Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:24.03.2009
Source:
SecurityVulns ID:9768
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:PHPCLASSIFIEDS : PHP Classifieds 7.3
 TRANSPARENTTECH : ExpressionEngine 1.6
 WEBCIT : webcit 7.37
 PHPPIZABI : PHPizabi 0.848
CVE:CVE-2009-0364 (Format string vulnerability in the mini_calendar component in Citadel.org WebCit 7.22, and other versions before 7.39, allows remote attackers to execute arbitrary code via unspecified vectors.)
Original documentdocumentrgod, PHPizabi v0.848b C1 HFP1 proc.inc.php remote privilege escalation (php.ini independent) (24.03.2009)
 documentDEBIAN, [SECURITY] [DSA 1752-1] New webcit packages fix potential remote code execution (24.03.2009)
 documentAdam Baldwin, ExpressionEngine Persistent Cross-Site Scripting (24.03.2009)
 documentSECUNIA, [SA34410] PHP Classifieds Cross-Site Scripting and File Upload Vulnerabilities (24.03.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod