Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:
29.09.2008
Source:
SecurityVulns ID:
9313
Type:
remote
Level:
5
/10
Description:
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. FCKEditor: arbitrary file upload eCaptcha: crossite scripting
Affected:
ADNFORUM
:
adnforum 1.0
FCKEDITOR
:
FCKeditor 2.6
FCKEDITOR
:
FCKeditor 2.4
FLATPRESS
:
flatpress 0.804
EASYREALTOR
:
EasyRealtorPRO 2008
CVE:
CVE-2008-4120
(Multiple cross-site scripting (XSS) vulnerabilities in FlatPress 0.804 allow remote attackers to inject arbitrary web script or HTML via the (1) user or (2) pass parameter to login.php, or the (3) name parameter to contact.php.)
Original document
SmOk3
,
SQL Injection in EasyRealtorPRO 2008
(
29.09.2008
)
Pepelux
,
adnforum <= 1.0b / Insecure Cookie Handling Vulnerability
(
29.09.2008
)
Fabian Fingerle
,
Cross Site Scripting (XSS) Vulnerabilitiy in flatpress 0.804, CVE-2008-4120
(
29.09.2008
)
alfredo.melloni_(at)_gmail.com
,
Google Docs (HTML code) Multiple Cross Site Scripting Vulnerabilities
(
29.09.2008
)
MustLive
,
Cross-Site Scripting vulnerability in eCaptcha
(
29.09.2008
)
MustLive
,
Arbitrary File Upload vulnerability in FCKeditor
(
29.09.2008
)
Discuss:
Read or add your comments to this news (0 comments)
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Nizhny Novgorod
Enter your search terms
Web
securityvulns.com
Submit search form
test server
