Computer Security
[EN] securityvulns.ru no-pyccku


Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:10.09.2009
Source:
SecurityVulns ID:10224
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:XAPIANOMEGA : xapian-omega 0.9
 XAPIANOMEGA : xapian-omega 1.0
 CHARTDIR : ChartDirector 5.0
 NULLAM : Nullam Blog 0.1
 THTBMANAGER : T-HTB Manager 0.5
 TINYBROWSER : TinyBrowser 1.41
CVE:CVE-2009-2947 (Cross-site scripting (XSS) vulnerability in Xapian Omega before 1.0.16 allows remote attackers to inject arbitrary web script or HTML via unspecified CGI parameter values, which are sometimes included in exception messages.)
Original documentdocumentMustLive, Arbitrary File Upload vulnerability in TinyBrowser (10.09.2009)
 documentSalvatore "drosophila" Fresta, T-HTB Manager Mutiple Blind SQL Injection (10.09.2009)
 documentSalvatore "drosophila" Fresta, Nullam Blog Multiple Remote Vulnerabilities (10.09.2009)
 documentDokFLeed, [Advisory] ChartDirector Critical File Access (10.09.2009)
 documentDEBIAN, [SECURITY] [DSA 1882-1] New xapian-omega packages fix cross-site scripting (10.09.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod