Информационная безопасность
[RU] switch to English


Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
дополнено с 23 июля 2010 г.
Опубликовано:28 июля 2010 г.
Источник:
SecurityVulns ID:11011
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:COWIKI : coWiki 0.3
 JOOMLA : Joomla 1.5
 VBULLETIN : vBulletin 3.8
 CETERA : Cetera eCommerce 14.0
 YACK : YACK CMS 10.5
 SPITFIRE : Spitfire 1.0
 NOVELL : Teaming 2.1
 TOUGHTOMATO : TTVideo 1.0
 PHPKIT : PHPKIT WCMS 1.6
 THEETA : Theeta CMS 0.0
 SYNDEOCMS : SyndeoCMS 2.9
 MCCONTENTMANAGER : MC Content Manager 10.1
 WHITEBOARD : WhiteBoard 0.1
 JOOMLA : PhotoMap Gallery 1.6
 JOOMLA : Appointinator 1.0
CVE:CVE-2010-2773
Оригинальный текстdocumentSalvatore "drosophila" Fresta, PhotoMap Gallery 1.6.0 Joomla Component Multiple Blind SQL Injection (28.07.2010)
 documentMustLive, New vulnerabilities in Cetera eCommerce (28.07.2010)
 documentSalvatore "drosophila" Fresta, WhiteBoard 0.1.30 Multiple Blind SQL Injection Vulnerabilities (28.07.2010)
 documentMustLive, Multiple vulnerabilities in MC Content Manager (28.07.2010)
 documenteidelweiss randy, DM Filemanager (fckeditor) Remote Arbitrary File Upload Exploit (28.07.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in SyndeoCMS (28.07.2010)
 documentHigh-Tech Bridge Security Research, SQL injection vulnerability in Theeta CMS (28.07.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in SyndeoCMS (28.07.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in Theeta CMS (28.07.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in SyndeoCMS (28.07.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in Theeta CMS (28.07.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in Theeta CMS (28.07.2010)
 documentdavid.kurz_(at)_majorsecurity.net, [MajorSecurity SA-079]PHPKIT WCMS - Multiple stored Cross Site Scripting Issues (28.07.2010)
 documentSalvatore "drosophila" Fresta, TTVideo 1.0 Joomla Component SQL Injection Vulnerability (28.07.2010)
 documentZDI, ZDI-10-136: Novell Teaming ajaxUploadImageFile Remote Code Execution Vulnerability (23.07.2010)
 documentAndrea Barisani, [oCERT-2010-002] Joomla input sanitization errors (XSS) (23.07.2010)
 documentMustLive, SQL Injection vulnerability in coWiki (23.07.2010)
 documentadvisories_(at)_intern0t.net, XSS vulnerability in Spitfire search (23.07.2010)
 documentadvisories_(at)_intern0t.net, XSS vulnerability in Spitfire (23.07.2010)
 documentadvisories_(at)_intern0t.net, XSS vulnerability in Spitfire (23.07.2010)
 documentadvisories_(at)_intern0t.net, XSS vulnerability in Spitfire (23.07.2010)
 documentadvisories_(at)_intern0t.net, XSS vulnerability in Spitfire (23.07.2010)
 documentadvisories_(at)_intern0t.net, vBulletin - Critical Information Disclosure (23.07.2010)
 documenteidelweiss randy, YACK CMS 10.5.27 Remote File Inclusion Vulnerability (23.07.2010)
Файлы:DM Filemanager (fckeditor) Remote Arbitrary File Upload Exploit

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород