Computer Security
[EN] no-pyccku

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
SecurityVulns ID:5805
Threat Level:
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:PHPMYCHAT : phpMyChat 0.14
 PHPFUSION : PHP-Fusion 6.0
 PHPNUKE : phpNuke 7.8
 GEEKLOG : geeklog 1.4
 TTS : Time Tracking Software 3.0
 ILCHCLAN : ilchClan 1.0
 CHERRYPY : cherrypy 2.1
 GUESTBOOK : Guestbox 0.6
 BARRACUDA : Barracuda Directory 1.1
 POSTNUKE : PostNuke 0.762
Original documentdocumentSECUNIA, [SA18937] PostNuke Multiple Vulnerabilities (21.02.2006)
 documentSECUNIA, [SA18965] Barracuda Directory Multiple Script Insertion Vulnerabilities (21.02.2006)
 documentSECUNIA, [SA18946] Guestbox Two Vulnerabilities and One Security Issue (21.02.2006)
 documentSECUNIA, [SA18944] CherryPy "staticfilter" Directory Traversal Vulnerability (21.02.2006)
 documentSECUNIA, [SA18949] PHP-Fusion Cross-Site Scripting Vulnerabilities (21.02.2006)
 documentSECUNIA, [SA18951] ilchClan "pid" SQL Injection Vulnerability (21.02.2006)
 documentMustafa Can Bjorn IPEKCI, [Full-disclosure] MiniNuke CMS System all versions (pages.asp) SQL Injection (21.02.2006)
 documentDebasis Mohanty, [Full-disclosure] PHPMyChat Authentication Bypass (21.02.2006)
 documentAliaksandr Hartsuyeu, [eVuln] Time Tracking Software Multiple Vulnerabilities (21.02.2006)
 documentJeiAr, Geeklog Remote Code Execution (21.02.2006)
 documentJanek Vind, [waraxe-2006-SA#046] - Critical sql injection in phpNuke 7.5-7.8 (21.02.2006)

Safe'n'Sec host intrusion prevention system privilege escalation
SecurityVulns ID:5806
Threat Level:
Description:Unsafe CreateProcess() call allows to spoof application.
Affected:STARFORCE : Safe’n’Sec 1.0
 STARFORCE : Safe’n’Sec 1.1
Original documentdocumentThierry Zoller, [TZO-062006] Safe'nVulnerable (21.02.2006)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod