Computer Security
[EN] no-pyccku

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
SecurityVulns ID:8829
Threat Level:
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Claroline: crossite scripting.
Affected:POWERSCRIPTS : PowerClan 1.14
 CLAROLINE : Claroline 1.8
 POWERSCRIPTS : PowerBook 1.21
 POWERSCRIPTS : PowerPHPBoard 1.00
 SERENDIPITY : serendipity 1.3
 CVE-2007-6205 (Cross-site scripting (XSS) vulnerability in the remote RSS sidebar plugin (serendipity_plugin_remoterss) in S9Y Serendipity before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via a link in an RSS feed.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 1528-1] New serendipity packages fix cross site scripting (24.03.2008)
 documentZero-X ScriptKiddy, HIS-webshop is vulnerable against Directory-Traversal ( (24.03.2008)
 documentDigital Security Research Group [DSecRG], [DSECRG-08-020] RFI-LFI in PowerClan 1.14a (24.03.2008)
 documentDigital Security Research Group [DSecRG], [DSECRG-08-021] Multiple LFI in PowerPHPBoard 1.00b (24.03.2008)
 documentDigital Security Research Group [DSecRG], [DSECRG-08-019] LFI in PowerBook 1.21 (24.03.2008)
 documentMustLive, Vulnerability in Claroline (24.03.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod