Информационная безопасность
[RU] switch to English


Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:5 октября 2006 г.
Источник:
SecurityVulns ID:6683
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, утечка информации и т.д.
Затронутые продукты:INVISION : Invision Gallery 2.0
 INVISION : Invision Power Board 2.1
 TASKJITSU : Taskjitsu 2.0
 JAFCMS : JAF CMS 4.0
 WIKYBLOG : WikyBlog 1.4
 PHPMYTEAM : phpMyTeam 2.0
 PHPCLASSIFIEDS : Php Classifieds 7.1
 PHPBB : phpBB Static Topics 1.0
 PHPBB : phpBB Admin Topic Action Logging Mod 0.95
 KLINZA : Klinza Professional CMS 5.0
 PHPMYPROFILER : phpMyProfiler 0.9
 OPENBIBLIO : OpenBiblio 0.5
 HAMWEATHER : HAMweather 3.9
 DRUPAL : IMCE 4.7 drupal module
 BBACE : BBaCE 5
CVE:CVE-2007-1261 (Unspecified vulnerability in the reports system in OpenBiblio before 0.6.0 allows attackers to gain privileges via unspecified vectors.)
Оригинальный текстdocumentSECUNIA, [SA22137] BBaCE "phpbb_root_path" File Inclusion (05.10.2006)
 documentSECUNIA, [SA22261] Drupal IMCE Module Multiple Vulnerabilities (05.10.2006)
 documentSECUNIA, [SA22242] HAMweather "do_parse_code" Command Injection Vulnerability (05.10.2006)
 documentSECUNIA, [SA22238] OpenBiblio Local File Inclusion and SQL Injection (05.10.2006)
 documentSECUNIA, [SA22257] Taskjitsu "key" SQL Injection Vulnerability (05.10.2006)
 documentmozi, phpMyProfiler Remote File Inclusion Vulnerability (05.10.2006)
 documentThE TiGeR, JAF CMS Remote file include (website) (05.10.2006)
 documentMILW0RM, phpBB Admin Topic Action Logging Mod <= 0.94b File Include Vuln (05.10.2006)
 documentmozi, phpGreetz Remote File Inclusion Vulnerability (05.10.2006)
 documentKw3rLn, phpBB Static Topics <= 1.0 [phpbb_root_path] Remote File Include Vulnerability (05.10.2006)
 documentKzar, PHP Classifieds 7.1 (index.php) Remote SQL Injection Vulnerability (05.10.2006)
 documentMILW0RM, phpMyTeam <= 2.0 (smileys_dir) Remote File Include Vulnerability (05.10.2006)
 documentxp1o_(at)_msn.com, WikyBlog <= v1.4 (WN_BASEDIR) Remote File Inclusion Exploit (05.10.2006)
 documentRapigator, Invision Power Board Multiple Vulnerabilities (05.10.2006)
Файлы:Klinza Professional CMS <= 5.0.1 (show_hlp.php) Remote File Include Exploit
 Invision Gallery => 2.0.7 ReadFile() & SQL injection exploit
 Travelsized CMS <= 0.4 (frontpage.php) Remote File Include Exploit

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород