Computer Security
[EN] securityvulns.ru no-pyccku


Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:17.08.2011
Source:
SecurityVulns ID:11860
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:PHPLIST : phpList 2.10
 WEBSITEBAKER : WebsiteBaker 2.8
 ELGG : Elgg 1.7
 ELGG : Elgg 1.8
 AWIKI : awiki 20100125
 ECHATSERVER : EChat Server 2.5
 WORDPRESS : Fast Secure Contact Form 3.0
 WORDPRESS : WP-Stats-Dashboard 2.6
Original documentdocumentEhsan_Hp200_(at)_hotmail.com, phpWebSite (userpage) Cross Site Scripting Vulnerabilities (17.08.2011)
 documentEhsan_Hp200_(at)_hotmail.com, dpconsulenze (dettaglio.php?id) Remote SQL injection Vulnerability (17.08.2011)
 documentEhsan_Hp200_(at)_hotmail.com, ECHO Creative Company (dettaglio.php?id) Remote SQL injection Vulnerability (17.08.2011)
 documentEhsan_Hp200_(at)_hotmail.com, Muzedon (dettaglio.php?id) Remote SQL injection Vulnerability (17.08.2011)
 documentEhsan_Hp200_(at)_hotmail.com, netplanet (dettaglio.asp?id) Remote SQL injection Vulnerability (17.08.2011)
 documentEhsan_Hp200_(at)_hotmail.com, InYourLife (dettaglio.php?id) (dettaglio_immobile.php?id) (notizia.php?id) Remote SQL injection Vulnerability (17.08.2011)
 documentEhsan_Hp200_(at)_hotmail.com, lab382 (dettaglio.php?id) Remote SQL injection Vulnerability (17.08.2011)
 documentHigh-Tech Bridge Security Research, Multiple XSS in WP-Stats-Dashboard (17.08.2011)
 documentHigh-Tech Bridge Security Research, XSS in Fast Secure Contact Form wordpress plugin (17.08.2011)
 documentrunlvl, INSECT Pro - Exploit EChat Server <= v2.5 20110812 - Remote Buffer Overflow Exploit (17.08.2011)
 documentYGN Ethical Hacker Group, WebsiteBaker 2.8.1 <= Cross Site Request Forgery (CSRF) Vulnerability (17.08.2011)
 documentYGN Ethical Hacker Group, WebsiteBaker 2.8.1 <= Arbitrary File Upload Vulnerability (17.08.2011)
 documentLostmon lords, Calisto light, light plus and full, Sql Injection And user or Admin bypass (17.08.2011)
 documentEhsan_Hp200_(at)_hotmail.com, Neox (categoria.php?id) Remote SQL injection Vulnerability (17.08.2011)
 documentEhsan_Hp200_(at)_hotmail.com, QOLQA (categoria.php?id) Remote SQL injection Vulnerability (17.08.2011)
 documentEhsan_Hp200_(at)_hotmail.com, cdeVision (index.php?page) Remote File Inclusion Vulnerability (17.08.2011)
 documentEhsan_Hp200_(at)_hotmail.com, CdeVision Cross Site Scripting Vulnerabilities (17.08.2011)
 documentEhsan_Hp200_(at)_hotmail.com, PCVmedia (free_gallery.php?cat_id) Remote SQL injection Vulnerability (17.08.2011)
 documentEhsan_Hp200_(at)_hotmail.com, CdeVision(students.php?id) (gallery.php?cat) Remote SQL injection Vulnerability (17.08.2011)
 documentEhsan_Hp200_(at)_hotmail.com, DoodleIT (gallery.php?id) (about.php?id) Remote SQL injection Vulnerability (17.08.2011)
 documentEhsan_Hp200_(at)_hotmail.com, BACKEND (categoria.php?id) Remote SQL injection Vulnerability (17.08.2011)
 documentEhsan_Hp200_(at)_hotmail.com, SAY Comunicacion (producto.php?id) Remote SQL injection Vulnerability (17.08.2011)
 documentmuuratsalo experimental hack lab, awiki 20100125 multiple local file inclusion vulnerabilities (17.08.2011)
 documentcyber netron, The LAD Melbourne Cms Sql Injection Vulnerability (17.08.2011)
 documentLostmon lords, {LostmonÒ‘s Group} Elgg 1.8 beta2 and prior to 1.7.11 'container_guid' and 'owner_guid' SQL Injection (17.08.2011)
 documentDavide Canali, phpList Improper Access Control and Information Leakage vulnerabilities (17.08.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod