Computer Security
[EN] no-pyccku

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
SecurityVulns ID:10940
Threat Level:
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:SPRINGSOURCE : Spring Framework 3.0
 SPRINGSOURCE : Spring Framework 2.5
 REDAKS : RedAks 2.0
CVE:CVE-2010-1622 (SpringSource Spring Framework 2.5.x before 2.5.6.SEC02, 2.5.7 before 2.5.7.SR01, and 3.0.x before 3.0.3 allows remote attackers to execute arbitrary code via an HTTP request containing class.classLoader.URLs[0]=jar: followed by a URL of a crafted .jar file.)
Original documentdocumentMustLive, Vulnerabilities in eSitesBuilder (20.06.2010)
 documentdavid.kurz_(at), [MajorSecurity SA-074]CMS RedAks 2.0 - Multiple Cross-site Scripting issues (20.06.2010)
 documents2-security, CVE-2010-1622: Spring Framework execution of arbitrary code (20.06.2010)
 documentLaurent OUDOT at TEHTRI-Security, TEHTRI-Security released 13 0days against web tools used by evil attackers (20.06.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod