Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:02.10.2008
Source:
SecurityVulns ID:9324
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:MONO : mono 1.2
 PHPMYID : phpMyID 0.9
 RPORTAL : RPortal 1.1
 EFRONT : eFront 3.5
 MOZILO : moziloWiki 1.0
 PRINTLOG : Printlog 0.4
CVE:CVE-2008-3906 (CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the query string.)
Original documentdocumentRPATH, rPSA-2008-0286-1 mono (02.10.2008)
 documentPepelux, Printlog <= 0.4: Remote File Edition Vulnerability (02.10.2008)
 documentAesthetico, [MajorSecurity Advisory #56]moziloWiki - Directory Traversal, XSS and SessionFixation Issues (02.10.2008)
 documentPepelux, Remote File Inclusion Vulnerability (02.10.2008)
 documentkadfrox_(at)_gmail.com, Remote and Local File Inclusion Vulnerability <= 1.1 Rportal (02.10.2008)
 documentRaphael Geissert, phpMyID can act as a redirector and as headers injector (02.10.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod