Computer Security
[EN] securityvulns.ru no-pyccku


Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:26.02.2011
Source:
SecurityVulns ID:11460
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:MAILMAN : mailman 2.1
 PHPSHOP : PHPShop 0.8
 CEWOLF : Cewolf 1.1
 INCA : Inca 2.5
CVE:CVE-2011-0707 (Multiple cross-site scripting (XSS) vulnerabilities in Cgi/confirm.py in GNU Mailman 2.1.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) full name or (2) username field in a confirmation message.)
Original documentdocumentNam Nguyen, [BMSA-2011-01] Insecure secure cookie in web.go (26.02.2011)
 documentMANDRIVA, [ MDVSA-2011:036 ] mailman (26.02.2011)
 documentists_(at)_yehg.net, PHPShop 0.8.1 <= | Cross Site Scripting Vulnerability (26.02.2011)
 documentMustLive, Denial of Service vulnerability in Cewolf (26.02.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod