Search:Vulnerability:04.07.2008 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Mercurial version control system unauthroized access
Published: 04.07.2008
Source: BUGTRAQ
SecurityVulns ID: 9129
Type: remote
Level: 5/10
Description: Directory traversal.

CVE: CVE-2008-2942 (Directory traversal vulnerability in patch.py in Mercurial 1.0.1 allows user-assisted attackers to modify arbitrary files via ".." (dot dot) sequences in a patch file.)

Original document RPATH, rPSA-2008-0211-1 mercurial mercurial-hgk (04.07.2008)

Discuss: Read or add your comments to this news (0 comments)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published: 04.07.2008
Source:
SecurityVulns ID: 9128
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. SLAED CMS: CAPTCHA bypass, crossite scripting.

Affected: SLAED : SLAED CMS Lite 2.5
XPOZE : Expoze Photo Store 1.0
1024CMS : 1024 CMS 1.4

Original document Digital Security Research Group [DSecRG], [DSECRG-08-027] Multiple RFI-LFI in 1024 CMS 1.4.3, 1.4.4 RFC (04.07.2008)

Noname Noname, Xpoz SQL-INJECTION, XSS. (04.07.2008)

MustLive, Vulnerabilities in SLAED CMS (04.07.2008)

Discuss: Read or add your comments to this news (0 comments)

WeFi information leak
updated since 04.07.2008
Published: 10.07.2008
Source: BUGTRAQ
SecurityVulns ID: 9130
Type: local
Level: 5/10
Description: Log files are stored in world-readable folder.

Affected: WEFI : WeFi 3.2
WEFI : WeFi 3.3

Original document XiaShing_(at)_gmail.com, Local information disclosure in WeFi Client v3.3.3.0 (10.07.2008)

XiaShing_(at)_gmail.com, Local vulnerability in WeFi Client v3.2.1.4.1(Update) (04.07.2008)

Discuss: Read or add your comments to this news (0 comments)

test server