Search:Vulnerability:14.04.2006 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 14.04.2006
Published: 14.04.2006
Source:
SecurityVulns ID: 6010
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected: PHPWEBSITE : phpWebSite 0.10
QB : QuickBlogger 1.4
PHPMYADMIN : phpmyadmin 2.7
MYBB : MyBB 1.10
PAJAX : PAJAX 0.5
REVOBOARD : RevoBoard 1.8
SAPHPLESSON : SaphpLesson 2.0
WEBPLUS : Web+Shop 5.3
CENSTORE : Censtore 7.3
QUIZZ : quizz 1.0
RATEIT : RateIt 2.2

Original document SECUNIA, [SA19637] RateIt "rateit_id" SQL Injection Vulnerability (14.04.2006)

SECUNIA, [SA19662] Web+Shop "storeid" Full Path Disclosure Weakness (14.04.2006)

SECUNIA, [SA19626] Aweb Scripts Seller Payment Bypass Security Issue (14.04.2006)

revnic_(at)_gmail.com, TalentSoft Web+Shop Path Disclosure (14.04.2006)

document selfar2002_(at)_hotmail.com, SaphpLesson 2.0 (forumid) Remote SQL Injection Exploit (14.04.2006)

o.y.6_(at)_hotmail.com, MyBB 1.10 New CrossSiteScripting ' member.php ' (14.04.2006)

kr4ch_(at)_web.de, phpMyAdmin 2.7.0-pl1 (14.04.2006)

botan_(at)_linuxmail.org, QuickBlogger v1.4 Cross-Site Scripting (14.04.2006)

document o.y.6_(at)_hotmail.com, MyBB 1.10 New XSS ' member.php ' (14.04.2006)

r0xes.ratm_(at)_gmail.com, RevoBoard [email] tag XSS (14.04.2006)

selfar2002_(at)_hotmail.com, phpWebSite 0.10.? (topics.php) Remote SQL Injection Exploit (14.04.2006)

RedTeam Pentesting, [Full-disclosure] PAJAX Remote Code Injection and File Inclusion Vulnerability (14.04.2006)

Files: Censtore.cgi exploit
PHPWebSite <= 0.10.2 remote cmmnds xctn
Exploits phpWebSite topic SQL-Injection
Exploits SaphpLesson 2.0 SQL-Injection
quizz.p exploit
Discuss: Read or add your comments to this news (0 comments)

Multiple Firefox / Netscape / SeaMonkey vulnerabilities
updated since 14.04.2006
Published: 18.04.2006
Source: SECUNIA
SecurityVulns ID: 6011
Type: client
Level: 8/10
Description: Crossite scripting, memory corruptions, buffer overflows, array overflows, integer overflows. Can be exploited to silently install malware code.

Affected: MOZILLA : Firefox 1.0
NETSCAPE : Netscape 8.1
MOZILLA : Firefox 1.5
MOZILLA : Seamonkey 1.0

Original document CERT, US-CERT Technical Cyber Security Alert TA06-107A -- Mozilla Products Contain Multiple Vulnerabilities (18.04.2006)

ZDI, [Full-disclosure] ZDI-06-009: Mozilla Firefox Tag Parsing Code Execution Vulnerability (17.04.2006)

ZDI, [Full-disclosure] ZDI-06-010: Mozilla Firefox CSS Letter-Spacing Heap Overflow Vulnerability (15.04.2006)

document SECUNIA, [SA19631] Firefox Multiple Vulnerabilities (14.04.2006)

Discuss: Read or add your comments to this news (0 comments)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

test server