Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:		23.08.2007
Source:
SecurityVulns ID:		8085
Type:		remote
Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected:		OLATE : Olate Download 3.4
		WORDPRESS : WordPress MultiUser 1.0
		PHPRESS : phpress 0.2

Original document		cerbelum_(at)_gmail.com, phpress 0.2.0 (adisplay.php) Remote File Inclusion (23.08.2007)
		okan alp, myphotographer image shop script /events/index.asp sql injection (23.08.2007)
		imei, Olate Download 3.4.2~download.php ~ sql injection (23.08.2007)
		imei, Olate Download 3.4.2~modules/core/fldm.php~comments tag [url] XSS (23.08.2007)
		imei, Olate Download 3.4.2~modules/core/uim.php~XSS (23.08.2007)
		MustLive, Vulnerability in WordPress MultiUser (23.08.2007)

Files:		WordPress MultiUser crossite scripting PoC
Discuss:		Read or add your comments to this news (0 comments)

Asura Game Engine buffer overflow
Published:		23.08.2007
Source:		BUGTRAQ
SecurityVulns ID:		8086
Type:		library
Level:		5/10

Affected:		REBELLION : Rogue Trooper 1.0
		REBELLION : Prism: Guard Shield 1.1

Original document

Luigi Auriemma, Buffer-overflow in the Asura engine (23.08.2007)

Discuss:

Read or add your comments to this news (0 comments)

Grandstream GXV-3000 SIP Phone eavesdropping
Published:		23.08.2007
Source:		BUGTRAQ
SecurityVulns ID:		8087
Type:		remote
Level:		6/10
Description:		It's possible to take the phone off hook without user intervention.

Affected:

GRANDSTREAM : GXV-3000

Original document

Radu State, [Full-disclosure] Remote eavesdropping with SIP Phone GXV-3000 (23.08.2007)

Files:		Exploits Remote eavesdropping with SIP Phone GXV-3000
Discuss:		Read or add your comments to this news (0 comments)