Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:19.11.2008
Source:
SecurityVulns ID:9436
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Webglimpse: crossite scripting. CimWebCenter: crossite scripting.
Affected:VBULLETIN : vBulletin 3.7
 PLUKCMS : Pluck CMS 4.5
 CIMWEBCENTER : CimWebCenter 4.0
 WEBGLIMPSE : Webglimpse 2.18
Original documentdocumentJanek Vind, [waraxe-2008-SA#068] - Sql Injection in vBulletin 3.7.3.pl1 (19.11.2008)
 documentJanek Vind, [waraxe-2008-SA#069] - Multiple Sql Injection in vBulletin 3.7.4 (19.11.2008)
 documentJanek Vind, [waraxe-2008-SA#069] - Multiple Sql Injection in vBulletin 3.7.4 (19.11.2008)
 documentmd.r00t.defacer_(at)_gmail.com, Kimson cms cross site scripting vulnerability (19.11.2008)
 documentDigital Security Research Group [DSecRG], [DSECRG-08-039] Local File Include Vulnerability in Pluck CMS 4.5.3 (19.11.2008)
 documentMustLive, Cross-Site Scripting vulnerabilities in CimWebCenter (19.11.2008)
 documentMustLive, Cross-Site Scripting vulnerabilities in Webglimpse (19.11.2008)

Opera buffer overflow
Published:19.11.2008
Source:
SecurityVulns ID:9437
Type:local
Threat Level:
4/10
Description:Buffer overflow on oversized file:// URI.
Affected:OPERA : Opera 9.62
Original documentdocumentsend9_(at)_chiseclabs.com, Opera 9.6x file:// overflow (19.11.2008)
Files:Exploits Opera file:// Overflow

Exodus unuahorized files access
Published:19.11.2008
Source:
SecurityVulns ID:9438
Type:client
Threat Level:
5/10
Description:It's possible to inject command argument via im:// URI.
Affected:EXODUS : Exodus 0.10
Original documentdocumentPyrokinesis_(at)_nospam.it, Exodus v0.10 uri handler arbitrary parameter injection (19.11.2008)

Deutsche Telekom banking software multiple security vulnerabilities
Published:19.11.2008
Source:
SecurityVulns ID:9439
Type:m-i-t-m
Threat Level:
5/10
Description:Outdated vulnerable versions of open source libraries are used.
Original documentdocumentStefan Kanthak, Outdated and vulnerable OpenSource libraries used in "Deutsche Telekom" home banking software (19.11.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod