Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 10.12.2008
Published:
14.12.2008
Source:
SecurityVulns ID:
9502
Type:
remote
Level:
5
/10
Description:
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. EZ Publish: privilege escalation from user to CMS Administrator + Privilege escalation from CMS Administrator to system user.
Affected:
EZ
:
ez publish 3.10
EZ
:
ez publish 4.0
PRESTASHOP
:
PrestaShop 1.1
PHPEPPERSHOP
:
PHPepperShop 1.4
XOOPS
:
XOOPS 2.3
Original document
S4aVRd0w
,
Эксплоит для эксплуатации уязвимости EZSA-2008-003 с активацией учетной записи
(
14.12.2008
)
Digital Security Research Group [DSecRG]
,
[DSECRG-08-041] Stored XSS Vulnerability in Xoops 2.3.x
(
10.12.2008
)
Digital Security Research Group [DSecRG]
,
[DSECRG-08-040] Multiple Local File Include Vulnerabilities in Xoops 2.3.x
(
10.12.2008
)
Digital Security Research Group [DSecRG]
,
[DSECRG-08-040] Multiple Local File Include Vulnerabilities in Xoops 2.3.x
(
10.12.2008
)
th3.r00k_(at)_gmail.com
,
XSS in PHPepperShop v 1.4
(
10.12.2008
)
th3.r00k_(at)_gmail.com
,
Two XSS Flaws in PrestaShop 1.1.0.3
(
10.12.2008
)
r3d.w0rm_(at)_yahoo.com
,
Joomla Component mydyngallery
(
10.12.2008
)
S4aVRd0w
,
Эксплоит для эксплуатации уязвимости EZSA-2008-003
(
10.12.2008
)
Files:
eZ Publish privilege escalation exploit by s4avrd0w
EZ publish exploit with admin account activization
eZ Publish OS Commanding executing exploit by s4avrd0w
Discuss:
Read or add your comments to this news (0 comments)
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Nizhny Novgorod
Enter your search terms
Web
securityvulns.com
Submit search form
test server
