Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:06.06.2006
Source:
SecurityVulns ID:6221
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:CYBOARDS : CyBoards PHP Lite 1.25
 BOOKMARK4U : Bookmark4U 2.0
 ASHOP : A-shop 0.70
 ASPSCRIPTZ : ASPScriptz Guest Book 2.0
 RUMBLE : Rumble 1.02
 LABWIKI : LabWiki 1.0
 KMITAFAQ : Kmita FAQ 1.0
 FUNKBOARD : FunkBoard CF0.71
 NEWSENGINE : NewsEngine 1.5
 DREAMACCOUNT : DREAMACCOUNT 3.1
 DREAMCOST : HostAdmin 3.1
 DMXFORUM : Dmx Forum 2.1
 MYNEWSLETTER : myNewsletter 1.1
Original documentdocumentmac68k_(at)_gmail.com, [Kil13r-SA-20060606] ESTsoft InternetDISK Arbitary Code Execution Vulnerability (06.06.2006)
 documentfarhad koosha, [KAPDA::#47] - myNewsletter 1.1.2 SQL_Injection (06.06.2006)
 documentgmdarkfig_(at)_gmail.com, Dmx Forum <= v2.1a Remote Passwords Disclosure (06.06.2006)
 documentAesthetico, [MajorSecurity #8]DreamAccount <= 3.1 - Remote File Include Vulnerability (06.06.2006)
 documentAesthetico, [MajorSecurity #9]HostAdmin <= 3.1 - Remote File Include Vulnerability (06.06.2006)
 documentajannhwt_(at)_hotmail.com, ewsEngine <= 1.5.0(newscomments.php) Remote SQL Injection Vulnerability (06.06.2006)
 documentluny_(at)_youfucktard.com, Kmita FAQ v1.0 (06.06.2006)
 documentluny_(at)_youfucktard.com, LabWiki v1.0 (06.06.2006)
 documentSpC-x, CyBoards PHP Lite v1.25 (common.PHP) Remote File Inclusion (06.06.2006)
 documenterne_(at)_ernealizm.com, # MHG Security Team ---Rumble 1.02 version Remote File Inc. (06.06.2006)
 documentomnipresent_(at)_email.it, ASPScriptz Guest Book 2.0 Remote XSS (06.06.2006)
 documentselfar2002_(at)_hotmail.com, Bookmark4U Remote File Include (06.06.2006)
 documentomnipresent_(at)_email.it, XSS bug in ASPscriptz.com guestbook (06.06.2006)
 documentBrother Hood, A-shop v0.70 SQL INECTION (06.06.2006)
Files:Dmx Forum <= v2.1a SQL Injection Exploit

Spamassassin spam filtering engine code execution
Published:06.06.2006
Source:
SecurityVulns ID:6222
Type:remote
Threat Level:
7/10
Description:Code execution is possible with malformed message if spamd is executed with options -v and -P.
Affected:APACHE : SpamAssassin 3.1
Original documentdocumentDEBIAN, [Full-disclosure] [SECURITY] [DSA 1090-1] New spamassassin packages fix remote command execution (06.06.2006)

SUN Storage Automated Diagnostic Environment weak permissions
Published:06.06.2006
Source:
SecurityVulns ID:6223
Type:local
Threat Level:
5/10
Affected:SUN : StorADE 2.4
Original documentdocumentSECUNIA, [SA20445] Sun StorADE Privilege Escalation Vulnerability (06.06.2006)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod