Websecurity - Веб безпека

В даній добірці експлоіти в веб додатках:

• DirectAdmin <= 1.33.1 Symlink Permission Bypass Vuln (untested) (деталі)
• WeBid 0.7.3 RC9 (upldgallery.php) Remote File Upload Vulnerability (деталі)
• PHPizabi v0.848b C1 HFP1-3 Remote Arbitrary File Upload Exploit (деталі)
• blogplus 1.0 Multiple Local File Inclusion Vulnerabilities (деталі)
• PhotoStand 1.2.0 Remote Command Execution Exploit (деталі)
• Acute Control Panel 1.0.0 (SQL/RFI) Multiple Remote Vulnerabilities (деталі)
• XM Easy Personal FTP Server <= 5.7.0 (NLST) DoS Exploit (деталі)
• Free PHP Petition Signing Script (Auth Bypass) SQL Injection Vuln (деталі)
• Simply Classified 0.2 (category_id) SQL Injection Vulnerability (деталі)
• Arcadwy Arcade Script (username) Static XSS Vulnerability (деталі)
• Moodle < 1.6.9/1.7.7/1.8.9/1.9.5 File Disclosure Vulnerability (деталі)
• My Simple Forum 7.1 (LFI) Remote Command Execution Exploit (деталі)
• glFusion <= 1.1.2 COM_applyFilter()/order SQL Injection Exploit (деталі)
• Arcadwy Arcade Script (Auth Bypass) Insecure Cookie Handling Vuln (деталі)
• iWare CMS 5.0.4 Multiple Remote SQL Injection Vulnerabilities (деталі)

This entry was posted on 16:12 14.10.2009 and is filed under Експлоіти. You can follow any responses to this entry through the RSS 2.0 feed.