Computer Security
[EN] no-pyccku

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
SecurityVulns ID:10418
Threat Level:
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:E107 : e107 0.7
 INVISION : Invision Power Board 2.3
 OPENX : OpenX 2.8
 GFORGE : gforge 4.8
 PHPMAIL : php-mail 1.1
CVE:CVE-2009-3303 (Cross-site scripting (XSS) vulnerability in www/help/tracker.php in GForge 4.5.14, 4.7 rc2, and 4.8.1 allows remote attackers to inject arbitrary web script or HTML via the helpname parameter.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 1938-1] New php-mail packages fix insufficient input sanitising (25.11.2009)
 documentDEBIAN, [SECURITY] [DSA 1937-1] New gforge packages fix cross-site scripting (25.11.2009)
 documentSecurity Vulnerability Research Team, [Bkis-13-2009] e107 Multiple Vulnerabilities (25.11.2009)
 documentMustLive, Vulnerabilities in plugins for WordPress (25.11.2009)
 documentMoritz Naumann, Executing arbitrary PHP code on OpenX <= 2.8.1 (25.11.2009)
 documentMustLive, Vulnerabilities in Abton (25.11.2009)
 documentMustLive, New vulnerabilities in Invision Power Board (25.11.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod