Информационная безопасность
[RU] switch to English


Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:29 сентября 2006 г.
Источник:
SecurityVulns ID:6664
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, утечка информации и т.д.
Затронутые продукты:LESVISIT : Les Visiteurs 2.0
 POWERPORTAL : PowerPortal 1.3
 UBB : UBB.threads 6.5
 PHPSECUREPAGES : phpSecurePages 0.28
 INVISION : Invision Power Board 2.1
 POSTNUKE : PostNuke 0.762
 PHPROJEKT : PHProjekt 5.1
 ZENCART : Zen Cart 1.3
 REDMORBIN : Red Mombin 0.7
 SAP : SAP ITS 6.1
 SAP : SAP ITS 6.2
 JOOMLA : Joomla gsg Component 1.0
 JOOMLA : Joomla BSQ Sitestats component 1.8
 CONPRESSO : ConPresso CMS 4.0
 FACILEFORMS : FacileForms 1.4
 PHPMYWEBMIN : phpMyWebMin 1.0
 TAGIT : Tagmin Control Center 2.1
Оригинальный текстdocumentD_7J, lesvisit (visiteurs) <= v2.0 (lvc_include_dir) Remote File Include Vulnerability (29.09.2006)
 documentkernel-32_(at)_linuxmail.org, Tagmin C.C 2.1.B Remote File Include (29.09.2006)
 documentkernel-32_(at)_linuxmail.org, PHP MyWebMin 1.0 Remote File Include (29.09.2006)
 documentD_7J, phpsecurepages (cfgProgDir) Remote File Include Vulnerability (29.09.2006)
 documentv1per-hacker_(at)_Whotmail.com, PowerPortal Remote File Include (29.09.2006)
 documentOmid, Sql injection in PostNuke [Admin section] (29.09.2006)
 documentSECUNIA, [SA22125] FacileForms Cross-Site Scripting Vulnerability (29.09.2006)
 documentAesthetico, UBB.threads Multiple input validation error (29.09.2006)
 documentAesthetico, [MajorSecurity Advisory #28]ConPresso CMS - Multiple Cross Site Scripting and SQL Injection Issues (29.09.2006)
 documentSECUNIA, Secunia Research: Joomla BSQ Sitestats Component Multiple Vulnerabilities (29.09.2006)
 documentcrackers child, Joomla gsg Component <= 1.0.4 Remote File Include Vulnerability (29.09.2006)
 documentSam Thomas, [Full-disclosure] SQL Injection in IPB <=2.1.3 (29.09.2006)
 documentStefan Esser, [Full-disclosure] Advisory 06/2006: PHProjekt (Remote) Include Vulnerabilities (29.09.2006)
 documentinfo_(at)_ilionsecurity.ch, SAP Internet Transaction Server XSS vulnerability (29.09.2006)
 documentsecurity_(at)_armorize.com, Multitple XSS Vulnerabilities in Red Mombin 0.7 (29.09.2006)
 documentsecurity_(at)_armorize.com, Multiple XSS Vulnerabilities in Zen Cart 1.3.5 (29.09.2006)
 documentchris_hasibuan_(at)_yahoo.com, SolpotCrew Advisory #14 - phpBB XS 2 spain version (phpbb_root_path) Remote File Inclusion (29.09.2006)
 documentvannovax_(at)_gmail.com, MkPortal UrloBox Increment Zize Desfiguration (29.09.2006)
 documentcrackers child, com_ugbannerspos Remote File Include Vulnerabilities (29.09.2006)
Файлы:VideoDB <= 2.2.1 Remote File Include Exploit
 Exploits Invision Power Board SQL injection

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород