Computer Security
[EN] securityvulns.ru no-pyccku


Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:28.09.2009
Source:
SecurityVulns ID:10271
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:HORDE : Horde 3.2
 CKEDITOR : CKEditor 3.0
 1C : Bitrix WAF 8.0
 1C : Bitrix 8.0
 UMICMS : UMI CMS 2.7
 HORDE : Horde 3.3
CVE:CVE-2009-3236 (Unspecified vulnerability in the form library in Horde Application Framework 3.2 before 3.2.5 and 3.3 before 3.3.5; Groupware 1.1 before 1.1.6 and 1.2 before 1.2.4; and Groupware Webmail Edition 1.1 before 1.1.6 and 1.2 before 1.2.4; allows remote attackers, with privileges to write to the address book, to overwrite arbitrary files via crafted "image form fields.")
Original documentdocumentDEBIAN, [SECURITY] [DSA 1897-1] New horde3 packages fix arbitrary code execution (28.09.2009)
 documentONSEC, [ONSEC-09-010] Undersky CMS SQL injection (28.09.2009)
 documentONSEC, [ONSEC-09-017] Blogolet PHP including (28.09.2009)
 documentONSEC, [ONSEC-09-016] Blogolet XSS (28.09.2009)
 documentONSEC, [ONSEC-09-012] UMI.CMS Hash based Captcha (28.09.2009)
 documentONSEC, [ONSEC-09-011] UMI.CMS Multiple XSS (28.09.2009)
 documentONSEC, [ONSEC-09-013] 1C Bitrix 8.0.5 Admin Console XSS (28.09.2009)
 documentONSEC, [ONSEC-09-014] 1C Bitrix WAF multiple XSS (28.09.2009)
 documentMustLive, XSS and Content Spoofing vulnerabilities in CKEditor (28.09.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod