Computer Security
[EN] securityvulns.ru no-pyccku


Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:01.10.2013
Source:
SecurityVulns ID:13286
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:INSTANTSOFT : InstantCMS 1.10
 ROKMICRONEWS : RokMicroNews 1.5
 ROKINTROSCROLLER : RokIntroScroller 1.8
 ROKNEWSPAGER : RokNewsPager 1.17
 ROKSTORIES : RokStories 1.25
 UPLOADIFY : Uploadify v2.1
 PHPIDNACONVERT : PHP IDNA Convert 0.8
 XAMPP : XAMPP 1.8
CVE:CVE-2013-2586 (XAMPP 1.8.1 does not properly restrict access to xampp/lang.php, which allows remote attackers to modify xampp/lang.tmp and execute cross-site scripting (XSS) attacks via the WriteIntoLocalDisk method.)
Original documentdocumentISecAuditors Security Advisories, XAMPP 1.8.1 Local Write Access Vulnerability (01.10.2013)
 documentAlexandro Silva, [IBliss Security Advisory] Cross-site scripting ( XSS ) in PHP IDNA Convert (01.10.2013)
 documentMustLive, AFU, AFD and XSS vulnerabilities in Uploadify (01.10.2013)
 documentMustLive, Multiple vulnerabilities in RokStories for WordPress (01.10.2013)
 documentMustLive, Multiple vulnerabilities in RokNewsPager for WordPress (01.10.2013)
 documentMustLive, XSS and Redirector vulnerabilities in InstantCMS (01.10.2013)
 documentMustLive, Multiple vulnerabilities in RokIntroScroller for WordPress (01.10.2013)
 documentMustLive, Multiple vulnerabilities in RokMicroNews for WordPress (01.10.2013)
 documentMustLive, Multiple vulnerabilities in RokMicroNews for WordPress (01.10.2013)
 documentMustLive, Multiple vulnerabilities in InstantCMS (01.10.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod