Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:28.07.2007
Source:
SecurityVulns ID:7989
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:BERTHANAS : Berthanas Ziyaretci Defteri 2.0
 SUSKUNDUYGULAR : SuskunDuygular - –¨yelik Sistemi 1
Original documentdocumentAdvisory_(at)_Aria-Security.net, WebEvents: Online Event Registration Template Username Fields SQL INJECTION (28.07.2007)
 documentyollubunlar_(at)_yollubunlar.org, SuskunDuygular - yelik Sistemi v.1 Sql (28.07.2007)
 documenthack2prison_(at)_yahoo.com, phpCoupon Vulnerabilities (28.07.2007)
 documentdarthballsbr_(at)_hotmail.com, PHPBlogger cookie privilege escalation (28.07.2007)
 documentAdvisory_(at)_Aria-Security.net, [email protected] (28.07.2007)
 documentAdvisory_(at)_Aria-Security.net, Message Board / Threaded Discussion Forum SQL INJECTION (28.07.2007)
 documentAdvisory_(at)_Aria-Security.net, Pay Roll - Time Sheet and Punch Card Application With Web Interface SQL Injection (28.07.2007)
 documentAdvisory_(at)_Aria-Security.net, Real Estate listing website application template SQL Injection (28.07.2007)
 documentAdvisory_(at)_Aria-Security.net, WebStore - Online Store Application Template SQL INJECTION (28.07.2007)
 documentyollubunlar_(at)_yollubunlar.org, Berthanas Ziyaretci Defteri v2.0 (tr) Sql (28.07.2007)

Sun Solaris finger information leak
Published:28.07.2007
Source:
SecurityVulns ID:7988
Type:remote
Threat Level:
5/10
Description:Additional accounts unformation is leaked if finger is requested with single digit argument.
Affected:ORACLE : Solaris 8
 SUN : Solaris 7
 ORACLE : Solaris 9
Original documentdocumentJim Mellander, Solaris finger bug (28.07.2007)

PHP glob code execution
Published:28.07.2007
Source:
SecurityVulns ID:7990
Type:library
Threat Level:
6/10
Description:With negative argument values it's possible to executed code from address space controlled by attacker.
Affected:PHP : PHP 5.2
Original documentdocumentshinnai_(at)_autistici.org, PHP 5.2.3 glob() Remote DoS Exploit (28.07.2007)
Files:PHP 5.2.3 glob() DoS Exploit

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod