Информационная безопасность
[RU] switch to English


Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl )
Опубликовано:20 ноября 2006 г.
Источник:
SecurityVulns ID:6845
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, утечка информации и т.д.
Затронутые продукты:ACART : A-Cart 2.0
 ADVANCEDPOLL : Advanced Poll 2.0
 GPHOTOS : GPhotos 1.5
 BLOGCMS : BLOG:CMS 4.1
 VIKINGBOARD : Vikingboard 0.1
 TRAVELSIZEDCMS : travelsized cms 0.4
 OXYGEN : Oxygen 1.1
 ASPNUKE : ASPNuke 0.80
 PHPQUICKGALLERY : PHPQuickGallery 1.9
 PHPWEBTHINGS : phpWebThings 1.5
 PHPEASYDOWNLOAD : PHP Easy Download 1.5
Оригинальный текстdocumentbeks beks beks, Advanced Poll 2.0.7 Remote File Include Vulnerability (20.11.2006)
 documentnuffsaid, phpWebThings 1.5.2 (editor.php) Remote File Include Vulnerability (20.11.2006)
 documentAl7ejaz Hacker, PHPQuickGallery <= 1.9 (textFile) Remote File Include Vulnerability (20.11.2006)
 documentajannhwt_(at)_hotmail.com, ASPNuke <= 0.80 (register.asp) Remote SQL Injection Vulnerability (20.11.2006)
 documentAdvisory_(at)_Aria-Security.net, A-Cart 2.0 SQL Injection (20.11.2006)
 documentAdvisory_(at)_Aria-Security.net, [Aria-Security's Research Team] Texas Rank'em SQL Injection Vulnerabilite (20.11.2006)
 documentbluespy.ok_(at)_gmail.com, PhpBB Module Dimension Remote File Include (20.11.2006)
 documentAdvisory_(at)_Aria-Security.net, [Aria-Security's Research Team] ActiveNews Manager SQL Injection Vulnerabilite (20.11.2006)
 documentkatatafish_(at)_hush.com, BLOG:CMS <= 4.1.3 XSS (20.11.2006)
 documentlaurent gaffié, Vikingboard (0.1.2) [ multiples vulnerability ] (20.11.2006)
 documentpagvacito, Sage cross-context scripting -> LOCAL-CONTEXT SCRIPTING (20.11.2006)
 documentAdvisory_(at)_Aria-Security.net, A-Cart PRO SQL Injection (20.11.2006)
 documentAesthetico, [MajorSecurity Advisory #36]dev4u CMS - Multiple SQL Injection and Cross Site Scripting Issues (20.11.2006)
 documentAesthetico, [MajorSecurity Advisory #35]Travelsized CMS - Multiple Cross Site Scripting Issues (20.11.2006)
Файлы:PhpQuickGallery <= 1.9 Remote File Inclusion Exploit
 Exploits PHP Easy Download <= 1.5 Remote Code Execution Vulnerability
 Exploits Oxygen <= 1.1.3 (O2PHP Bulletin Board) SQL Injection

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород