Computer Security


Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
SecurityVulns ID:11223
Threat Level:
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:JOOMLA : Joomla 1.5
 MEMHT : MemHT Portal 4.0
 WEBMEDIAEXPLORER : Webmedia Explorer 6.13
 WSNLINKS : WSN Links 6.0
 WSNLINKS : WSN Links 5.1
 WSNLINKS : WSN Links 5.0
 WORDPRESS : cforms 11.5
CVE:CVE-2010-4006 (Multiple SQL injection vulnerabilities in search.php in WSN Links 5.0.x before 5.0.81, 5.1.x before 5.1.51, and 6.0.x before 6.0.1 allow remote attackers to execute arbitrary SQL commands via the (1) namecondition or (2) namesearch parameter.)
 CVE-2010-3977 (Multiple cross-site scripting (XSS) vulnerabilities in wp-content/plugins/cforms/lib_ajax.php in cforms WordPress plugin 11.5 allow remote attackers to inject arbitrary web script or HTML via the (1) rs and (2) rsargs[] parameters.)
Original documentdocumentRodrigo Branco, cforms WordPress Plugin Cross Site Scripting Vulnerability - CVE-2010-3977 (02.11.2010)
 documentMark Stanislav, 'WSN Links' SQL Injection Vulnerability (CVE-2010-4006) (02.11.2010)
 documentadvisory_(at), Stored XSS vulnerability in Webmedia Explorer (02.11.2010)
 documentadvisory_(at), XSS vulnerability in Kandidat CMS (02.11.2010)
 documentadvisory_(at), XSS vulnerability in Kandidat CMS (02.11.2010)
 documentadvisory_(at), XSS vulnerability in Kandidat CMS (02.11.2010)
 documentadvisory_(at), XSS vulnerability in MemHT Portal (02.11.2010)
 documentadvisory_(at), XSS vulnerability in MemHT Portal (02.11.2010)
 documentadvisory_(at), Stored XSS (Cross Site Scripting) vulnerability in MemHT Portal (02.11.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod