Computer Security
[EN] securityvulns.ru no-pyccku


Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:18.01.2011
Source:
SecurityVulns ID:11353
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:SEOPANEL : Seo Panel 2.2
 CONTAO : Contao CMS 2.9
 IBM : Cognos Business Intelligence 8.4
CVE:CVE-2010-4331 (Multiple cross-site scripting (XSS) vulnerabilities in Seo Panel 2.2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) default_news or (2) sponsors cookies, which are not properly handled by (a) controllers/index.ctrl.php or (b) controllers/settings.ctrl.php.)
Original documentdocumentMustLive, Уязвимость в b-cumulus (18.01.2011)
 documentSpala Ferenc, SECURITY ADVISORY IBM Cognos 8 Business Intelligence 8.4.1 (18.01.2011)
 documentdavid.kurz_(at)_majorsecurity.net, [MajorSecurity SA-081]Contao CMS 2.9.2 - Persistent Cross Site Scripting Issue (18.01.2011)
 documentMark Stanislav, 'Seo Panel' Cookie-Rendered Persistent XSS Vulnerability (CVE-2010-4331) (18.01.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod