Computer Security

Search:Vulnerability:27.12.2010
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 28.12.2010
Published:27.12.2010
Source:
SecurityVulns ID:11324
Type:remote
Level:5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:WAGORA : W-Agora 4.2
 CRUXCMS : CruxCMS 3.0
 WORDPRESS : WordPress 3.0
 DJANGO : django 1.2
 MYBB : MyBB 1.6
 KAIBB : KaiBB 1.0
 OPENCLASSIFIEDS : OpenClassifieds 1.7
 PLIGG : Pligg 1.1
 DJANGO : Django 1.1
 ADMUNCHER : Ad Muncher 4.81
 COPPERMINE : Coppermine 1.5
CVE:CVE-2010-4257 (SQL injection vulnerability in the do_trackbacks function in wp-includes/comment.php in WordPress before 3.0.2 allows remote authenticated users to execute arbitrary SQL commands via the Send Trackbacks field.)
Original documentdocumentnon customers, Pre Jobo .NET "Password" SQL Injection Vulnerability (29.12.2010)
 documentJanek Vind, [waraxe-2010-SA#079] - Reflected XSS in Coppermine 1.5.10 (29.12.2010)
 documentDEBIAN, YEKTAWEB CMS XSS Vulnerability (29.12.2010)
 documentDEBIAN, HotWeb Rentals "PageId" SQL Injection Vulnerability (29.12.2010)
 documentDEBIAN, [SECURITY] [DSA 2138-1] Security update for wordpress (29.12.2010)
 documentProCheckUp Research, PR10-14 Unauthenticated command execution within Mitel's AWC (Mitel Audio and Web Conferencing) (28.12.2010)
 documentMustLive, XSS уязвимость в Ad Muncher (28.12.2010)
 documentAdam Baldwin, Django admin list filter data extraction / leakage (28.12.2010)
 documentinfo_(at)_securitylab.ir, Sigma Portal Denial of Service Vulnerability (28.12.2010)
 documentinfo_(at)_securitylab.ir, Asan Portal (IdehPardaz) Multiple Vulnerabilities (28.12.2010)
 documentJanek Vind, [waraxe-2010-SA#078] - Multiple Vulnerabilities in CruxCMS 3.0.0 (28.12.2010)
 documentYGN Ethical Hacker Group, MyBB 1.6 <= SQL Injection Vulnerability (28.12.2010)
 documentmike_(at)_sitewat.ch, Pligg XSS and SQL Injection (28.12.2010)
 documentmike_(at)_sitewat.ch, Multiple Vulnerabilities in OpenClassifieds 1.7.0.3 (28.12.2010)
 documentMyDoom2009_(at)_gmail.com, Social Engine 4.x (Music Plugin) Arbitrary File Upload Vulnerability (28.12.2010)
 documentadvisory_(at)_htbridge.ch, Path disclosure in KaiBB (28.12.2010)
 documentadvisory_(at)_htbridge.ch, SQL injection in KaiBB (28.12.2010)
 documentadvisory_(at)_htbridge.ch, SQL injection in KaiBB (28.12.2010)
 documentadvisory_(at)_htbridge.ch, BBcode XSS in KaiBB (28.12.2010)
 documentMustLive, Многочисленные уязвимости в W-Agora (28.12.2010)
Files:Exploits Multiple Vulnerabilities in OpenClassifieds 1.7.0.3
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru