Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:		11.08.2006
Source:
SecurityVulns ID:		6483
Type:		remote
Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected:		CPGNUKE : Dragonfly CMS 9.0
		MYBLOGGIE : myBloggie 2.1
		VWAR : VWar 1.5
		MAFIAMOBLOG : Mafia Moblog 6
		JOOMLA : Joomla Component Remository 3.25
		IPCHECK : IPCheck Server Monitor 5.3
		TINYWEBGALLERY : TinyWebGallery 1.5
		PHPMYRING : PHPMyRing 4.2

Original document		simo64_(at)_morx.org, PHPMyRing <= 4.2.0 (view_com.php) Remote SQL Injection (11.08.2006)
		outlaw_(at)_aria-security.net, Yabb XSS (11.08.2006)
		x0r0n_(at)_hotmail.com, TinyWebGallery v1.5 ( image ) Remote Include Vulnerability (11.08.2006)
		auuw73_(at)_dsl.pipex.com, Directory Traversal vulnerability in IPCheck Monitor Server (11.08.2006)
		camino_(at)_sexmagnet.com, Mambo/Joomla Component Remository v3.25 (mosConfig_absolute_path) Remote File Inclusion Vulnerability (11.08.2006)
		sh3ll_(at)_sh3ll.ir, Mafia Moblog <= 6 (pathtotemplate) Remote File Inclusion Vulnerability (11.08.2006)
		sh3ll_(at)_sh3ll.ir, myBloggie <= 2.1.3 (mybloggie_root_path) Remote File Inclusion Vulnerability (11.08.2006)
		mfoxhacker_(at)_gmail.com, Comersus ASP shopping cart <= DataBase Downloading vuln (11.08.2006)
		mfoxhacker_(at)_gmail.com, Virtual War v1.5.0 <= Sql Injection vuln (11.08.2006)
		c.boulton_(at)_mybboard.com, XennoBB <= "avatar gallery" Directory Transversal (11.08.2006)
		piiiiiii pppiiiiiiii, Dragonfly CMS 9.0.6.1 and prior XSS (11.08.2006)

Discuss:

Read or add your comments to this news (0 comments)

Netgear FVG318 wireless router with VPN/firewall DoS
Published:		11.08.2006
Source:		BUGTRAQ
SecurityVulns ID:		6485
Type:		remote
Level:		5/10
Description:		Device crash on large number of TCP packets with invalid checksum.

Affected:

NETGEAR : FVG318

Original document

root_(at)_localhost.com, Netgear FVG318 is vunerable to DOS attack (11.08.2006)

Discuss:

Read or add your comments to this news (0 comments)

Multiple SAP Internet Graphics Service security vulnerabilities updated since 11.08.2006
Published:		11.08.2006
Source:		BUGTRAQ
SecurityVulns ID:		6486
Type:		remote
Level:		5/10
Description:		Buffer overflow and DoS conditions on HTTP requests parsing.

Affected:		SAP : Internet Graphics Service 7.00
		SAP : Internet Graphics Service 6.40

Original document		Mariano Nuñez Di Croce, CYBSEC - Security Pre-Advisory: SAP Internet Graphics Service (IGS) Remote Denial of Service (11.08.2006)
		Mariano Nuñez Di Croce, CYBSEC - Security Pre-Advisory: SAP Internet Graphics Service (IGS) Remote Buffer Overflow (11.08.2006)

Discuss:

Read or add your comments to this news (0 comments)

Apache for Windows script source code leak
Published:		11.08.2006
Source:		BUGTRAQ
SecurityVulns ID:		6484
Type:		remote
Level:		5/10
Description:		It's possible to access script code if cgi-bin is within DocumentRoot.

Affected:

APACHE : Apache 2.2

Original document

susam.pal_(at)_gmail.com, CGI Script Source Code Disclosure Vulnerability in Apache for Windows (11.08.2006)

Discuss:

Read or add your comments to this news (0 comments)