Computer Security
[EN] no-pyccku

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
SecurityVulns ID:8557
Threat Level:
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:MTCMS : MTCMS 2.0
 MOODLE : Moodle 1.8
CVE:CVE-2008-0123 (Cross-site scripting (XSS) vulnerability in install.php for Moodle 1.8.3, and possibly other versions before 1.8.4, allows remote attackers to inject arbitrary web script or HTML via the dbname parameter. NOTE: this issue only exists until the installation is complete.)
Original documentdocumentrlavertu, [Full-disclosure] ID-Commerce Security Advisory - SLR-2007-001 (12.01.2008)
 documentHanno Bock, [Full-disclosure] Cross site scripting (XSS) in Moodle 1.8.3 (12.01.2008)
 documentmorin.josh_(at), Naymz multiple XSS (12.01.2008)
 documentship_nx_(at), Member Area System (MAS) Remote File Include Vulnerability (view_func.php) (12.01.2008)
 documentdb_(at), ImageAlbum Remote SQL Injection Vulnerabilities (12.01.2008)
 documenthadihadi_zedehal_2006_(at), MTCMS <=2.0 SQL Injection Vulnerbility (12.01.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod