Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:20.05.2008
Source:
SecurityVulns ID:9006
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Power Phlogger: crossite scripting. Invision Power Board: XSS
Affected:PHPGEDVIEW : PhpGedView 4.0
 PHPGEDVIEW : PhpGedView 4.1
 INVISION : Invision Power Board 2.3
 APPSERV : AppServ Open Project 2.5
 ECMS : eCMS 0.4
 VBULLETIN : vBulletin 3.7
 STARSGAMES : Starsgames Control Panel 4.6
CVE:CVE-2008-2064 (Multiple unspecified vulnerabilities in PhpGedView before 4.1.5 have unknown impact and attack vectors.)
Original documentdocumenttan_prathan_(at)_hotmail.com, Starsgames Control Panel <= 4.6.2 Remote XSS Vulnerability (20.05.2008)
 documentDEBIAN, [SECURITY] [DSA 1580-1] New phpgedview packages fix privilege escalation (20.05.2008)
 documenta.jasbi_(at)_yahoo.com, Vbulletin 3.7.0 Gold >> Sql injection on faq.php (20.05.2008)
 documenthadihadi_zedehal_2006_(at)_yahoo.com, eCMS-v0.4.2 (SQL/PB) Multiple Remote Vulnerabilities (20.05.2008)
 documenttan_prathan_(at)_hotmail.com, AppServ Open Project < = 2.5.10 Remote XSS Vulnerability (20.05.2008)
 document0in.email_(at)_gmail.com, Smeego CMS vulnerability (20.05.2008)
 documenttan_prathan_(at)_hotmail.com, Wordpress Malicious File Execution Vulnerability (20.05.2008)
 documenta.jasbi_(at)_yahoo.com, Cpanel all version >> root access with a reseller account. (20.05.2008)
 documentNoname, xss in ipb 2.3.5 (20.05.2008)
Files:Smeego CMS Local File Include Exploit

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod