Информационная безопасность
[RU] switch to English


Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:12 сентября 2006 г.
Источник:
SecurityVulns ID:6599
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, утечка информации и т.д.
Затронутые продукты:SIPS : sips 0.2
 POPPER : Popper 1.41
 TIKIWIKI : tikiwiki 1.9
 CNEWS : C-News 1.0
 PHPLINKEXCHANGE : PhpLinkExchange 1.0
 RAIDENHTTPD : RaidenHTTPD 1.1.
 CCLEAGUE : CCleague Pro Sports CMS 1.0
 VIVVO : Vivvo Article Manager 3.2
 SOCKETWIZ : Socketwiz Bookmarks 2.0
 OPENICMS : OPENi-CMS 1.0
 P4CMS : p4CMS 1.05
Оригинальный текстdocumentSHiKaA-_(at)_hotmail.com, p4CMS <= v1.05 (abs_pfad) Remote File Inclusion Exploit (12.09.2006)
 documentSHiKaA-_(at)_hotmail.com, Popper <= v1.41 (form) Remote File Inclusion Exploit (12.09.2006)
 documentSECUNIA, [SA21826] Stefan E. Newsscript Multiple Vulnerabilities (12.09.2006)
 documentbasher13_(at)_linuxmail.org, OPENi-CMS 1.0.1(config) Remote File Inclusion Vulnerability (12.09.2006)
 documentinfo_(at)_kahramanhost.com, phpWordPress (Vivvo Article Manager) (12.09.2006)
 documentinfo_(at)_kahramanhost.com, phpWordPress (Vivvo Article Manager) (12.09.2006)
 documentOmid, Sql injection in Tikiwiki (12.09.2006)
 documentchris_hasibuan_(at)_yahoo.com, SolpotCrew Advisory #8 - Mcgallerypro (path_to_folder) Remote File Inclusion (12.09.2006)
 documentthe.leo.008_(at)_gmail.com, C-News v 1.0.1 < = Multiple Remote File Include Vulnerabilities (12.09.2006)
 documentthe.leo.008_(at)_gmail.com, SIPS v 0.2.2 < = Remote File Include Vulnerability (12.09.2006)
 documentHACKERS PAL, HotPlug CMS Config File Include Vulnerability (12.09.2006)
 documentl0x3_(at)_hotmail.com, PayProCart <= 1146078425 Multiple Remote File Include Vulnerabilities (12.09.2006)
Файлы:HotPlug CMS Config File Include Vulnerability exploit
 Exploits PhpLinkExchange v1.0 RC
 RaidenHTTPD/1.1.49 remote commands execution exploit
 CCleague Pro Sports CMS <= 1.0.1RC1 (Cookie) Remote Code Execution Exploit
 Socketwiz Bookmarks <= 2.0 (root_dir) Remote File Include Exploit
 [email protected] <= 2.0 (skiny) Remote File Include Exploit

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород