Computer Security
[EN] securityvulns.ru no-pyccku


Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 08.12.2010
Published:08.12.2010
Source:
SecurityVulns ID:11283
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:PULSECMS : Pulse CMS 1.2
 EXPONENTCMS : Exponent CMS 2.0
CVE:CVE-2010-4330 (Directory traversal vulnerability in includes/controller.php in Pulse CMS Basic before 1.2.9 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the p parameter to index.php.)
Original documentdocumentHigh-Tech Bridge Security Research, LFI in Exponent CMS (08.12.2010)
 documentHigh-Tech Bridge Security Research, LFI in Exponent CMS (08.12.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in Zimplit CMS (08.12.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in Zimplit CMS (08.12.2010)
 documentAliaksandr Hartsuyeu, www.eVuln.com : XSS vulnerability in WWWThreads (php version) (08.12.2010)
 documentAliaksandr Hartsuyeu, [www.eVuln.com] SQL Injection vulnerability in Alguest (08.12.2010)
 documentMark Stanislav, 'Pulse CMS Basic' Local File Inclusion Vulnerability (CVE-2010-4330) (08.12.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod