Информационная безопасность
[RU] switch to English


Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:14 июня 2010 г.
Источник:
SecurityVulns ID:10922
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:Plume : Plume CMS 1.2
 MODX : MODx CMS 1.0
 ANECMS : AneCMS 1.3
 BLUEARC : IgnitionSuite 3.0
Оригинальный текстdocumentInj3ct0r.com, Infinity 0-day Denial of Service (14.06.2010)
 documentInj3ct0r.com, ClipBucket AdminPanel edit site Vulnerability (14.06.2010)
 documentPatrick Webster, Paessler - PRTG Traffic Grapher XSS (14.06.2010)
 documentPatrick Webster, Blue Arc Group - IgnitionSuite CMS WebDMailer unsubscribe issue (14.06.2010)
 documentdavid.kurz_(at)_majorsecurity.net, [CORE-2010-0415] SQL Injection in CubeCart PHP Free & Commercial Shopping Cart Application (14.06.2010)
 documentdavid.kurz_(at)_majorsecurity.net, [MajorSecurity SA-070]Plume CMS - change Admin Password via Cross-site Request Forgery (14.06.2010)
 documentdavid.kurz_(at)_majorsecurity.net, [MajorSecurity SA-069]Invision Power Board - stored Cross site Scripting (14.06.2010)
 documentdavid.kurz_(at)_majorsecurity.net, [MajorSecurity SA-068]Anantasoft Gazelle CMS - change admin password via Cross-site Request Forgery (14.06.2010)
 documentx0.root_(at)_gmail.com, Awcm Cms Local File Inclusion Vulnerability (14.06.2010)
 documentdavid.kurz_(at)_majorsecurity.net, [MajorSecurity SA-071]phpFaber CMS - Multiple stored Cross-site Scripting issues (14.06.2010)
 documentdavid.kurz_(at)_majorsecurity.net, [MajorSecurity SA-073]Subdreamer CMS - SQL injection vulnerability (14.06.2010)
 documentHigh-Tech Bridge Security Research, SQL injection vulnerability in MODx CMS and Application Framework (14.06.2010)
 documentHigh-Tech Bridge Security Research, SQL injection vulnerability in AneCMS (14.06.2010)
 documentHigh-Tech Bridge Security Research, SQL injection vulnerability in MODx CMS and Application Framework (14.06.2010)
 documentHigh-Tech Bridge Security Research, Stored XSS vulnerability in AneCMS blog module (14.06.2010)
 documentHigh-Tech Bridge Security Research, SQL injection vulnerability in MODx CMS (14.06.2010)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород