Computer Security
[EN] no-pyccku

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 04.10.2011
SecurityVulns ID:11945
Threat Level:
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:PHORUM : Phorum 5.2
 VTIGER : vTiger CRM 5.2
 ELASTIX : Elastix PBX 2.0
 NETVOLUTION : Netvolution 2.5
 SONICWALL : SonicWall Viewpoint 6.0
CVE:CVE-2011-3340 (SQL injection vulnerability in ATCOM Netvolution 2.5.8 ASP allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header.)
Original documentdocumentYGN Ethical Hacker Group, vTiger CRM 5.2.x <= Remote Code Execution Vulnerability (05.10.2011)
 documentYGN Ethical Hacker Group, vTiger CRM 5.2.x <= Multiple Cross Site Scripting Vulnerabilities (04.10.2011)
 documentVulnerability Lab, SonicWall Viewpoint v6.0 SP2 - SQL Injection Vulnerability (04.10.2011)
 documentMustLive, Vulnerability in multiple themes for Drupal (04.10.2011)
 documentsschurtz_(at), Phorum 5.2.18 Cross-site scripting vulnerability (04.10.2011)
 documentDimitris Glynos, Netvolution referer header SQL injection vulnerability (04.10.2011)
 documentBassem Ammar, Elastix PBX Extensions Enumeration (04.10.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod