Computer Security
[EN] securityvulns.ru no-pyccku


eSoft InstaGate EX2 UTM crossite forgery
Published:15.07.2007
Source:
SecurityVulns ID:7936
Type:remote
Threat Level:
5/10
Description:It's possible to submit the form with configuration data.
Affected:ESOFT : InstaGate EX2
Original documentdocumentCalyptix Advisories, Calyptix Security Advisory CX-2007-05 - eSoft InstaGate EX2 Cross-Site Request Forgery Attack (15.07.2007)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:15.07.2007
Source:
SecurityVulns ID:7937
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:AZDG : AzDG Dating Gold 3.0
 WEBCIT : WebCit 7.11
 PHPARENA : paFileDB 3.6
Original documentdocumentpUm, [Full-disclosure] paFileDB 3.6 (search.php) Remote SQL Injection (15.07.2007)
 documentedi.strosar_(at)_varnostne-novice.com, [Full-disclosure] Element CMS script insertion vulnerability (15.07.2007)
 documentChristopher Schwardt, Session Riding and multiple XSS in WebCit (15.07.2007)
 documentThE [email protected], AzDG Dating Gold v3.0.5 ===> Remote File Include Vulnerability (15.07.2007)

Microsoft Internet Explorer content spoofing
Published:15.07.2007
Source:
SecurityVulns ID:7938
Type:client
Threat Level:
5/10
Description:It's possiblt to emulate navigation to different site by using document.open(), actually stayin in context of previous page.
Affected:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
Original documentdocumentMichal Zalewski, MSIE7 entrapment again (+ FF tidbit) (15.07.2007)

Opera/Konqueror URL spoofing
Published:15.07.2007
Source:
SecurityVulns ID:7939
Type:client
Threat Level:
4/10
Description:By using data: URL it's possible to spoof page location.
Affected:KDE : Konqueror 3.5
 OPERA : Opera 9.21
Original documentdocumentRobert Święcki, Opera/Konqueror: data: URL scheme address bar spoofing (15.07.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod