Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:24.04.2008
Source:
SecurityVulns ID:8938
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Wordpress: different message for wrong username and pasword, weak inicial password generation.
Affected:WORDPRESS : WordPress 2.0
 WORDPRESS : WordPress 2.1
 WORDPRESS : WordPress 2.2
 WORDPRESS : WordPress 2.3
 WORDPRESS : Wordpress 2.5
 ROUNDUP : Roundup 1.4
CVE:CVE-2008-1474 (Multiple unspecified vulnerabilities in Roundup before 1.4.4 have unknown impact and attack vectors.)
Original documentdocumentMustLive, Vulnerabilities in WordPress (24.04.2008)
 documentnoreply_(at)_aria-security.com, NetClassifieds Sql Injection (24.04.2008)
 documentnoreply_(at)_aria-security.com, Horde Webmail XSS [Aria-Security] (24.04.2008)
 documentDEBIAN, [SECURITY] [DSA 1554-1] New roundup packages fix cross-site scripting vulnerability (24.04.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod