Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published: 29.01.2008
Source:
SecurityVulns ID: 8614
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected: PHPCMS : phpCMS 1.2
MAMBO : Mambo 4.6
ETICKET : eTicket 1.5
PHPIP : phpIP 4.3
CLANSPHERE : ClanSphere 2007.4
WBB : WoltLab Burning Board 30
SUNGUARDHE : Banner -- Student 7.2
NUCLEUSCMS : Nucleus CMS 3.31

Original document Digital Security Research Group [DSecRG], Nucleus 3.31 XSS in path (29.01.2008)

Digital Security Research Group [DSecRG], Remote File Disclosure in phpCMS 1.2.2 (29.01.2008)

banner_(at)_ch4n.org, CSRF/XSS in Sungard Banner (29.01.2008)

Sw33t.h4cK3r_(at)_hotmail.com, VB Marketing "tseekdir.cgi" Local File Inclusion (29.01.2008)

document nbbn_(at)_gmx.net, WoltLab Burning Board 3.x.x Private Message Delete XSRF Vulnerability (29.01.2008)

milad_sa2007_(at)_yahoo.com, ASPired2Protect bypass (29.01.2008)

Alessandro Tanasi, eTicket 'index.php' Cross Site Scripting Path Vulnerability (29.01.2008)

p4imi0, ClanSphere 2007.4.4 Remote File Disclosure Vulnerability. (29.01.2008)

document admin_(at)_bugreport.ir, Mambo 4.6.3 Path Disclosure, XSS , XSRF, DOS (29.01.2008)

Charles Hooper, phpIP 4.3.2 - Numerous SQL Injection Vulnerablities (29.01.2008)

Discuss: Read or add your comments to this news (0 comments)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin