Computer Security
[EN] securityvulns.ru no-pyccku


Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:19.04.2011
Source:
SecurityVulns ID:11601
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:WEBSPELL : webSPELL 4.2
 INTERRA : InTerra Blog Machine 1.84
 TIMTHUMB : TimThumb 1.24
 PROFPROJECTS : Universal Post Manager 1.0
 DALBUM : Dalbum 1.43
 WORDPRESS : SocialGrid 2.3
 WORDPRESS : WP-StarsRateBox 1.1
 OCOMON : Ocomon 2.6
 CPASSMAN : Collaborative Passwords Manager 1.82
Original documentdocumentEwerson Guimarгes (Crash) - Dclabs, [DCA-2011-0011] - Ocomon Multiple SQL Injection (19.04.2011)
 documentMustLive, Уязвимости во многих темах для ExpressionEngine (19.04.2011)
 documentHigh-Tech Bridge Security Research, HTB22939: Multiple SQL Injection in Universal Post Manager wordpress plugin (19.04.2011)
 documentHigh-Tech Bridge Security Research, HTB22943: XSS in Dalbum (19.04.2011)
 documentHigh-Tech Bridge Security Research, HTB22934: SQL Injection in WP-StarsRateBox wordpress plugin (19.04.2011)
 documentHigh-Tech Bridge Security Research, HTB22932: Multiple XSS in webSPELL (19.04.2011)
 documentHigh-Tech Bridge Security Research, HTB22933: Multiple Path disclosure in webSPELL (19.04.2011)
 documentHigh-Tech Bridge Security Research, HTB22935: Multiple XSS in WP-StarsRateBox wordpress plugin (19.04.2011)
 documentHigh-Tech Bridge Security Research, HTB22940: XSS in SocialGrid wordpress plugin (19.04.2011)
 documentHigh-Tech Bridge Security Research, HTB22941: CSRF (Cross-Site Request Forgery) in Dalbum (19.04.2011)
 documentHigh-Tech Bridge Security Research, HTB22942: Path disclousure in Dalbum (19.04.2011)
 documentHigh-Tech Bridge Security Research, HTB22937: Path disclosure in Universal Post Manager wordpress plugin (19.04.2011)
 documentHigh-Tech Bridge Security Research, HTB22938: Multiple XSS in Universal Post Manager wordpress plugin (19.04.2011)
 documentHigh-Tech Bridge Security Research, HTB22931: XSS vulnerability in InTerra Blog Machine (19.04.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod