Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:		25.11.2007
Source:
SecurityVulns ID:		8374
Type:		remote
Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Math Comment Spam Protection: CAPTCHA bypass

Affected:		RADIOTOOLBOX : Mp3 ToolBox 1.0
		BITCOMET : Bitcomet Resource Browser 1.1
		COOLSHOT : CoolShot E-Lite 1.0
		PBLANG : PBLang 4.99
		VBTUBE : vBTube 1.1
		SCRIPT4SALE : Amber Script 1.0
		NETAUCTIONHELP : NetAuctionHelp Classified Ads 1.0

Original document		no-reply_(at)_aria-security.net, NetAuctionHelp Classified Ads v1.0 SQL Injection (25.11.2007)
		cybermilitan_(at)_hotmail.com, vBTube v1.1 - Beta ( Vbulletin Tube) Xss Vulnerable (25.11.2007)
		kingoftheworld92_(at)_fastwebnet.it, PBLang <= 4.99.17.q Remote File Rewriting / Remote Command Execution (25.11.2007)
		no-reply_(at)_aria-security.net, Aria-Security.net: CoolShot E-Lite POS 1.0 (25.11.2007)
		jplopezy_(at)_gmail.com, Bitcomet Resource Browser v1.1 XSS (25.11.2007)
		cybermilitan_(at)_hotmail.com, Mp3 ToolBox 1.0 beta 5 Remote File İnclude Vulnerability (25.11.2007)
		MustLive, MoBiC-23: Math Comment Spam Protection CAPTCHA bypass (25.11.2007)

Discuss:

Read or add your comments to this news (0 comments)

Cygwin Windows POSIX emulation libraries buffer overflow
Published:		25.11.2007
Source:		BUGTRAQ
SecurityVulns ID:		8375
Type:		library
Level:		6/10
Description:		Buffer overflow on oversized filename.

Affected:

REDHAT : Cygwin 1.5

Original document

ISecAuditors Security Advisories, [ISecAuditors Security Advisories] Cygwin buffer overflow due incorrect filename length check (25.11.2007)

Discuss:

Read or add your comments to this news (0 comments)