Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:		20.09.2008
Source:
SecurityVulns ID:		9298
Type:		remote
Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected:		MYPHPNUKE : myPHPNuke 1.8
		OSCOMMERCE : osCommerce 2.2
		SIMPLEDOWNLOADCO : Simple Download Counter 1.0
		QUICKCMS : Quick.Cms.Lite 2.1
		QUICKCART : Quick.Cart 3.1
		ATTACHMAX : Attachmax Dolphin 2.1
		MENALTO : menalto gallery 2.2
		CYASK : cyask 3.0
		LOOYU : LooYu Web IM 2008
		PHPPROBID : PHP pro bid 6.04
		ANNUTEL : Annuaire Téléphonique 1.0
		ANELECTRON : AEF Forum 1.0
		OPENWSMAN : Openwsman 1.5
CVE:		CVE-2008-4096 (libraries/database_interface.lib.php in phpMyAdmin before 2.11.9.1 allows remote authenticated users to execute arbitrary code via a request to server_databases.php with a sort_by parameter containing PHP sequences, which are processed by create_function.)
		CVE-2008-3662 (Gallery before 1.5.9, and 2.x before 2.2.6, does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.)
		CVE-2008-3457 (Cross-site scripting (XSS) vulnerability in setup.php in phpMyAdmin before 2.11.8 allows user-assisted remote attackers to inject arbitrary web script or HTML via crafted setup arguments. NOTE: this issue can only be exploited in limited scenarios in which the attacker must be able to modify config/config.inc.php.)
		CVE-2008-3456 (phpMyAdmin before 2.11.8 does not sufficiently prevent its pages from using frames that point to pages in other domains, which makes it easier for remote attackers to conduct spoofing or phishing activities via a cross-site framing attack.)
		CVE-2008-3197 (Cross-site request forgery (CSRF) vulnerability in phpMyAdmin before 2.11.7.1 allows remote attackers to perform unauthorized actions via a link or IMG tag to (1) the db parameter in the "Creating a Database" functionality (db_create.php), and (2) the convcharset and collation_connection parameters related to an unspecified program that modifies the connection character set.)
		CVE-2008-2234

Original document		VMWARE, VMSA-2008-0015 Updated ESXi and ESX 3.5 packages address critical security issue in openwsman (20.09.2008)
		JeiAr, Advanced Electron Forum <= 1.0.6 Remote Code Execution (20.09.2008)
		sn0oPy.team_(at)_gmail.com, Annuaire Téléphonique v1.0 Sensetive Files (MDP) (20.09.2008)
		Jan van Niekerk, PHP pro bid v 6.04 SQL injection (20.09.2008)
		xsp, LooYu Web IM 2008 Cross-Site Scripting Vulnerabilities (20.09.2008)
		xuanmumu_(at)_gmail.com, cyask 3.x Local File Inclusion Vulnerability (20.09.2008)
		Lagon666_(at)_Yahoo.com, Sama XSS Bug (20.09.2008)
		Hanno Bock, menalto gallery: Session hijacking vulnerability, CVE-2008-3662 (20.09.2008)
		adv_(at)_e-rdc.org, [ECHO_ADV_101$2008] Attachmax Dolphin <= 2.1.0 Multiple Vulnerabilities (20.09.2008)
		John Cobb, [NOBYTES.COM: #13] Quick.Cart v3.1 Freeware - Cross Site Scripting (20.09.2008)
		John Cobb, [NOBYTES.COM: #14] Quick.Cms.Lite v2.1 Freeware - Cross Site Scripting (20.09.2008)
		John Cobb, [NOBYTES.COM: #12] osCommerce 2.2rc2a - Information Disclosure (20.09.2008)
		Alemin_Krali Krali, DUgallery - ALL VERSIONS (Upload/SQL/) Multiple Remote Vulnerabilities (20.09.2008)
		MustLive, SQL Injection vulnerability in Simple Download Counter (20.09.2008)
		MustLive, SQL Injection vulnerability in myPHPNuke (20.09.2008)

Discuss:

Read or add your comments to this news (0 comments)