Computer Security
[EN] securityvulns.ru no-pyccku


Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:05.09.2011
Source:
SecurityVulns ID:11890
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:LEDGERSMB : LedgerSMB 1.2
 SQLLEDGER : SQL-Ledger 2.8
 WORDPRESS : Wordpress redirection pugin 2.2
 FREEHELPDESK : Help Request System 1.1
Original documentdocumentChris Travers, Full disclosure for SA45649, SQL Injection in LedgerSMB and SQL-Ledger (05.09.2011)
 documentEhsan_Hp200_(at)_hotmail.com, Pc Web Agency (prodotto.php?id) Remote SQL injection Vulnerability (05.09.2011)
 documentEhsan_Hp200_(at)_hotmail.com, Mediagrafic (prodotto.asp?id) (records.asp?id_p) Remote SQL injection Vulnerability (05.09.2011)
 documentEhsan_Hp200_(at)_hotmail.com, CWM (dettaglio-prodotto.asp?id) Remote SQL injection Vulnerability (05.09.2011)
 documentEhsan_Hp200_(at)_hotmail.com, Dexanet Remote SQL injection Vulnerability (05.09.2011)
 documentEhsan_Hp200_(at)_hotmail.com, Sana Net (viewnews.php?id) Remote SQL injection Vulnerability (05.09.2011)
 documentEhsan_Hp200_(at)_hotmail.com, Sana Net (viewpages.php?id) Remote SQL injection Vulnerability (05.09.2011)
 documentEhsan_Hp200_(at)_hotmail.com, Fulci (prodotto.php?id) Remote SQL injection Vulnerability (05.09.2011)
 documentEhsan_Hp200_(at)_hotmail.com, Olonet (prodotto.php?idproduct) Remote SQL injection Vulnerability (05.09.2011)
 documentEhsan_Hp200_(at)_hotmail.com, Studio Linea (prodotto.php?id) Remote SQL injection Vulnerability (05.09.2011)
 documentEhsan_Hp200_(at)_hotmail.com, ITTWeb Remote SQL injection Vulnerability (05.09.2011)
 documentEhsan_Hp200_(at)_hotmail.com, ph5gruppo (prodotto.php?id) Remote SQL injection Vulnerability (05.09.2011)
 documentnoreply_(at)_ptsecurity.ru, [PT-2011-19] SQL injection vulnerability in Help Request System (05.09.2011)
 documentHigh-Tech Bridge Security Research, XSS in Redirection wordpress plugin (05.09.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod