Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:18.03.2006
Source:
SecurityVulns ID:5905
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:INVISION : Invision Power Board 2.0
 WSDELUXE : NMDeluxe 1.0
 MYBB : MyBB 1.10
 PHPMYADMIN : phpmyadmin 2.8
Original documentdocumentSECUNIA, [SA19277] phpMyAdmin "set_theme" Cross-Site Scripting (18.03.2006)
 documento.y.6_(at)_hotmail.com, MyBB 1.10 Full Path Disclosure (18.03.2006)
 documentAliaksandr Hartsuyeu, [eVuln] NMDeluxe XSS & SQL Injection Vulnerabilities (18.03.2006)
 documentr00t3rr0r_(at)_gmail.com, Oxynews Sql İnjection (18.03.2006)
 document???? ????, XSS IN Invision Power Board (18.03.2006)

Microsoft Commerce Server authentication bypass
Published:18.03.2006
Source:
SecurityVulns ID:5907
Type:remote
Threat Level:
5/10
Description:It's possible to login with known username without password. Fixed with Service Pack 2.
Affected:MICROSOFT : Commerce Server 2002
Original documentdocumentDimitri, Microsoft Commerce Server 2002: Logon as known user with a false password (18.03.2006)

Multiple Symantec Veritas Backup Exec backup agent vulnerabilities
updated since 18.03.2006
Published:21.03.2006
Source:
SecurityVulns ID:5906
Type:remote
Threat Level:
5/10
Description:DoS, format string vulnerabilities.
Affected:VERITAS : Backup Exec 9.1
 VERITAS : Backup Exec 10.0
 VERITAS : Backup Exec 9.2
 VERITAS : Backup Exec 10.1
Original documentdocumentSYMANTEC, Symantec Security Advisory, SYM06-005 (21.03.2006)
 documentSYMANTEC, Symantec Security Advisory SYM06-004 (18.03.2006)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod