Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:21.05.2007
Source:
SecurityVulns ID:7729
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:JETBOX : Jetbox CMS 2.1
 GNATS : Gnatsweb 4.00
 HLSTATS : HLstats 1.35
CVE:CVE-2007-2685 (Multiple SQL injection vulnerabilities in index.php in Jetbox CMS 2.1 allow remote attackers to execute arbitrary SQL commands via the (1) view or (2) login parameter.)
Original documentdocumentsecurityresearch_(at)_netvigilance.com, [Full-disclosure] Jetbox CMS version 2.1 Multiple SQL Injection Vulnerabilities (21.05.2007)
 documentsecurityresearch_(at)_netvigilance.com, [Full-disclosure] Jetbox CMS version 2.1 Multiple Path Disclosure Vulnerabilities (21.05.2007)
 documentCornelius Riemenschneider, [Full-disclosure] SQL-Injection in IP-TRACKING Mod for phpBB2.0.x (21.05.2007)
 documentjohn_(at)_martinelli.com, RedLevel Advisory #017 - HLstats v1.35 Cross-Site Scripting Vulnerability #2 (21.05.2007)
 documentjohn_(at)_martinelli.com, RedLevel Advisory #016 - HLstats v1.35 Cross-Site Scripting Vulnerability (21.05.2007)
 documentr0t, Gnats XSS vuln (21.05.2007)
Files:HLstats v1.35 - Cross-Site Scripting Vulnerability #2

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod