 |
|
|
|
| Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) | | Published: |  | 31.10.2006 | | Source: |  | | | SecurityVulns ID: |  | 6755 | | Type: |  | remote | | Level: |  | 5/10 | | Description: |  | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
| Affected: |  | PUNBB : PunBB 1.2 | | | | ENM : easy notes manager 0.0 | | | | PHPSWS : Simple Website Software 0.99 | | | | PHPEASYDATAPRO : PHPEasyData Pro 1.4 | | | | PHPEASYDATAPRO : PHPEasyData Pro 2.2 | | | | NUCLEUSCMS : Nucleus Core 3.23 | | | | QNECMS : QnECMS 2.5 | | | | OPENDOCMAN : OpenDocMan 1.2 | | | | BCWB : Bcwb 2.5 | | | | WPPHPLIST : WP-PHPList 2.10 | | | | PHPTREEVIEW : php treeview 4838 | | | | BLUESHOES : blueshoes filemanager 4.6 | | | | JAMROOM : jamroom 3.0 | | | | HITWEB : HITWEB 4.1 | | | | PBOOK : P-Book 1.17 | | | | GEPI : gepi 1.4 |
| Original document |  | MILW0RM, GEPI <= 1.4.0 gestion/savebackup.php Remote File Include Vulnerability (31.10.2006) |
| | | matdhule_(at)_gmail.com, [ECHO_ADV_56$2006] P-Book <= 1.17 (pb_lang) Remote File Inclusion (31.10.2006) |
| | | x_w0x, HITWEB Remote File Include (31.10.2006) |
| | | x_w0x, Clanlite Remote File Include (31.10.2006) |
| | | x_w0x, jamroom Remote File Include (31.10.2006) |
| | | x_w0x, New Vunerability (31.10.2006) |
| | | x_w0x, New Vunerability (31.10.2006) |
| | | Prince Islam, Remote File Include (31.10.2006) |
| | | MustLive, Cross-Site Scripting в WP-PHPList (31.10.2006) |
| | | firewall1954_(at)_hotmail.com, Multiple Remote File Include (31.10.2006) |
| | | k1tk4t_(at)_newhack.org, opendocman <= 1.2p3 Bypass admin/user Login (31.10.2006) |
| | | erdc_(at)_echo.or.id, [ECHO_ADV_53$2006] QnECMS <= 2.5.6 (adminfolderpath) Remote File Inclusion Vulnerability (31.10.2006) |
| | | Nms, Punbb <= 1.2.13 Multiple Vulnerabilities (31.10.2006) |
| | | firewall1954_(at)_hotmail.com, Nucleus Core v3.23 - Remote File Include (31.10.2006) |
| | | ajannhwt_(at)_hotmail.com, PHPEasyData Pro 2.2.1 (index.php) Remote SQL Injection Vulnerability (31.10.2006) |
| | | ajannhwt_(at)_hotmail.com, PHPEasyData Pro 1.4.1 (index.php) Remote SQL Injection Vulnerability (31.10.2006) |
| | | cw.cybersecurity_(at)_gmail.com, Simple Website Software v0.99 (common.php) Remote File Include (31.10.2006) |
| | | Aesthetico, [MajorSecurity Advisory #29]foresite CMS - Cross Site Scripting Issue (31.10.2006) |
| | | poplix_(at)_papuasia.org, easy notes manager sql injection and authentication bypass (31.10.2006) |
| | | MoHaNdKo, freenews---> fileinclude (31.10.2006) |
| | | almaster_(at)_hotmail.com, SQL in WebWizForum by almaster hacker (31.10.2006) |
| Easy File Sharing Web Server protection bypass | | Published: | | 31.10.2006 | | Source: | | MILW0RM | | SecurityVulns ID: | | 6756 | | Type: | | remote | | Level: | | 6/10 | | Description: | | By using alternative NTFS-streams it's possible to retrieve protected data, including accounts and passwords. |
|
|
|
|
|
| |
|
| |
