Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published: 29.05.2009
Source: BUGTRAQ
SecurityVulns ID: 9945
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. myPHPNuke: crossite scripting, SQL injection.

Affected: MYPHPNUKE : myPHPNuke 1.8
PHPNUKE : PHP-Nuke 8.0
VANILLA : Vanilla 1.1
DRUPAL : Drupal 6.12
ECSHOP : ecshop 2.6
PAESSLER : PRTG Traffic Grapher 6.2
SPIRATES : Small Pirates 2.1
ADPEEPS : AdPeeps 8.5
ARCADETRADESCRIP : Arcade Trade Script 1.0
ACHIEVO : Achievo 1.3

Original document Justin C. Klein Keane, [Full-disclosure] Drupal 6 Content Access Module XSS (29.05.2009)

Justin C. Klein Keane, [Full-disclosure] Drupal Embedded Media Field Module Multiple XSS (29.05.2009)

security_(at)_intern0t.net, [InterN0T] Achievo 1.3.4 - XSS Vulnerability (29.05.2009)

document SmOk3, Arcade Trade Script XSS (29.05.2009)

darkz.gsa_(at)_gmail.com, PHP Nuke v.8.0 (referer) SQL Injection (29.05.2009)

Jan van Niekerk, Backdoor in com_rsgallery2 gallery extension for joomla (29.05.2009)

darkz.gsa_(at)_gmail.com, Vanilla v.1.1.7 Cross-Site Scripting (29.05.2009)

document security_(at)_intern0t.net, [InterN0T] AdPeeps 8.5d1 - XSS and HTML Injection Vulnerabilities (29.05.2009)

y3nh4ck3r_(at)_gmail.com, MULTIPLE REMOTE VULNERABILITIES --Small Pirates v-2.1--> (29.05.2009)

info_(at)_securitylab.ir, ecshop 2.6.2 (29.05.2009)

MustLive, XSS and SQL Injection vulnerabilities in myPHPNuke (29.05.2009)

Discuss: Read or add your comments to this news (0 comments)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

test server