Computer Security
[EN] no-pyccku

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
SecurityVulns ID:10739
Threat Level:
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:PHPMYADMIN : phpMyAdmin 2.6
 MOINMOIN : moinmoin 1.7
 VELHOST : velhost uploader 1.2
 CBCAPTCHA : CB Captcha 1.0
 DYNPG : DynPG 4.1
 ZABBIX : Zabbix 1.8
 MERETHIS : Centreon IT & Network Monitoring 2.1
CVE:CVE-2010-0828 (Cross-site scripting (XSS) vulnerability in action/ in the Despam action module in MoinMoin 1.8.7 and 1.9.2 allows remote authenticated users to inject arbitrary web script or HTML by creating a page with a crafted URI.)
Original documentdocumentMehdi Mahdjoub - Sysdream IT Security Services, Vulnerability Centreon IT & Network Monitoring v2.1.5 (05.04.2010), MKPortal whois module XSS Vulnerability (05.04.2010)
 documentDEBIAN, [SECURITY] [DSA 2024-1] New moin packages fix cross-site scripting (05.04.2010)
 documentDawid Golunski, Zabbix <= 1.8.1 SQL Injection (05.04.2010)
 documentnicolas.grandjean_(at), CSRF Vulnerability in OSSIM 2.2.1 (05.04.2010)
 documenteidelweiss randy, DynPG CMS Multiple Remote File Inclusion Vulnerability (05.04.2010)
 documentMustLive, Insufficient Anti-automation vulnerability in CB Captcha for Joomla and Mambo (05.04.2010)
 documenteidelweiss, ALPHA CMS v3.2 <= Local File Inclusion Vulnerability (05.04.2010), velhost uploader script v1.2 Local File Inclusion Vulnerability (05.04.2010), MKPortal <= gbook module XSS Vulnerability (05.04.2010), PHP-fusion dsmsf (module downloads) SQL Inj3ct0r Exploit (05.04.2010), phpMyAdmin <= 2.6.1 disclosure ways (05.04.2010), MassMirror Uploader Multiple RFI Exploit (05.04.2010)
 documenteidelweiss, jevoncms (LFI/RFI) Multiple Vulnerabilities (05.04.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod