_(at)_mynet.com, EsForum 3.0 (forum.php idsalon) Remote SQL Injection Vulnerability (30.04.2007)
 documentXORON, PostNuke pnFlashGames Module v1.5 REmote SQL Injection (30.04.2007)
 documentGolD_M, Supasite v1.23b <= Multiple Remote File Include Vulnerablitiy (30.04.2007)
 documentGolD_M, Pagode 0.5.8(navigator_ok.php asolute)Remote File Disclosure (30.04.2007)
 documentGolD_M, USP FOSS Distribution 1.01(download.php dnld)Remote File Disclosure (30.04.2007)
 documentGolD_M, JulmaCMS 1.4(file.php file)Remote File Disclosure (30.04.2007)
 documentGolD_M, burnCMS <= 0.2(root)Remote File Include Vulnerablities (30.04.2007)
 documentGolD_M, myGallery 1.2.1(myPath)Remote File Include Vulnerablity (30.04.2007)
 documentDNX, Imageview v5.3 (fileview.php) Local File Inclusion (30.04.2007)
Files:TCExam <= 4.0.011 $_COOKIE["SessionUserLang"] shell injection exploit
 Alessandro Lulli wavewoo Remote File Include Exploit
 MyBulletinBoard <= 1.2.5 Remote SQL Injection Exploit
 WebInsta FM <= 0.1.4 Remote File Inclusion Vulnerability
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod
 


Rating@Mail.ru