Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:		03.05.2007
Source:		BUGTRAQ
SecurityVulns ID:		7661
Type:		remote
Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected:		DVDDB : DVDdb 0.6
		FILERUN : Filerun 1.0
		PHPCHAIN : PHPChain 1.0
		AARDVARDTOPSITES : Aardvark Topsites PHP 5.1
		BRADFORD : CampusManager Network Control Application Server 3.1
		ACTIVECAMPAIGN : 1-2-All 4.53
		CMSMADESIMPLE : CMS Made Simple 1.05

Original document		Daniel Lucq, [Full-disclosure] CMS Made Simple: SQL injection (03.05.2007)
		suresync_(at)_gmail.com, Disable website access for sites running Webspeed (03.05.2007)
		abbasi_(at)_ustmb.ac.ir, Post Nuke v4bJournal Module Sql Inject (03.05.2007)
		John McGuire, 12All File Upload Vulnerability (03.05.2007)
		john_(at)_martinelli.com, Bradford CampusManager v3.1(6) Sensitive Data Disclosure (03.05.2007)
		Hackers Center Security Group, Aardvark Topsites PHP Directory Disclosure Vulnerability (03.05.2007)
		ilkerKandemir_(at)_mynet.com, SchoolBoard (admin.php) Remote Login Bypass SQL Injection Vulnerability (03.05.2007)
		jcarlos.norte_(at)_gmail.com, Wordpress All versions XSS (03.05.2007)
		r0t, DVDdb XSS vuln. (03.05.2007)
		r0t, PHPChain vuln. (03.05.2007)
		r0t, FileRun Vuln. (03.05.2007)

Discuss:

Read or add your comments to this news (0 comments)