Computer Security
[EN] securityvulns.ru no-pyccku


Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 28.12.2010
Published:27.12.2010
Source:
SecurityVulns ID:11324
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:WAGORA : W-Agora 4.2
 CRUXCMS : CruxCMS 3.0
 WORDPRESS : WordPress 3.0
 DJANGO : django 1.2
 MYBB : Mybb 1.6
 KAIBB : KaiBB 1.0
 OPENCLASSIFIEDS : OpenClassifieds 1.7
 PLIGG : Pligg 1.1
 DJANGO : Django 1.1
 ADMUNCHER : Ad Muncher 4.81
 COPPERMINE : Coppermine 1.5
CVE:CVE-2010-4257 (SQL injection vulnerability in the do_trackbacks function in wp-includes/comment.php in WordPress before 3.0.2 allows remote authenticated users to execute arbitrary SQL commands via the Send Trackbacks field.)
Original documentdocumentnon customers, Pre Jobo .NET "Password" SQL Injection Vulnerability (29.12.2010)
 documentJanek Vind, [waraxe-2010-SA#079] - Reflected XSS in Coppermine 1.5.10 (29.12.2010)
 documentDEBIAN, YEKTAWEB CMS XSS Vulnerability (29.12.2010)
 documentDEBIAN, HotWeb Rentals "PageId" SQL Injection Vulnerability (29.12.2010)
 documentDEBIAN, [SECURITY] [DSA 2138-1] Security update for wordpress (29.12.2010)
 documentProCheckUp Research, PR10-14 Unauthenticated command execution within Mitel's AWC (Mitel Audio and Web Conferencing) (28.12.2010)
 documentMustLive, XSS уязвимость в Ad Muncher (28.12.2010)
 documentAdam Baldwin, Django admin list filter data extraction / leakage (28.12.2010)
 documentinfo_(at)_securitylab.ir, Sigma Portal Denial of Service Vulnerability (28.12.2010)
 documentinfo_(at)_securitylab.ir, Asan Portal (IdehPardaz) Multiple Vulnerabilities (28.12.2010)
 documentJanek Vind, [waraxe-2010-SA#078] - Multiple Vulnerabilities in CruxCMS 3.0.0 (28.12.2010)
 documentYGN Ethical Hacker Group, MyBB 1.6 <= SQL Injection Vulnerability (28.12.2010)
 documentmike_(at)_sitewat.ch, Pligg XSS and SQL Injection (28.12.2010)
 documentmike_(at)_sitewat.ch, Multiple Vulnerabilities in OpenClassifieds 1.7.0.3 (28.12.2010)
 documentMyDoom2009_(at)_gmail.com, Social Engine 4.x (Music Plugin) Arbitrary File Upload Vulnerability (28.12.2010)
 documentHigh-Tech Bridge Security Research, Path disclosure in KaiBB (28.12.2010)
 documentHigh-Tech Bridge Security Research, SQL injection in KaiBB (28.12.2010)
 documentHigh-Tech Bridge Security Research, SQL injection in KaiBB (28.12.2010)
 documentHigh-Tech Bridge Security Research, BBcode XSS in KaiBB (28.12.2010)
 documentMustLive, Многочисленные уязвимости в W-Agora (28.12.2010)
Files:Exploits Multiple Vulnerabilities in OpenClassifieds 1.7.0.3

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod