Информационная безопасность
[RU] switch to English


Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl )
Опубликовано:23 октября 2006 г.
Источник:
SecurityVulns ID:6742
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, утечка информации и т.д.
Затронутые продукты:PHPNUKE : PHP-Nuke 7.9
 YAPBB : YapBB 1.2
 PHPPOST : PHP-Post 1.01
 MAMBO : MamboWeather Mambo module 1.8
 MAMBO : com_videodb Mambo Componenet 0.3
 MAMBO : com_videodb Mambo Componenet 4.0
 NETDNS : Net_DNS 0.03
 SPEEDBERG : speedberg 1.2
 TAWLER : trawler 1.8
 WSNFORUM : WSN Forum 1.3
 PHPEXPLORER : PH Pexplorer 0.24
 JAXULTRABB : JaxUltraBB 2.0
 EZTICKET : EZ-Ticket 0.0
 EPNADMIN : EPNadmin 0.7
 CASTOR : CASTOR 1.1
 KAWF : kawf 1.0
 LOCI : Local Calendar System 1.1
 PHPAMX : phpamx 0.90
 LOUPORTAIL : Lou Portail 1.4
 WGCC : Web Group Communication Center 0.5
 ABB : Active Bulletin Board 1.1
 SEUECMS : Segue CMS 1.5
 PHPPOWERCARDS : phpPowerCards 2.10
 POWERPHLOGGER : Power Phlogger 2.0
Оригинальный текстdocumentx_w0x, Power Phlogger 2.0.9 Remote|Local File Include Vulnerability (23.10.2006)
 documentnuffsaid, phpPowerCards 2.10 (txt.inc.php) Remote Code Execution Vulnerability (23.10.2006)
 documentnuffsaid, Segue CMS <= 1.5.8 (themesdir) Remote File Include Vulnerability (23.10.2006)
 documentajannhwt_(at)_hotmail.com, Active Bulletin Board v1.1 beta2 (doprofiledit.asp) Remote User Pass Change (23.10.2006)
 documentajannhwt_(at)_hotmail.com, WGCC Beta <= 0.5.6 (quiz.php) Remote SQL InJection Vulnerability (23.10.2006)
 documentmp01010_(at)_yahoo.com, Lou Portail 1.4.1 Remote|Local File Include Vulnerability (23.10.2006)
 documento0xxdark0o_(at)_msn.com, local Calendar System v1.1 (lcUser.php) Remote File Include (23.10.2006)
 documento0xxdark0o_(at)_msn.com, kawf (config) Remote File Include (23.10.2006)
 documentKw3rLn, EPNadmin remote Command Execution Vulnerabilities (23.10.2006)
 documentKw3rLn, CASTOR <= 1.1.1 Remote Command Execution Vulnerability (23.10.2006)
 documentKw3rLn, RSSonate remote Command Execution Vulnerabilities (23.10.2006)
 documentKw3rLn, RSSonate remote Command Execution Vulnerabilities (23.10.2006)
 documentthe master, EZ-Ticket v0.0.1 Remote File Inclusion Vulnerability (23.10.2006)
 documentpaisterist.nst_(at)_gmail.com, PHP-Nuke <= 7.9 (Encyclopedia) Remote SQL Injection Exploit (23.10.2006)
 documentKacper, WSN Forum <= 1.3.4 (pathtoconfig) Remote File Include Exploit / Code Execution Vulnerability (23.10.2006)
 documentKacper, YapBB <= 1.2 Beta2 (yapbb_session.php) Remote File Include Exploit (23.10.2006)
 documentKacper, PHP-Post <= 1.01 (template) Remote Code Execution Exploit (23.10.2006)
 documentKacper, PH Pexplorer <= 0.24 (Cookie/language.php) Remote Code Execution Exploit (23.10.2006)
 documentKacper, JaxUltraBB <= 2.0 (delete.php) Defaced Exploit (23.10.2006)
 documentk1tk4t, trawler <= 1.8.1 Remote File Inclusion (23.10.2006)
 documentk1tk4t, speedberg <= 1.2beta1 Remote File Inclusion (23.10.2006)
 documentDrago84, Net_DNS: Remote File Inclusion by ToXiC CreW (23.10.2006)
 documenth4ntu, Mambo component remote inclusion vulneribility (23.10.2006)
 documenth4ntu, com_videodb Mambo Componenet <= 0.3en Remote Include Vulnerability (23.10.2006)
 documenth4ntu, Another Mambo module remote inclusion vulneribility (23.10.2006)
 documentx0r0n_(at)_hotmail.com, PHP Generator of Object SQL Database (path) Remote File Include Vulnerability (23.10.2006)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород