Computer Security
[EN] securityvulns.ru no-pyccku


Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:08.08.2010
Source:
SecurityVulns ID:11041
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:WORDPRESS : WordPress 2.8
 DATAFACE : Dataface 1.0
 DT : DT Centrepiece 4.5
 HULIHAN : Amethyst 0.1
 HULIHAN : BXR 0.6
 HULIHAN : DiamondList 0.1
 OPENBLOG : Open blog 1.2
 PRADOPORTAL : Prado Portal 1.2
 MANTIS : MantisBT 1.2
 ZEUSCART : ZeusCart 3.0
CVE:CVE-2010-2574 (Cross-site scripting (XSS) vulnerability in manage_proj_cat_add.php in MantisBT 1.2.2 allows remote authenticated administrators to inject arbitrary web script or HTML via the name parameter in an Add Category action.)
Original documentdocumentMustLive, CSRF, Information Leakage and Full path disclosure vulnerabilities in WordPress (08.08.2010)
 documentSECUNIA, Secunia Research: MantisBT "Add Category" Script Insertion Vulnerability (08.08.2010)
 documentSecPod Research, ZeusCart Ecommerce Shopping Cart Software Cross-Site scripting Vulnerability (08.08.2010)
 documentHigh-Tech Bridge Security Research, SQL injection vulnerability in BXR (08.08.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in Prado Portal (08.08.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in DT Centrepiece (08.08.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in DiamondList (08.08.2010)
 documentHigh-Tech Bridge Security Research, XSRF (CSRF) in DiamondList (08.08.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in BXR search (08.08.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in Open Blog (08.08.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in Open blog (08.08.2010)
 documentHigh-Tech Bridge Security Research, XSRF (CSRF) in Open blog (08.08.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in SiteLoom CMS (08.08.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in DiamondList (08.08.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in Amethyst (08.08.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in BXR (08.08.2010)
 documentHigh-Tech Bridge Security Research, XSRF (CSRF) in BXR (08.08.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in BXR (08.08.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in Amethyst (08.08.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in Amethyst (08.08.2010)
 documentHigh-Tech Bridge Security Research, XSRF (CSRF) in Amethyst (08.08.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in DT Centrepiece (08.08.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in DT Centrepiece (08.08.2010)
 documentHigh-Tech Bridge Security Research, Application Logic Error in DT Centrepiece (08.08.2010)
 documentHigh-Tech Bridge Security Research, Application Logic Error in DT Centrepiece (08.08.2010)
 documentMustLive, Vulnerabilities in Dataface Web Application Framework (08.08.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod