Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:09.03.2009
Source:
SecurityVulns ID:9715
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. PHPSlideshow: crossite scripting.
Affected:PHPSLIDESHOW : PHPSlideshow 0.9
 CELERBB : CelerBB 0.0
 WILICMS : Wili-CMS 0.4
 UMICMS : UMI.CMS 2.7
 TINX : TinX CMS 3.5
 NFORUM : nForum 1.5
 PHPCOMMUNITY : phpCommunity 2.1
 ZNC : ZNC 0.066
 VBOOK : vBook 4.2
Original documentdocumentddivulnalert_(at)_ddifrontline.com, DDIVRT-2009-21 vBook Login Application Cross-site Scripting Vulnerability (09.03.2009)
 documentddivulnalert_(at)_ddifrontline.com, DDIVRT-2009-22 SMART Board Whiteboard Directory Traversal Vulnerability (09.03.2009)
 documentGENTOO, [ GLSA 200903-02 ] ZNC: Privilege escalation (09.03.2009)
 documentSalvatore "drosophila" Fresta, phpCommunity 2 2.1.8 Multiple Vulnerabilities (SQL Injection / Directory Traversal / XSS) (09.03.2009)
 documentSalvatore "drosophila" Fresta, nForum 1.5 Multiple SQL Injection (09.03.2009)
 documentaanisimov_(at)_ptsecurity.com, [Positive Technologies SA:2009-13] TinX CMS 3.x SQL Injection Vulnerability (09.03.2009)
 documentaanisimov_(at)_ptsecurity.com, [Positive Technologies SA:2009-12] UMI.CMS Cross-Site Scripting vulnerability (09.03.2009)
 documentSalvatore "drosophila" Fresta, Wili-CMS 0.4.0 Multiple Vulnerabilities (Remote/Local File Inclusion - Authentication Bypass) (09.03.2009)
 documentSalvatore "drosophila" Fresta, CelerBB 0.0.2 Multiple Vulnerabilities (09.03.2009)
 documentMustLive, New Cross-Site Scripting vulnerability in PHPSlideshow (09.03.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod