Информационная безопасность
[RU] switch to English


Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:28 сентября 2006 г.
Источник:
SecurityVulns ID:6655
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, утечка информации и т.д.
Затронутые продукты:OPTIAL : Opial Audio/Video Download Management 1.0
 COMDEV : Comdev Events Calendar 3.1
 COMDEV : Comdev Newsletter 3.1
 COMDEV : Comdev FAQ Support 3.1
 COMDEV : Comdev Guestbook 3.1
 COMDEV : Comdev eCommerce 3.1
 COMDEV : Comdev CSV Importer 3.1
 COMDEV : Comdev Web Blogger 3.1
 COMDEV : Comdev Customer Helpdesk 3.1
 COMDEV : Comdev Vote Caster 3.1
 COMDEV : Comdev Contact Form 3.1
 COMDEV : Comdev News Publisher 3.1
 COMDEV : Comdev Photo Gallery 3.1
 COMDEV : Comdev Links Directory 3.1
 VIRTUEMART : VirtueMart Joomla eCommerce Edition 1.0
 ABLOG : A-Blog 2.0
 NEWSWRITER : Newswriter SW 1.42
 KIETU : Kietu 4.0
 EYEOS : eyeOS 0.9
 PABUGS : psBugs 2.0
CVE:CVE-2007-1096 (Cross-site scripting (XSS) vulnerability in ps_cart.php in VirtueMart before 20070116 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this issue might overlap CVE-2007-0376.)
 CVE-2007-0376 (Cross-site scripting (XSS) vulnerability in Virtuemart 1.0.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
Оригинальный текстdocumentSECUNIA, [SA22122] PhotoStore Cross-Site Scripting Vulnerabilities (28.09.2006)
 documentSECUNIA, [SA22092] Opial Audio/Video Download Management Cross-Site Scripting (28.09.2006)
 documentSECUNIA, [SA22117] eyeOS Cross-Site Scripting Vulnerabilities (28.09.2006)
 documentD_7J, Kietu? <= v4.0.0b2z (url_hit) Remote File Inclusion Exploit (28.09.2006)
 documentco-type_(at)_hotmail.com, Newswriter SW <= 1.42 (NWCONF_SYSTEM[server_path]) Remote File Inclusion Vulnerability (28.09.2006)
 documentv1per-haCker, A-Blog v2.0 Remote File Include (28.09.2006)
 documentifx_(at)_cupu.us, bug com_madeira (28.09.2006)
 documentBase64, VirtueMart Joomla eCommerce Edition CMS Multiple XSS Vulnerabilities (28.09.2006)
 documentstormhacker_(at)_hotmail.com, net2ftp: a web based FTP client :) <= Remote File Inclusion (28.09.2006)
 documentvannovax_(at)_gmail.com, MkPortal Cross Site Scripting (All versions) xSS (28.09.2006)
 documentstormhacker_(at)_hotmail.com, PHPSelect Web Development Division <= Remote File Inclusion (28.09.2006)
 documentstormhacker_(at)_hotmail.com, Comdev Newsletter 3.1 :) <= Remote File Inclusion (28.09.2006)
 documentstormhacker_(at)_hotmail.com, Comdev FAQ Support 3.1 :) <= Remote File Inclusion (28.09.2006)
 documentstormhacker_(at)_hotmail.com, Comdev Guestbook 3.1 :) <= Remote File Inclusion (28.09.2006)
 documentstormhacker_(at)_hotmail.com, Comdev eCommerce 3.1 :) <= Remote File Inclusion (28.09.2006)
 documentstormhacker_(at)_hotmail.com, Comdev CSV Importer 3.1 :) <= Remote File Inclusion (28.09.2006)
 documentstormhacker_(at)_hotmail.com, Comdev Web Blogger 3.1 :) <= Remote File Inclusion (28.09.2006)
 documentstormhacker_(at)_hotmail.com, Comdev Customer Helpdesk 3.1 :) <= Remote File Inclusion (28.09.2006)
 documentstormhacker_(at)_hotmail.com, Comdev Vote Caster 3.1 :) <= Remote File Inclusion (28.09.2006)
 documentstormhacker_(at)_hotmail.com, Comdev Contact Form 3.1 :) <= Remote File Inclusion (28.09.2006)
 documentstormhacker_(at)_hotmail.com, Comdev News Publisher 3.1 :) <= Remote File Inclusion (28.09.2006)
 documentstormhacker_(at)_hotmail.com, Comdev Photo Gallery 3.1 :) <= Remote File Inclusion (28.09.2006)
 documentstormhacker_(at)_hotmail.com, Comdev Links Directory 3.1 :) <= Remote File Inclusion (28.09.2006)
 documentstormhacker_(at)_hotmail.com, Comdev Events Calendar 3.1 :) <= Remote File Inclusion (28.09.2006)
Файлы:Newswriter SW v1.4.2 Remote File Include Exploit
 paBugs <= 2.0 Beta 3 Remote File Include Exploit
 Blog Pixel Motion V2.1.1 PHP Code Execution / Create Admin Exploit

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород