Computer Security
[EN] securityvulns.ru no-pyccku


Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:02.11.2009
Source:
SecurityVulns ID:10367
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:MAHARA : mahara 1.0
 JOOMLA : Joomla ProofReader 1.0
CVE:CVE-2009-3299 (Cross-site scripting (XSS) vulnerability in the resume blocktype in Mahara before 1.0.13, and 1.1.x before 1.1.7, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
 CVE-2009-3298 (Mahara before 1.0.13, and 1.1.x before 1.1.7, allows remote authenticated institution administrators to reset a site administrator password via unspecified vectors.)
Original documentdocumentMustLive, Cross-Site Scripting vulnerability in ProofReader for Joomla (02.11.2009)
 documentDEBIAN, [SECURITY] [DSA 1924-1] New mahara packages fix several vulnerabilities (02.11.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod