Computer Security
[EN] securityvulns.ru no-pyccku


Cisco Content Delivery Engine directory traversal
Published:23.07.2010
Source:
SecurityVulns ID:11012
Type:remote
Threat Level:
6/10
Description:Cisco Internet Streamer directory traversal.
Affected:CISCO : Content Delivery System 2.5
CVE:CVE-2010-1577 (Directory traversal vulnerability in Cisco Internet Streamer, as used in Cisco Content Delivery System (CDS) 2.2.x, 2.3.x, 2.4.x, and 2.5.x before 2.5.7 allows remote attackers to read arbitrary files via a crafted URL.)
Original documentdocumentCISCO, Cisco Security Advisory: CDS Internet Streamer: Web Server Directory Traversal Vulnerability (23.07.2010)

RSA Federated Identity Manager URL redirection
Published:23.07.2010
Source:
SecurityVulns ID:11013
Type:remote
Threat Level:
5/10
Affected:EMC : RSA Federated Identity Manager 4.0
 EMC : RSA Federated Identity Manager 4.1
Original documentdocumentEMC, ESA-2010-011: RSA, The Security Division of EMC, announces a fix for potential security vulnerability in RSAR Federated Identity Manager (23.07.2010)

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 23.07.2010
Published:28.07.2010
Source:
SecurityVulns ID:11011
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:COWIKI : coWiki 0.3
 JOOMLA : Joomla 1.5
 VBULLETIN : vBulletin 3.8
 CETERA : Cetera eCommerce 14.0
 YACK : YACK CMS 10.5
 SPITFIRE : Spitfire 1.0
 NOVELL : Teaming 2.1
 TOUGHTOMATO : TTVideo 1.0
 PHPKIT : PHPKIT WCMS 1.6
 THEETA : Theeta CMS 0.0
 SYNDEOCMS : SyndeoCMS 2.9
 MCCONTENTMANAGER : MC Content Manager 10.1
 WHITEBOARD : WhiteBoard 0.1
 JOOMLA : PhotoMap Gallery 1.6
 JOOMLA : Appointinator 1.0
CVE:CVE-2010-2773
Original documentdocumentSalvatore "drosophila" Fresta, PhotoMap Gallery 1.6.0 Joomla Component Multiple Blind SQL Injection (28.07.2010)
 documentMustLive, New vulnerabilities in Cetera eCommerce (28.07.2010)
 documentSalvatore "drosophila" Fresta, WhiteBoard 0.1.30 Multiple Blind SQL Injection Vulnerabilities (28.07.2010)
 documentMustLive, Multiple vulnerabilities in MC Content Manager (28.07.2010)
 documenteidelweiss randy, DM Filemanager (fckeditor) Remote Arbitrary File Upload Exploit (28.07.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in SyndeoCMS (28.07.2010)
 documentHigh-Tech Bridge Security Research, SQL injection vulnerability in Theeta CMS (28.07.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in SyndeoCMS (28.07.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in Theeta CMS (28.07.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in SyndeoCMS (28.07.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in Theeta CMS (28.07.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in Theeta CMS (28.07.2010)
 documentdavid.kurz_(at)_majorsecurity.net, [MajorSecurity SA-079]PHPKIT WCMS - Multiple stored Cross Site Scripting Issues (28.07.2010)
 documentSalvatore "drosophila" Fresta, TTVideo 1.0 Joomla Component SQL Injection Vulnerability (28.07.2010)
 documentZDI, ZDI-10-136: Novell Teaming ajaxUploadImageFile Remote Code Execution Vulnerability (23.07.2010)
 documentAndrea Barisani, [oCERT-2010-002] Joomla input sanitization errors (XSS) (23.07.2010)
 documentMustLive, SQL Injection vulnerability in coWiki (23.07.2010)
 documentadvisories_(at)_intern0t.net, XSS vulnerability in Spitfire search (23.07.2010)
 documentadvisories_(at)_intern0t.net, XSS vulnerability in Spitfire (23.07.2010)
 documentadvisories_(at)_intern0t.net, XSS vulnerability in Spitfire (23.07.2010)
 documentadvisories_(at)_intern0t.net, XSS vulnerability in Spitfire (23.07.2010)
 documentadvisories_(at)_intern0t.net, XSS vulnerability in Spitfire (23.07.2010)
 documentadvisories_(at)_intern0t.net, vBulletin - Critical Information Disclosure (23.07.2010)
 documenteidelweiss randy, YACK CMS 10.5.27 Remote File Inclusion Vulnerability (23.07.2010)
Files:DM Filemanager (fckeditor) Remote Arbitrary File Upload Exploit

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod