Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:20.02.2006
Source:
SecurityVulns ID:5799
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:EXBB : ExBB 1.9
 E107 : e107 0.7
 COPPERMINE : Coppermine Photo Gallery 1.4
 RCBLOG : RCBlog 1.0
 ADODB : ADOdb 4.71
 PHPNUKE : phpNuke 7.9
 WEBPAGECITY : WPC.easy
 BXCP : BXCP 0.2
 ADMBOOK : Admbook 1.2
 REAMDAYSOFT : Magic Calendar Lite 1.02
Original documentdocumentAliaksandr Hartsuyeu, [eVuln] Magic Calendar Lite Authentication Bypass (20.02.2006)
 documentАлексей Кулаев, Уязвимость в форуме ExBB (20.02.2006)
 documentSECUNIA, [SA18930] Admbook "X-Forwarded-For" PHP Code Injection (20.02.2006)
 documentSECUNIA, [SA18945] WPCeasy Admin Logon SQL Injection Vulnerability (20.02.2006)
 documentSECUNIA, [SA18929] BXCP "tid" SQL Injection Vulnerability (20.02.2006)
 documentbotan_(at)_linuxmail.org, Tasarim Rehberi Index.PHP Remote Command Exucetion (20.02.2006)
 documentssteam.pl_(at)_gmail.com, e107 CMS 0.7.2 Chatbox plugin XSS vulnerability (20.02.2006)
 documentrgod_(at)_autistici.org, Coppermine Photo Gallery <=1.4.3 remote code execution (20.02.2006)
 documentmurfie_(at)_gmail.com, SLQ Injection vulnerability in WPCeasy (20.02.2006)
 documentJanek Vind, [waraxe-2006-SA#045] - Bypassing CAPTCHA in phpNuke 6.x-7.9 (20.02.2006)
 documentJeiAr, ADOdb Library Cross Site Scripting (20.02.2006)
 documentHessam Salehi, RCblog exploit [fun] (20.02.2006)
Files:RCBlog 1.0.3 / 1.0.2 exploit

NJStar text processor buffer overflow
Published:20.02.2006
Source:
SecurityVulns ID:5800
Type:client
Threat Level:
5/10
Description:Buffer overflow on oversized font name.
Affected:NJSTAR : NJStar 5.01
Original documentdocumentSECUNIA, [SA18702] NJStar Word Processor Font Name Buffer Overflow (20.02.2006)

Multiple Xerox WorkCentre vulnerabilities
Published:20.02.2006
Source:
SecurityVulns ID:5801
Type:remote
Threat Level:
5/10
Description:Unauthorized access, DoS, crossite scripting, protection bypass.
Affected:XEROX : WorkCentre 232
 XEROX : WorkCentre 238
 XEROX : WorkCentre 245
 XEROX : WorkCentre 255
 XEROX : WorkCentre 265
 XEROX : WorkCentre 275
Original documentdocumentSECUNIA, [SA18952] Xerox ESS/ Network Controller and MicroServer Vulnerabilities (20.02.2006)

EmuLinker NetPlay emulation DoS
Published:20.02.2006
Source:
SecurityVulns ID:5802
Type:remote
Threat Level:
5/10
Affected:EMULINKER : EmuLinker 0.99
Original documentdocumentSECUNIA, [SA18938] EmuLinker Packet Handling Denial of Service Vulnerability (20.02.2006)

Multiple Fedora Directory Server security vulnerabilities
Published:20.02.2006
Source:
SecurityVulns ID:5803
Type:remote
Threat Level:
5/10
Description:Administration password is exposed through HTML page, DoS with LDAP.
Affected:REDHAT : Fedora Directory Server 1.0
Original documentdocumentSECUNIA, [SA18960] Fedora Directory Server LDAP Denial of Service Vulnerabilities (20.02.2006)
 documentSECUNIA, [SA18939] Fedora Directory Server Admin Server Password Disclosure (20.02.2006)

tin news reader buffer overflow
Published:20.02.2006
Source:
SecurityVulns ID:5804
Type:client
Threat Level:
5/10
Description:Off-by-one buffer overflow.
Affected:TIN : tin 1.6
 TIN : tin 1.8
Original documentdocumentOPENPKG, [OpenPKG-SA-2006.005] OpenPKG Security Advisory (tin) (20.02.2006)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod