Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:23.08.2007
Source:
SecurityVulns ID:8085
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:OLATE : Olate Download 3.4
 WORDPRESS : WordPress MultiUser 1.0
 PHPRESS : phpress 0.2
Original documentdocumentcerbelum_(at)_gmail.com, phpress 0.2.0 (adisplay.php) Remote File Inclusion (23.08.2007)
 documentokan alp, myphotographer image shop script /events/index.asp sql injection (23.08.2007)
 documentimei, Olate Download 3.4.2~download.php ~ sql injection (23.08.2007)
 documentimei, Olate Download 3.4.2~modules/core/fldm.php~comments tag [url] XSS (23.08.2007)
 documentimei, Olate Download 3.4.2~modules/core/uim.php~XSS (23.08.2007)
 documentMustLive, Vulnerability in WordPress MultiUser (23.08.2007)
Files:WordPress MultiUser crossite scripting PoC

Asura Game Engine buffer overflow
Published:23.08.2007
Source:
SecurityVulns ID:8086
Type:library
Threat Level:
5/10
Affected:REBELLION : Rogue Trooper 1.0
 REBELLION : Prism: Guard Shield 1.1
Original documentdocumentLuigi Auriemma, Buffer-overflow in the Asura engine (23.08.2007)

Grandstream GXV-3000 SIP Phone eavesdropping
Published:23.08.2007
Source:
SecurityVulns ID:8087
Type:remote
Threat Level:
6/10
Description:It's possible to take the phone off hook without user intervention.
Affected:GRANDSTREAM : GXV-3000
Original documentdocumentRadu State, [Full-disclosure] Remote eavesdropping with SIP Phone GXV-3000 (23.08.2007)
Files:Exploits Remote eavesdropping with SIP Phone GXV-3000

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod