Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:22.07.2008
Source:
SecurityVulns ID:9165
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. PostNuke: crossite scripting, automation protection bypass.
Affected:POSTNUKE : PostNuke 0.7
 MYBLOG : MyBlog 0.9
 INTERACT : Interact 2.4
 flip : Flip 3.0
 EASYPUBLISH : EasyPublish 3.0
 EASYCARDS : Easyecards 310
 EASYBOKMARKER : Easybookmarker 40
 EASYDYNAMICPAGES : Easydynamicpages 30
 SOCIALENGINE : SocialEngine 2.82
Original documentdocumentPeter Wiesen, E-Mail header Injection in HiFriend (22.07.2008)
 documenttim.loshak_(at)_gmail.com, Vulnerability: SocialEngine (SocialEngine.net) high risk security flaw (22.07.2008)
 documentDigital Security Research Group [DSecRG], [DSECRG-08-031] Local File Include Vulnerability in Interact 2.4.1 (22.07.2008)
 documentadmin_(at)_bugreport.ir, MyBlog <=0.9.8 Multiple Vulnerabilities (22.07.2008)
 documentGhost hacker, EZWebAlbum (dlfilename) Remote File Disclosure Vulnerability (22.07.2008)
 documentirancrash_(at)_gmail.com, Easydynamicpages 30tr Multipe Vulerabilities ( Xss / Sql Injection Exploit / File Disclosure Exploit ) (22.07.2008)
 documentirancrash_(at)_gmail.com, Maran PHP Blog Xss By Khashayar Fereidani (22.07.2008)
 documentirancrash_(at)_gmail.com, Easybookmarker 40tr Xss Vulnerability By Khashayar Fereidani (22.07.2008)
 documentirancrash_(at)_gmail.com, Easyecards 310a Multipe Vulerabilities ( Xss / Sql Injection Exploit / File Disclosure Exploit ) By Khashayar Fereidani (22.07.2008)
 documentirancrash_(at)_gmail.com, EasyPublish 3.0tr Multiple Vulnerabilities ( Xss / Sql Injection Exploit / File Disclosure Exploit ) (22.07.2008)
 documentCru3l.b0y, Flip V3.0 final (22.07.2008)
 documentMustLive, Vulnerabilities in PostNuke (22.07.2008)
Files:EasyPublish 3.0tr Exploit
 Easyecards 310a Exploit
 Easydynamicpages 30tr Exploit

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod