Computer Security
[EN] securityvulns.ru no-pyccku


Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 11.11.2011
Published:11.11.2011
Source:
SecurityVulns ID:12029
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:MOODLE : moodle 1.9
 POMMO : poMMo 16.1
 VTIGER : VtigerCRM 5.2
 ASHOP : Ahop 5.1
 DOLIBARR : Dolibarr 3.1
 LABWIKI : LabWiki 1.1
 LABSTORE : LabStoRe 1.5
 ORDERSYS : OrderSys 1.6
 OSCSS : osCSS 2.1
 MERETHIS : Centreon 2.3
 MAN2HTML : man2html 1.6
CVE:CVE-2011-2770 (Cross-site scripting (XSS) vulnerability in man2html.cgi.c in man2html 1.6, and possibly other version, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to error messages.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2335-1] man2html security update (11.11.2011)
 documentDEBIAN, [SECURITY] [DSA 2338-1] moodle security update (11.11.2011)
 documentTrustwave Advisories, TWSL2011-017: Multiple Vulnerabilities in Merethis Centreon (11.11.2011)
 documentsschurtz_(at)_t-online.de, osCSS2 "_ID" parameter Local file inclusion (11.11.2011)
 documentmuuratsalo experimental hack lab, OrderSys <= 1.6.4 Sql Injection Vulnerabilities (11.11.2011)
 documentmuuratsalo experimental hack lab, LabStoRe <= 1.5.4 Sql Injection Vulnerabilities (11.11.2011)
 documentmuuratsalo experimental hack lab, LabWiki <= 1.1 Multiple Vulnerabilities (11.11.2011)
 documentsecurity_(at)_infoserve.de, Multiple Cross-Site-Scripting vulnerabilities in Dolibarr 3.1.0 (11.11.2011)
 documentsecurity_(at)_infoserve.de, Multiple security vulnerabilities in AShop (11.11.2011)
 documentMustLive, Новые уязвимости в poMMo (11.11.2011)
 documentHigh-Tech Bridge Security Research, Local file inclusion in VtigerCRM (11.11.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod